Help with VLAN Tagging

Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware
Author Message
ryun
DD-WRT Novice


Joined: 01 Jun 2013
Posts: 8

PostPosted: Tue Oct 29, 2019 0:13    Post subject: Help with VLAN Tagging Reply with quote
Sorry, I'm a newb with all of this and I'm just trying to make sure my fundamental understanding is correct or I'm going about this all the wrong way.

What I want to do is take my AP (TP-LINK EAP225v3) and connect it to my Buffalo WZR-300HP (atheros based ddwrt router; version v3.0-r30356 std (11/30/17) if it helps), then add a guest network SSID on the TP-Link and tell the Buffalo router that the guest SSID belongs to a different subnet.

It seems like I can accomplish this by using 802.1Q VLAN tagging which both devices support. My AP is connected to the router via an ethernet cable on one of the LAN ports.

My understanding is that if I tell the TP-LINK AP that it belongs to VLAN ID 22 (which I have done) it will tell my Buffalo router (via packet headers) that the traffic belongs to VLAN 22. So, what I've done (starting from default settings using the GUI) is created a new VLAN tag (22) off of "vlan1" and out comes a new interface: "vlan1.22". As far as I understand, "vlan1" is the virtual interface for the ethernet ports.

I then created a bridge "br1". It has the following properties: IP Address: 192.168.22.1 Subnet mask: 255.255.255.0

I then assigned the bridge "br1" to "vlan1.22". I also created a new DHCP server to "br1".

I kinda feel like that's all I need to do here, but connecting to the guest SSID assigns me no IP address and I can't ping either 192.168.22.1 or 192.168.11.1 when assigning an address manually. Am I missing something fundamental here? What would be the procedure to diagnose?
Sponsor
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6858
Location: Romerike, Norway

PostPosted: Tue Oct 29, 2019 17:19    Post subject: Reply with quote
Did you assign the interface for the guest SSID to br1?
ryun
DD-WRT Novice


Joined: 01 Jun 2013
Posts: 8

PostPosted: Sat Nov 02, 2019 16:40    Post subject: Reply with quote
Hi Per Yngve Berg, appreciate the assist. I figured it'd be best to show some screen shots to show what I've got. I've attached them to the post but also hosted them on imgur should the attachment feature not work.

I assigned vlan1 to bridge br1, but I am connecting the AP to the router via an ethernet cable. I assumed (perhaps incorrectly) that if I tag my traffic with vlan Id 22 that any traffic tagged that way would be re-routed to br1. As I understand it, I can't with an Atheros based router do port based VLANs and I have to mark the whole interface (vlan1 being the ethernet ports) as vlan 22 capable.

Again, I'm a bit outside my depth here so I'm not sure if what I'm trying to do is the way this is intended to work.

Here's my networking tab:
https://imgur.com/vjO7pEO

Here's my firewall rules (this is the only other thing I've done outside of the default:
https://imgur.com/uE7tx2Y

And here's my TP-Link's APs setup:

https://imgur.com/L1uTqqQ
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6858
Location: Romerike, Norway

PostPosted: Sat Nov 02, 2019 17:03    Post subject: Reply with quote
Yes, you can do port based VLAN with Atheros.

Post the output of

swconfig dev switch0 show

from the Buffalo.

Don't you use any wifi on the Buffalo?

Is there any SSID for your regular network on the TPL?
ryun
DD-WRT Novice


Joined: 01 Jun 2013
Posts: 8

PostPosted: Sat Nov 02, 2019 18:03    Post subject: Reply with quote
Thanks. Here's the output (minus mac addresses). Sorry, I did forget to mention that I disabled the wireless radio. I wanted to upgrade the radio while keeping ddwrt on the router (the route itself is great, the radio can be hit or miss with some devices). That's why I purchased the TPLINK wireless AP anyway.

