OpenWrt Forum Archive

Topic: Help with VLAN configuration on Marvel 88E6341 switch with OpenWRT

The content of this topic has been archived on 6 May 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
sjose
21 Jun 2017, 19:38

I have an ESPRESSObin board with Marvel 88E6341 switch and OpenWRT running on it.
My goal is to configure the two LAN ports on it as access ports belonging to two different VLANs.
Here is the the /etc/config/network file that I tried using - 

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config interface 'wan'
        option proto 'dhcp'
        option ifname 'wan'

config 'switch' 'eth0'
        option 'enable' '1'
        option 'enable_vlan' '1'
        option 'reset' '1'

config 'switch_vlan'
        option 'vlan' '2'
        option 'device' 'eth0'
        option 'ports' '2 5t'

config 'switch_vlan'
        option 'vlan' '3'
        option 'device' 'eth0'
        option 'ports' '1 5t'

config 'switch_port'
        option 'port' '1'
        option 'pvid' '3'

config 'interface' 'lan0'
        option 'ifname' 'eth0.2'
        option 'proto' 'static'
        option 'ipaddr' '192.168.22.1'
        option 'netmask' '255.255.255.0'

config 'interface' 'lan1'
        option 'ifname' 'eth0.3'
        option 'proto' 'static'
        option 'ipaddr' '192.168.24.1'
        option 'netmask' '255.255.255.0'

I am unable to ping the LAN ports with this configuration.
What could I be missing here? Also how can I verify if the packets are getting internally tagged?

(Last edited by sjose on 21 Jun 2017, 22:10)

Post #2
Antek
22 Jun 2017, 14:02

The switch configuration looks correct, although I'm a bit uncertain about the 'switch_port' section. Can you explain why you need it there? What purpose does this setting serve in the context of your entire network topology?

As for not being able to ping the router, then you should also show your dnsmasq config from /etc/config/dhcp and your firewall config from /etc/config/firewall. If DHCP server is not specified correctly on 'lan1' and 'lan2' networks, then clients connected to the port might have invalid IP address, and thus traffic would not work.

On the other hand, if the networks are assigned to wrong zones or input traffic is blocked in the firewall config, then possible ping packets are dropped by the router.

The discussion might have continued from here.