OpenWrt Forum Archive

Topic: [TL-WR1043ND v2/TL-WR841N] Extra VLANs renders LAN inoperable

The content of this topic has been archived on 7 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

I am trying to set up a separate VLAN for a guest network (with a TL-WR841N as a second AP). Now on my WNDR3700 (which has a Realtek switch) the CPU is tagged by default, but on these TP-Link devices, it's not.

Default config on the TL-WR1043ND v2 (15.05 RC1):

config switch
    option name 'switch0'
    option reset '1'
    option enable_vlan '1'
    option mirror_source_port '0'
    option mirror_monitor_port '0'

config switch_vlan                    
        option device 'switch0'       
        option vlan '1'               
        option ports '0 1 2 3 4'  

config switch_vlan                    
        option device 'switch0'       
        option vlan '2'               
        option ports '5 6'           

   

Since the CPU needs to be in every VLAN afaik, and a port in more than one VLAN should be tagged, this is what should be working:

config switch_vlan                    
        option device 'switch0'       
        option vlan '1'               
        option ports '0t 1 2 3 4t'  
                                                                
config switch_vlan                   
       option device 'switch0'       
       option vlan '2'          
       option ports '0t 4t'  

config switch_vlan                    
        option device 'switch0'       
        option vlan '3'               
        option ports '5 6'         

As soon as I apply this, I cannot connect to the router anymore over the LAN (no ping, no nothing). Wireless still works though.

On the TL-WR841N, I have a similar problem. It seems they use the same (or a similar) switch, the AR8327N, however, the WR841N is running 14.07. The default VLAN looks identical:

config switch_vlan
    option device 'switch0'
    option vlan '1'
    option ports '0 1 2 3 4'

After adding an extra VLAN (and tagging the CPU and the shared port in both VLANs), LAN connectivity disappears. I cannot reach the device anymore except for the port part of the additional VLAN. All the other ports stop responding. Wireless seems to work (the TL-WR841N has no DHCP-server anymore and I didn't try with a static IP over wireless).

Likewise, when one (or both) the devices have an extra VLAN defined, I cannot ping from one to the other. I have tried restarting the network (/etc/init.d/network restart) or powercycling multiple times to test (you know how Einstein said only a fool tries something more than once expecting a different result...).

Would be very grateful if anyone knows how to fix this.

(Last edited by Borromini on 23 May 2015, 16:36)

Anyone?

Do I need to change the existing LAN entry to point to the .1 interface maybe when I add a second VLAN?

I believe that the issue is caused by the fact that you tagged the cpu port ( port 0 ) without change the br-lan config.
The br-lan by default is bridged to eth1 and now needed to be bridged to eth1.1 . Without this the traffic incomming from lan is always tagged by port 0 and goes nowhere.

http://wiki.openwrt.org/toh/tp-link/tl-wr1043nd

(Last edited by zhadoom on 24 May 2015, 22:28)

Thanks, that makes sense, seeing as the WNDR3700's LAN is on eth0.1 and the CPU is already tagged in that case.

The discussion might have continued from here.