Posted: Mon Jan 13, 2020 11:37 Post subject: WAP from 802.11q trunk on Netgear AC1450
Hello,
I'm trying to set up my AC1450 as a Wireless Access Point with 4 virtual wireless networks (VAP), connected via an 802.11q trunk to the main router (a netgear R7800). I've found various useful information littered about in the forums, but it's not working for me so far. So wanted to reach out for some help.
So far I've done the following, via the GUI in kong's build 40270M:
- There are 4 wireless networks, each on its own bridge (br0-3), matching the subnet ip ranges on the main router. They are tagged with their own vlan tags (11-14). These match the vlan tags on the main router.
- I followed the instructions in Wireless access point to set WAN connection point disabled, assign the router a fixed IP in the default subnet of the main router (192.168.9.2/255.255.255.0, gateway 192.168.9.1, dns 192.168.9.1), assign WAN port to switch, disable DHCP server and dnsmasq, disable ttraff, disable firewall, set operating mode to "router", and disable routing.
- I ran the following nvram commands to set up the trunk on the wan port (based upon the Switched Ports wiki):
Code:
vlan11hwname=et0
vlan12hwname=et0
vlan13hwname=et0
vlan14hwname=et0
nvram set port0vlans="11 12 13 14 16"
nvram set port1vlans="11"
nvram set port2vlans="11"
nvram set port3vlans="11"
nvram set port4vlans="11"
nvram set port5vlans="1 11 12 13 14 16"
nvram set vlan1ports="5u"
nvram set vlan2ports="5u"
nvram set vlan11ports="0t 1 2 3 4 5t*"
nvram set vlan12ports="0t 5t"
nvram set vlan13ports="0t 5t"
nvram set vlan14ports="0t 5t"
nvram commit
Unfortunately, I cannot ping the WAP router from the main router, or the main router from the WAP router.
Although this is a broadcom router, I'm not certain it's possible to assign the different ethernet ports to different vlans. That would be fine with me, since I do not need to use the other ethernet ports. But I do obviously need to set up vlan trunking for at least one port (I've been attempting the wan port, which I assumed could be controlled independently of the others).
Does anyone know what I might be doing wrong or what else I might need to do?
Many thanks for any tips!
Last edited by jtbr on Tue Jan 14, 2020 21:47; edited 1 time in total
I'm trying to set up my AC1450 as a Wireless Access Point with 4 virtual wireless networks (VAP), connected via an 802.11q trunk to the main router (a netgear R7800).
[...]
So far I've done the following, via the GUI in kong's build 40270M:
- There are 4 wireless networks, each on its own bridge (br0-3), matching the subnet ip ranges on the main router. They are tagged with their own vlan tags (11-14). These match the vlan tags on the main router.
Per Yngve Berg wrote:
You are in the wrong forum. The R7800 is an Atheros, not a Broadcom device. Your VLAN setup following a Broadcom tutorial will not work.
The VAPs are on the Netgear AC1450, which is Broadcom BCM4708A0. _________________ #NAT/SFE/CTF: limited speed w/ DD#Repeater issues#DD-WRT info: FAQ, Builds, Types, Modes, Changes, Demo#
OPNsense x64 5050e ITX|DD: DIR-810L, 2*EA6900@1GHz, R6300v1, RT-N66U@663, WNDR4000@533, E1500@353,
WRT54G{Lv1.1,Sv6}@250|FreshTomato: F7D8302@532|OpenWRT: F9K1119v1, RT-ACRH13, R6220, WNDR3700v4
I noticed that there were no interfaces for the wan port (eth2 I believe). So I added the following to the startup script:
Code:
vconfig add eth2 11
vconfig add eth2 12
vconfig add eth2 13
vconfig add eth2 14
# Add these interfaces to the appropriate bridges and bring them up
brctl addif br0 eth2.11
brctl addif br1 eth2.12
brctl addif br2 eth2.14
brctl addif br3 eth2.13
ifconfig eth2.11 up
ifconfig eth2.12 up
ifconfig eth2.13 up
ifconfig eth2.14 up
You don't need this. The interface names will be VLAN11, VLAN12, VLAN13 AND VLAN14
You should be able to add them to a bridge in the GUI.
I see. This seems already to be correct then (see the bridging table above). I needed something similar for the R7800, which is where I got the idea. But in any case it didn't seem to fix the problem.
Per Yngve Berg wrote:
How is your setup on the R7800?
Which port on the R7800?
The R7800 is working great. I have the tagged vlans on physical port 1, right next to the wan port. I can connect this to a managed switch where certain ports are mapped to each vlan. It's fantastic.
[The only issue I encountered (after I figured out how to do it in the first place) is a bizarre one: that if I set the 5ghz radio to VHT80 in the gui, all my vlan interfaces for ath0 are lost in the bridge table (e.g. ath0.11 collapses to ath0, etc). So I just use Wide 40Mhz and everything works.]