Quote:

root@DD-WRT:~# swconfig dev switch0 show
Global attributes:
enable_vlan: 1
enable_mirror_rx: 0
enable_mirror_tx: 0
mirror_monitor_port: 0
mirror_source_port: 0
arl_table: address resolution table
Port 0: MAC xxxxx
Port 1: MAC yyyyy
Port 4: MAC zzzzz

Port 0:
mib: Port 0 MIB counters
RxBroad : 1806
RxPause : 0
RxMulti : 56
RxFcsErr : 0
RxAlignErr : 0
RxRunt : 0
RxFragment : 1
Rx64Byte : 6894
Rx128Byte : 3958
Rx256Byte : 490
Rx512Byte : 3139
Rx1024Byte : 12856
Rx1518Byte : 5288
RxMaxByte : 17676
RxTooLong : 0
RxGoodByte : 44999061
RxBadByte : 15
RxOverFlow : 0
Filtered : 1529
TxBroad : 6387
TxPause : 0
TxMulti : 15279
TxUnderRun : 0
Tx64Byte : 38
Tx128Byte : 45099
Tx256Byte : 1907
Tx512Byte : 2437
Tx1024Byte : 3409
Tx1518Byte : 185
TxMaxByte : 11
TxOverSize : 0
TxByte : 8089616
TxCollision : 0
TxAbortCol : 0
TxMultiCol : 0
TxSingleCol : 0
TxExcDefer : 0
TxDefer : 0
TxLateCol : 0

pvid: 0
link: port:0 link:up speed:1000baseT full-duplex txflow rxflow
Port 1:
mib: Port 1 MIB counters
RxBroad : 3033
RxPause : 0
RxMulti : 86
RxFcsErr : 0
RxAlignErr : 0
RxRunt : 0
RxFragment : 0
Rx64Byte : 1010
Rx128Byte : 868
Rx256Byte : 119
Rx512Byte : 160
Rx1024Byte : 3147
Rx1518Byte : 2263
RxMaxByte : 0
RxTooLong : 0
RxGoodByte : 6511990
RxBadByte : 0
RxOverFlow : 0
Filtered : 150
TxBroad : 3695
TxPause : 0
TxMulti : 15365
TxUnderRun : 0
Tx64Byte : 4578
Tx128Byte : 14728
Tx256Byte : 1890
Tx512Byte : 451
Tx1024Byte : 545
Tx1518Byte : 176
TxMaxByte : 0
TxOverSize : 0
TxByte : 2627843
TxCollision : 0
TxAbortCol : 0
TxMultiCol : 0
TxSingleCol : 0
TxExcDefer : 0
TxDefer : 0
TxLateCol : 0

pvid: 1
link: port:1 link:up speed:1000baseT full-duplex auto
Port 2:
mib: Port 2 MIB counters
RxBroad : 0
RxPause : 0
RxMulti : 0
RxFcsErr : 0
RxAlignErr : 0
RxRunt : 0
RxFragment : 0
Rx64Byte : 0
Rx128Byte : 0
Rx256Byte : 0
Rx512Byte : 0
Rx1024Byte : 0
Rx1518Byte : 0
RxMaxByte : 0
RxTooLong : 0
RxGoodByte : 0
RxBadByte : 0
RxOverFlow : 0
Filtered : 0
TxBroad : 0
TxPause : 0
TxMulti : 0
TxUnderRun : 0
Tx64Byte : 0
Tx128Byte : 0
Tx256Byte : 0
Tx512Byte : 0
Tx1024Byte : 0
Tx1518Byte : 0
TxMaxByte : 0
TxOverSize : 0
TxByte : 0
TxCollision : 0
TxAbortCol : 0
TxMultiCol : 0
TxSingleCol : 0
TxExcDefer : 0
TxDefer : 0
TxLateCol : 0

