Topic: Internet and IPTV on different VLANs

The content of this topic has been archived on 20 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Page 1 of 1

Post #1

dj.kure

23 Mar 2016, 16:58

Hello,

at first - sorry for my bad english.
My ISP provides internet connection on VLAN 999 and IPTV on VLAN 11.
I have router TP-Link WDR4300 with last version of OpenWRT and STB, which does not support VLANs.

What I need to set on this router?
My example settings:

VLAN1 (local network): CPU(tagged), Port 2, 3 and 4 (untagged)
VLAN11 (IPTV): CPU (tagged - for traffic monitoring), Port 1 (untagged - because of no support of VLANs on STB) and WAN Port (tagged)
VLAN999 (internet): CPU(tagged) and WAN Port (tagged).

DHCP server is configured to assign IPs on VLAN1, NAT is set between VLAN999 and VLAN1.
STB gains IP from remote DHCP (registered to MAC on VLAN11) and data flow via multicast (and unicast).

Is it correct?

Is there any special kernel module (ex. kmod-bridge, or kmod-80211q, ...) which i need?

Thank you for help.

Post #2

bolvan

23 Mar 2016, 17:05

If your router has separate ethernet for WAN then stop using it.
Use switch capability to separate VLANs. Use one of the ports for ISP cable.

Post #3

dj.kure

23 Mar 2016, 18:38

No no, WAN port is my designation of one port in this switch. (this switch has 5 ports)

Post #4

vilpalu

24 Mar 2016, 07:56

standard wdr4300 openwrt image has necessary modules for vlan's. also you can see swtich config in lucy (web interface)

Post #5

dj.kure

24 Mar 2016, 21:45

Yeah, but my configuration not working correctly :-(

This is my configuration:

config interface 'loopback'
    option ifname 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config interface 'lan'
    option type 'bridge'
    option proto 'static'
    option netmask '255.255.255.0'
    option ipaddr '192.168.0.254'
    option send_rs '0'
    option _orig_ifname 'eth0.1 wlan0 wlan1'
    option _orig_bridge 'true'
    option igmp_snooping '1'
    option ip6assign '60'
    option ifname 'eth0.1'

config interface 'wan'
    option _orig_ifname 'eth0.2'
    option _orig_bridge 'false'
    option type 'bridge'
    option ifname 'eth0.999'
    option proto 'static'
    option netmask '255.255.255.0'
    option delegate '0'
    option ipaddr '77.xxx.yyy.zzz'
    option gateway '77.xxx.yyy.z'
    option dns '77.xxx.yyy.zzz'
    option igmp_snooping '1'

config interface 'wan6'
    option proto 'static'
    option ifname 'sixxs0'
    option ip6addr 'xxx'
    option ip6gw 'xxx'
    option ip6prefix 'xxx'

config switch
    option reset '1'
    option enable_vlan '1'
    option name 'switch0'
    option mirror_source_port '0'
    option mirror_monitor_port '0'

config switch_vlan
    option vlan '4'
    option vid '1'
    option device 'switch0'
    option ports '0t 3 4 5'

config route
    option interface 'lan'
    option target '10.0.10.0/24'
    option gateway '192.168.0.1'

config switch_vlan
    option device 'switch0'
    option vlan '6'
    option ports '0t 1t'
    option vid '999'

config switch_vlan
    option device 'switch0'
    option vlan '7'
    option ports '1t 2'
    option vid '11'

Port 0 is CPU, Port 1 is "WAN", Port 2 is reserved for IPTV, Ports 3, 4 and 5 = LAN.
VLAN 1 = LAN, VLAN 11 = IPTV, VLAN 999 = Internet.

This configuration is OK, but after few seconds inbound traffic on VLAN 11 amounts to 70-150Mbit/s and TV stream freezes.
And i don't know why :-(

// again - sorry for my english

Post #6

makro

24 Mar 2016, 23:56

While I'm not sure what causes your problem, there are a few odd things in your config. Please confirm if you know these various things are needed or are simply added by you through trial and error.

You have enabled IGMP snooping on WAN. Do you need it, as Internet and IPTV are completely separate at all points? I haven't had the opportunity to play with IPTV, but I thought IGMP snooping was only used when IPTV and Internet traffic is on the same VLAN. To test without it, remove the option igmp_snooping line.

WAN interface is a bridge. Is this correct? I don't see any reason for it. To test without it, remove option type 'bridge' from WAN (not from LAN!). Also, your WAN netmask is set to 255.255.255.0. Does your ISP really give you an entire public /24 IPv4 network? (If you are unsure the answer is probably no.) And secondly, do they actually require you to set a static address instead of e.g. DHCP? I'd look closer at the settings used by your ISP supplied equipment, or instructions provided by your ISP.

You have enabled port mirroring, and you're mirroring port 0 onto itself, it looks like (I can't find the docs for those options, but looking at the source it looks like the value '0' is a port number, and not a boolean). Unless swconfig is smart enough to ignore that, that could be a problem.

For clarity I'd add an interface for IPTV. I'm not sure it's necessary or if it's helpful for netifd, but it can't hurt.

config interface 'iptv'
    option proto 'none'
    option ifname 'eth0.11'
    option auto '1'

Post #7

dj.kure

25 Mar 2016, 01:37

Sorry, I am idiot....

 config switch_vlan
    option vlan '4'
    option vid '1'
    option device 'switch0'
    option ports '0t 3 4 5'

...

config switch_vlan
    option device 'switch0'
    option vlan '7'
    option ports '1t 2'
    option vid '11'

I don't know why was option vlan == 4 and 7? This values was generated automatically by Luci.
After change to 1 and 11, everything works correctly.

Plus added this option:

config switch_ports
    option port '2'
    option pvid '11'

The discussion might have continued from here.

Page 1 of 1