But unfortunately, the AC1450 being a different chipset, only some of the lessons carried over. One thing I'm unclear on is how the WAP router knows to send tagged traffic from the main router to the correct bridge. The converse (what to tag the traffic from each bridge) is set in the GUI. I also am a bit confused how the WAP knows how to route traffic to the main router. Maybe reading egc's description will clear some of this up for me.
Please show the SWCONFIG commands you entered on the R7800.
It seems too simple for just that to work . But ok. I must have something else going wrong. I saw in egc's writeup he doesn't change the operating mode to router from gateway. Perhaps that has something to do with it. Also perhaps I should leave the wan port alone and manipulate one of the "normal" ports. I'll do some digging.
Actually, on second thought we may be confusing WAP and VAP. I use WAP (wireless access point) to refer to the second router which is wired to the first and broadcasts the same wireless LAN(s) (from another physical location). VAP (virtual access point) is referring to the second and further SSIDs broadcast for wireless on the same radio frequency from the same router. Super confusing because it has nothing to do with VLANs (virtual LANs) (and I'm complicating things by having VAPs on a WAP connected with vlans ). At least, this is how I understand and have been using these terms, which may or may not be correct.
To answer your question, here are the relevant startup commands I use on the R7800:
Code:
# set up vlans 11-14 and ethernet ports (GUI won't work for any of this)
# port 1 (==4 logical) is tagged for trunking, port 4 (==1) is bridge 2/vlan 14; ports 2 & 3 are default bridge 0
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "2 3 6"
swconfig dev switch0 vlan 11 set ports "4t 6t"
swconfig dev switch0 vlan 12 set ports "4t 6t"
swconfig dev switch0 vlan 13 set ports "4t 6t"
swconfig dev switch0 vlan 14 set ports "1 4t 6t"
swconfig dev switch0 set apply
vconfig add eth1 11
vconfig add eth1 12
vconfig add eth1 13
vconfig add eth1 14
# Add these interfaces to the appropriate bridges and bring them up
brctl addif br0 eth1.11
brctl addif br1 eth1.12
brctl addif br2 eth1.14
brctl addif br3 eth1.13
ifconfig eth1.11 up
ifconfig eth1.12 up
ifconfig eth1.13 up
ifconfig eth1.14 up
You map a WAP to a VLAN by assigning them to a bridge
br1 = VLAN11 + wl1.1
br2 = VLAN12 + wl1.2
br3 = VLAN13 + wl1.3
Your comment went right over my head, as I thought I had done this. I did not previously have the vlans assigned to the bridges! After making this change, the routers can see each other. I made several other changes as well (operating mode=gateway, moving the trunk to a "normal" port (not wan), applying the VAP workaround @egc suggested in his writeup, enabling "routing", and making vlan1 the default, untagged vlan again), but I believe that is what made it work. Thank you!
Joined: 18 Mar 2014 Posts: 11452 Location: Netherlands
Posted: Wed Jan 15, 2020 9:42 Post subject:
Per Yngve Berg wrote:
The WAN port is not different from the other ports otherwise as it's default in vlan 2. The firewall is onvlsn 2 and not on the port.
Software wise that is true, but my WAN port when assigned to the LAN has a speed of 600 Mb/s and other ports gigabit speed.
It depends on the internal layout of the router i.e. how the ports are connected, if you can get gigabit speed, so YMMV.
So if you do not need it, perhaps do not use the WAN port it also makes it obvious that the router is setup as a WAP _________________ Routers:Netgear R7800, R7000, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399 Install guide R7800/XR500:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614 Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
- In those final changes noted before, it was a mistake to revert to using the vlan 1 as the default; vlan 11 needed to be the default.
- I am able to use either the wan port or a "normal" port for the trunk. In my config below, I set ports 0 and 4 to be tagged with all my vlans. (In my case both ports connect as gigabit ports but I didn't run a speed test to see if performance differs)
- Operating mode: router vs gateway seems to make no difference for my config, so I left it in router mode as the WAP wiki suggests
- Under Administration->Management it seems to be fine to leave Routing disabled. - I also have the firewall disabled on the WAP; the firewall is on the main router.
My custom nvram settings to use two ports as trunks and the rest as default LANs:
Code:
nvram set port0vlans="11 12 13 14 16"
nvram set port1vlans=11
nvram set port2vlans=11
nvram set port3vlans=11
nvram set port4vlans="11 12 13 14 16"
nvram set port5vlans="1 11 12 13 14 16"
nvram set vlan11hwname=et0
nvram set vlan11ports="0t 1 2 3 4t 5t*"
nvram set vlan12hwname=et0
nvram set vlan12ports="0t 4t 5t"
nvram set vlan13hwname=et0
nvram set vlan13ports="0t 4t 5t"
nvram set vlan14hwname=et0
nvram set vlan14ports="0t 4t 5t"
nvram set vlan1ports=5u
nvram set vlan2ports=5u
nvram commit
. But ok. I must have something else going wrong. I saw in egc's writeup he doesn't change the operating mode to router from gateway. Perhaps that has something to do with it. Also perhaps I should leave the wan port alone and manipulate one of the "normal" ports. I'll do some digging.
). At least, this is how I understand and have been using these terms, which may or may not be correct.