pvid: 2
link: port:2 link:down
Port 3:
mib: Port 3 MIB counters
RxBroad : 2409
RxPause : 0
RxMulti : 11082
RxFcsErr : 0
RxAlignErr : 0
RxRunt : 0
RxFragment : 0
Rx64Byte : 23517
Rx128Byte : 13530
Rx256Byte : 1631
Rx512Byte : 2170
Rx1024Byte : 463
Rx1518Byte : 180
RxMaxByte : 0
RxTooLong : 0
RxGoodByte : 4342906
RxBadByte : 0
RxOverFlow : 0
Filtered : 4
TxBroad : 2308
TxPause : 0
TxMulti : 56
TxUnderRun : 0
Tx64Byte : 6343
Tx128Byte : 3748
Tx256Byte : 450
Tx512Byte : 1332
Tx1024Byte : 12647
Tx1518Byte : 20689
TxMaxByte : 0
TxOverSize : 0
TxByte : 41216271
TxCollision : 0
TxAbortCol : 0
TxMultiCol : 0
TxSingleCol : 0
TxExcDefer : 0
TxDefer : 0
TxLateCol : 0

pvid: 1
link: port:3 link:down
Port 4:
mib: Port 4 MIB counters
RxBroad : 1011
RxPause : 0
RxMulti : 4235
RxFcsErr : 0
RxAlignErr : 0
RxRunt : 0
RxFragment : 0
Rx64Byte : 5829
Rx128Byte : 5148
Rx256Byte : 268
Rx512Byte : 581
Rx1024Byte : 101
Rx1518Byte : 16
RxMaxByte : 0
RxTooLong : 0
RxGoodByte : 1176207
RxBadByte : 0
RxOverFlow : 0
Filtered : 0
TxBroad : 175
TxPause : 0
TxMulti : 0
TxUnderRun : 0
Tx64Byte : 1665
Tx128Byte : 868
Tx256Byte : 99
Tx512Byte : 401
Tx1024Byte : 2687
Tx1518Byte : 4468
TxMaxByte : 0
TxOverSize : 0
TxByte : 8873924
TxCollision : 0
TxAbortCol : 0
TxMultiCol : 0
TxSingleCol : 0
TxExcDefer : 0
TxDefer : 0
TxLateCol : 0

pvid: 1
link: port:4 link:up speed:1000baseT full-duplex auto
Port 5:
mib: Port 5 MIB counters
RxBroad : 0
RxPause : 0
RxMulti : 0
RxFcsErr : 0
RxAlignErr : 0
RxRunt : 0
RxFragment : 0
Rx64Byte : 0
Rx128Byte : 0
Rx256Byte : 0
Rx512Byte : 0
Rx1024Byte : 0
Rx1518Byte : 0
RxMaxByte : 0
RxTooLong : 0
RxGoodByte : 0
RxBadByte : 0
RxOverFlow : 0
Filtered : 0
TxBroad : 0
TxPause : 0
TxMulti : 0
TxUnderRun : 0
Tx64Byte : 0
Tx128Byte : 0
Tx256Byte : 0
Tx512Byte : 0
Tx1024Byte : 0
Tx1518Byte : 0
TxMaxByte : 0
TxOverSize : 0
TxByte : 0
TxCollision : 0
TxAbortCol : 0
TxMultiCol : 0
TxSingleCol : 0
TxExcDefer : 0
TxDefer : 0
TxLateCol : 0

pvid: 1
link: port:5 link:down
VLAN 1:
vid: 1
ports: 0t 1 3 4 5
VLAN 2:
vid: 2
ports: 0t 2
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6858
Location: Romerike, Norway

PostPosted: Sat Nov 02, 2019 20:03    Post subject: Reply with quote
swconfig dev switch0 vlan 1 set ports "0t 1t 3 4 5"
swconfig dev switch0 vlan 3 set ports "0t 1t"
swconfig dev switch0 vlan 3 set vid 22
swconfig dev switch0 set apply

Both VLAN 1 and VLAN3 with tag 22 will be tagged on port 1. Put in Command and save as Statup.

You can now assign VLAN 3 to br1.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum