Posted: Tue Jan 23, 2018 22:33 Post subject: R7800 and VLANS
Is it possible to use R7800 and Kong latest stabile build to do the following?
WAN port: Internet from ISP. IP from ISP's DHCP
LAN port 1: VLAN1. 192.168.10.0/24
LAN port 2: VLAN2. 192.168.20.0/24
LAN port 3: VLAN3. 192.168.30.0/24
All three VLAN's sharing internett on WAN port. R7800 acting as DHCP to the VLAN's.
Only VLAN1 and wireless can see each other and on the same network/ip range.
Need to add som QOS later on, but I think I can fix that if the VLAN get sorted.
Can I do this with R7800 or do I need another box/try pfSense? If its possible could someone please guide a lost soul? Have flashed the R7800 with DD-WRT but didn't get any further.
Joined: 17 Jan 2018 Posts: 64 Location: Georgia, USA
Posted: Wed Jan 24, 2018 17:48 Post subject: Post subject: R7800 and VLAN
Don't know the answer to your question, but below is a link I found related to what you are asking. Good luck.
https://www.flashrouters.com/blog/2015/04/06/what-is-a-vlan-how-to-setup-vlan-ddwrt/ _________________ R7800 r53339 std (08/01/23)
Private network on bridge br0 = eth1 (vlan 1) + wlan0 + wlan1.
Guest network on bridge br1 = eth1.4 (vlan 4) + VAPs (wlan0.1 + wlan1.1) for IOT devices
(Roku's, Amazon Echos, smart switches, etc.) and guest.
Noob still finding my way.
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1 2 6"
swconfig dev switch0 vlan 4 set ports "3 4 6t"
swconfig dev switch0 set apply
vconfig add eth1 4
brctl addif br1 eth1.4
ifconfig eth1.4 up
Posted: Wed Jan 24, 2018 18:27 Post subject: Re: Post subject: R7800 and VLAN
Thanks for trying to help out. I'v also found and read that guide. Turns out the guide is for Broadcom firewall's and at the R78000 there are no GUI to sort out the VLAN.
Posted: Wed Jan 24, 2018 19:31 Post subject: Re: Post subject: R7800 and VLAN
mskjold wrote:
Thanks for trying to help out. I'v also found and read that guide. Turns out the guide is for Broadcom firewall's and at the R78000 there are no GUI to sort out the VLAN.
You can tinker with the r7800 and maybe get some useful info from that page but the same settings will not work on the r7800...
...same switch, and also in many top routers, but tis wired different....
good luck sorting it out
iffin I ever run across a r7800 to play with I'll look into it
Joined: 17 Jan 2018 Posts: 64 Location: Georgia, USA
Posted: Wed Feb 28, 2018 23:27 Post subject: Re: Post subject: R7800 and VLAN
mskjold wrote:
Thanks for trying to help out. I'v also found and read that guide. Turns out the guide is for Broadcom firewall's and at the R78000 there are no GUI to sort out the VLAN.
The following information is from here:
https://openwrt.org/toh/hwdata/netgear/netgear_r7800
Model: R7800
Comments: The port mapping on this device is backwards relative to the printed numbers 1-4 on the device. This can be important when configuring LEDE's switch features since Physical 1 --> LAN4, Physical 2 --> LAN3, Physical 3 --> LAN2, and Physical 4 --> LAN1.
Below/attached is a block diagram of the QCA8337 switch in the r7800 (from datasheet)
Using the foundational information provided by “mrjcd” on his site below, it might be possible to replicate his programming for the EA8500 and substitute the appropriate port numbers on the r7800.
http://mrjcd.com/EA8500_DD-WRT/vlans/
NOOB SPECULATION - USE AT YOUR OWN RISK! (edit 3/02/18 6t for 6 previously used in vlan22)
I’m guessing mrjcd’s first example might look like this when changed for the r7800. Substitute the number "6t" for the number "0t" in the ports configuration.
swconfig dev eth0 vlan 1 set ports "6 1 3 4"
swconfig dev eth0 vlan 22 set ports "6t 2"
swconfig dev eth0 set enable_vlan 22
swconfig dev eth0 set apply
vconfig add eth0 22
ifconfig vlan22 192.168.22.1 /28
You would need to follow the rest of mrjcd’s instructions to complete the setup.
Anyway, I am not allowed to take down our r7800 and do anything to knock us off the internet. Our Roku’s are constantly streaming. Plus, I am not a programmer and anytime I make changes it has the potential to take down our r7800 for hours or days.
I’m willing to do what research I can, but I need someone to develop a proven recipe that I can follow. _________________ R7800 r53339 std (08/01/23)
Private network on bridge br0 = eth1 (vlan 1) + wlan0 + wlan1.
Guest network on bridge br1 = eth1.4 (vlan 4) + VAPs (wlan0.1 + wlan1.1) for IOT devices
(Roku's, Amazon Echos, smart switches, etc.) and guest.
Noob still finding my way.
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1 2 6"
swconfig dev switch0 vlan 4 set ports "3 4 6t"
swconfig dev switch0 set apply
vconfig add eth1 4
brctl addif br1 eth1.4
ifconfig eth1.4 up
Last edited by sweatbee on Fri Mar 02, 2018 19:44; edited 2 times in total
Joined: 17 Jan 2018 Posts: 64 Location: Georgia, USA
Posted: Thu Mar 01, 2018 15:11 Post subject:
<Kong> wrote:
VLANs are working fine on it, just use swconfig and add the commands to startup.
Thanks Kong. All of us really appreciate the work you and BS do on our behalf.
Half the battle with any problem is just knowing a solution is available. That it's not impossible.
My problem is I'm not a programmer or that familiar with Linux and need someone to lay it out with detailed directions for me. I have enough challenges following the GUI with all the options available. I'm still acquiring an understanding/definition of all the terms I read.
What commands and in what sequence, etc.? Is there a tutorial on this I missed or is it so basic that I am just expected to understand? Sample scripts for this purpose?
A trip of 100 miles starts with one step. I'm on the trip. _________________ R7800 r53339 std (08/01/23)
Private network on bridge br0 = eth1 (vlan 1) + wlan0 + wlan1.
Guest network on bridge br1 = eth1.4 (vlan 4) + VAPs (wlan0.1 + wlan1.1) for IOT devices
(Roku's, Amazon Echos, smart switches, etc.) and guest.
Noob still finding my way.
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1 2 6"
swconfig dev switch0 vlan 4 set ports "3 4 6t"
swconfig dev switch0 set apply
vconfig add eth1 4
brctl addif br1 eth1.4
ifconfig eth1.4 up
This thread provides some background on how to configure VLANs on the R9000. Approach should be the same for the R7800, with different port assignments, though.
Joined: 17 Jan 2018 Posts: 64 Location: Georgia, USA
Posted: Thu Mar 01, 2018 21:04 Post subject:
Thank you kammerma and Per. This really helps.
r7800 code for working configurations is a great help. If anyone else has r7800 working code they could share as examples it would be appreciated.
Noob question - When do you tag a port? For what purpose? _________________ R7800 r53339 std (08/01/23)
Private network on bridge br0 = eth1 (vlan 1) + wlan0 + wlan1.
Guest network on bridge br1 = eth1.4 (vlan 4) + VAPs (wlan0.1 + wlan1.1) for IOT devices
(Roku's, Amazon Echos, smart switches, etc.) and guest.
Noob still finding my way.
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1 2 6"
swconfig dev switch0 vlan 4 set ports "3 4 6t"
swconfig dev switch0 set apply
vconfig add eth1 4
brctl addif br1 eth1.4
ifconfig eth1.4 up
Joined: 17 Jan 2018 Posts: 64 Location: Georgia, USA
Posted: Sat Mar 03, 2018 16:56 Post subject:
Per Yngve Berg wrote:
Working example for the R7800:
Code:
wconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "3 4t 6"
swconfig dev switch0 vlan 3 set ports "1 2 4t 6t"
swconfig dev switch0 set apply
vconfig add eth1 3
ifconfig eth1.3 192.168.3.1 netmask 255.255.255.0
Note that the processor port for LAN is 6, but 5 for the WAN
Port 6 is not tagged for VLAN1, but tagged for the other VLANs.
I have a managed switch on port 4, that's why it's tagged.
I want to set up two extra VLANs on my r7800
VLAN 1 will remain as main network (including default bridge with wireless)
VLAN 10 will serve a VOIP phone
VLAN 20 will serve some wired connected IOT devices
Will use physical port 1 (switch port 4) for phone
Will use physical port 2 (switch port 3) for IOT devices
Physical ports 3 and 4 (switch port 2 and 1) will remain as main network
Will the following code/procedure work?
Computer’s wired connection is in physical port 4 (switch port 1) which does not change VLAN or subnet throughout this process thereby maintaining its connection.
Copy text below and paste into the 'Administration/Commands' window of GUI.
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1 2 6"
swconfig dev switch0 vlan 10 set ports "3 6t"
swconfig dev switch0 vlan 20 set ports "4 6t"
swconfig dev switch0 set apply
vconfig add eth1 10
vconfig add eth1 20
ifconfig eth1.10 192.168.10.1 netmask 255.255.255.0
ifconfig eth1.20 192.168.20.1 netmask 255.255.255.0
Click the 'Save Startup' button
Reboot router.
Go to Setup/Networking window of GUI to find the newly created interface Network Configuration vlan10
Click the 'unbridge' button associated with Network Configuration vlan10
Masquerade / NAT should be Enabled
Net Isolation should be Enabled
Put in IP Address 192.168.10.1
Put in subnetmask 255.255.255.0
Click the 'Save' button at bottom of page.
Click Add in the Multiple DHCP Server section
Select vlan10
Click the 'Apply Settings' button.
Follow same procedure with vlan20
Reboot the router.
As a noob I don’t want to do something to brick my router (and interrupt wife’s Roku streams). I want some extra eyes to look this over before I attempt it. Thanks for your help!
(correction - edited wconfig to swconfig per Per Yngve Berg) _________________ R7800 r53339 std (08/01/23)
Private network on bridge br0 = eth1 (vlan 1) + wlan0 + wlan1.
Guest network on bridge br1 = eth1.4 (vlan 4) + VAPs (wlan0.1 + wlan1.1) for IOT devices
(Roku's, Amazon Echos, smart switches, etc.) and guest.
Noob still finding my way.
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1 2 6"
swconfig dev switch0 vlan 4 set ports "3 4 6t"
swconfig dev switch0 set apply
vconfig add eth1 4
brctl addif br1 eth1.4
ifconfig eth1.4 up
Last edited by sweatbee on Mon Mar 05, 2018 0:01; edited 2 times in total
Joined: 17 Jan 2018 Posts: 64 Location: Georgia, USA
Posted: Mon Mar 05, 2018 10:50 Post subject:
After thinking some more I’ve decided to only set up one extra VLAN for my router. I will split the ports and have two in each VLAN. Then I will have my VOIP phone and my IOT devices together in the new VLAN and my computers, tablets, printers, etc. in the existing VLAN 1.
Based on the previous example (not tested) the following should work. (It didn’t – see below)
Computer’s wired connection is in physical port 4 (switch port 1) which does not change VLAN or subnet throughout this process thereby maintaining its connection.
Copy text below and paste into the 'Administration/Commands' window of GUI.
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1 2 6"
swconfig dev switch0 vlan 25 set ports "3 4 6t"
swconfig dev switch0 set apply
vconfig add eth1 25
ifconfig eth1.25 192.168.25.1 netmask 255.255.255.0
Click the 'Save Startup' button
Reboot router.
Go to Setup/Networking window of GUI to find the newly created interface Network Configuration vlan25 (shows as - Network Configuration eth1.25)
Click the 'unbridge' button associated with Network Configuration eth1.25
Masquerade / NAT should be Enabled
Net Isolation should be Enabled
Put in IP Address 192.168.25.1
Put in subnetmask 255.255.255.0
Click the 'Save' button at bottom of page.
Click Add in the Multiple DHCP Server section
Select vlan25 (shows as eth1.25)
Click the 'Apply Settings' button.
Reboot router
While everything appeared to go smoothly in the set-up procedure I received the following message in Syslog.
Dec 31 19:00:37 DD-WRT daemon.warn dnsmasq[1295]: warning: interface eth1.25 does not currently exist
Dec 31 19:00:37 DD-WRT daemon.info dnsmasq-dhcp[1295]: DHCP, IP range 192.168.25.100 -- 192.168.25.149, lease time 1d
Checking the attached devices I get errors showing no internet connection.
What do I need to change/add to the above procedure to get the interface to work? _________________ R7800 r53339 std (08/01/23)
Private network on bridge br0 = eth1 (vlan 1) + wlan0 + wlan1.
Guest network on bridge br1 = eth1.4 (vlan 4) + VAPs (wlan0.1 + wlan1.1) for IOT devices
(Roku's, Amazon Echos, smart switches, etc.) and guest.
Noob still finding my way.
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1 2 6"
swconfig dev switch0 vlan 4 set ports "3 4 6t"
swconfig dev switch0 set apply
vconfig add eth1 4
brctl addif br1 eth1.4
ifconfig eth1.4 up
This will NAT all local IP sub-nets that are going out the WAN.
PS. I have the same error. It's because DHCPd starts before the startup script is run.
Pasted in command and Saved as firewall:
iptables -t nat -I POSTROUTING -o `get_wanface` -j MASQUERADE
rebooted
root@DD-WRT:~# ifconfig
Above gives info on all interfaces (ath0 ath0.1 ath1 ath1.1 br0 br0:0 eth0 eth1 eth1.25 lo tun1). Below shows eth1.25 (vlan 25) which is the only one not working.
I should see a VOIP phone, an Audio Receiver, and a Blu-Ray player on the network. Prior to change they showed up. Now they don’t. They do not receive internet access. Previously they were given static leases on the DHCP Server. At first reboot I did not remove the static leases and they showed up as available hosts for Wake-On-Lan under their old IPs. I deleted the static leases and rebooted. The audio receiver is still showing up under Wake-On-Lan with its old IP. However, I’ve noticed this FW version does not show all connected hosts as available for Wake-On-Lan. This may be a bug.
192.168.25.1 subnet is not in the PBR range to go through OpenVPN.
Any other suggestions? Thanks for helping! _________________ R7800 r53339 std (08/01/23)
Private network on bridge br0 = eth1 (vlan 1) + wlan0 + wlan1.
Guest network on bridge br1 = eth1.4 (vlan 4) + VAPs (wlan0.1 + wlan1.1) for IOT devices
(Roku's, Amazon Echos, smart switches, etc.) and guest.
Noob still finding my way.
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1 2 6"
swconfig dev switch0 vlan 4 set ports "3 4 6t"
swconfig dev switch0 set apply
vconfig add eth1 4
brctl addif br1 eth1.4
ifconfig eth1.4 up