VLAN configuration Linksys WRT3200ACM r43099 [SOLVED]

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.)
Author Message
LearnDev
DD-WRT Novice


Joined: 17 May 2019
Posts: 6

PostPosted: Fri May 15, 2020 7:30    Post subject: VLAN configuration Linksys WRT3200ACM r43099 [SOLVED] Reply with quote
I need your help guy, I have a Linksys WRT3200ACM router running : DD-WRT v3.0-r43099 configured as a Gateway and it is hosting my satellite internet, I need to share my internet via Lan port number 4 to my neighbor to enable him to use the internet but without giving him access to my local network and NAS. Please help.does this do:

#switch config
swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "6t 0t 1 2 3"
swconfig dev switch0 vlan 2 set ports "6t 0t 5 4"
swconfig dev switch0 vlan 3 set ports "6t 0t"
swconfig dev switch0 vlan 4 set ports "6t 0t"
swconfig dev switch0 set apply
#vlan config
vconfig set_name_type VLAN_PLUS_VID_NO_PAD
vconfig add eth1 1
vconfig add eth1 2
vconfig add eth1 3
vconfig add eth2 4
ifconfig vlan1 up
ifconfig vlan2 up
ifconfig vlan3 up
ifconfig vlan4 up
#bridge config
brctl addif br0 vlan1
brctl addif br1 vlan2
brctl addif br2 vlan3
brctl addif br3 vlan4
brctl delif br0 eth1
brctl delif br0 eth0
brctl delif br1 eth0
#wan service restart
(stopservice wan;startservice wan) 2>&1 | logger -t startup[$$]
Sponsor
TheDude1864
DD-WRT Novice


Joined: 26 Jan 2012
Posts: 6

PostPosted: Fri May 15, 2020 22:04    Post subject: Reply with quote
I have so many questions.... but I'll take a stab at it.

I think you have the ports confused. The ports are backwards as in eth0 is port 5 and eth1 is port 6 but 0 1 2 3 in the configuration is actually port 4 3 2 1 respectively, and port 4 is the wan port.

Config - physical
0 - 4
1 - 3
2 - 2
3 - 1
4 - wan
5 - eth0
6 - eth1

I'm assuming what you are trying to do is give your neighbor internet without letting them on your network. You probably want something like this:

Code:
swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
# Your local network - eth0 br0 and wifis - untagged physical ports 1,2,3
swconfig dev switch0 vlan 1 set ports "6 1 2 3"
# Wan connection - physical wan and eth0 connection
swconfig dev switch0 vlan 2 set ports "5 4"
# Your neighbors vlan - physical port 4 connected to vlan3
swconfig dev switch0 vlan 3 set ports "6t 0”
swconfig dev switch0 set apply

#vlan config
vconfig set_name_type VLAN_PLUS_VID_NO_PAD

# dont need vlan 1 - that's just a switch config
# dont need vlan 2 - that's just a switch config
vconfig add eth1 3 # add vlan 3

ifconfig vlan3 up

#bridge config

brctl addif br1 vlan3

#wan service restart
(stopservice wan;startservice wan) 2>&1 | logger -t startup[$$]


eth0 will still be your wan. Vlan3 needs to be set to unbridged in the web UI to isolate it from you lan. Also, In the web UI, you need to setup br1 (dont add anything. the script will do that.) and then set up another DHCP service on br1 so your neighbor will get dhcp.

also, you will need a firewall rule added so vlan3 has internet.

This is all assuming that your ISP only assigns you 1 IP and not a block of IPs.(Which is probably true)

Hope that helps.
LearnDev
DD-WRT Novice


Joined: 17 May 2019
Posts: 6

PostPosted: Sat May 16, 2020 7:07    Post subject: Reply with quote
After adding the code for startup/reboot br1 still does show up
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 933
Location: Appalachian mountains, USA

PostPosted: Sat May 16, 2020 15:28    Post subject: Reply with quote
FWIW, here's what my daughter's (IT-aware young adult) WRT1900ACSv2 has had running,for over a year (builds 38159, 39144, 40009 so far) to split off port 4 to br1 for her roommate. She also puts ath1 on br1 to give the roomie wifi while keeping ath0 for herself, but there's no need to involve wifi of course. After she created a bridge br1 (GUI>Setup>Networking), gave it a subnet (same page, in Port Setup) by specifying an IP Address and Subnet Mask, and gave it a DHCP server (same page, at bottom), the code at the beginning of the Startup section in GUI>Administration>commands was then
Code:
#split the LAN on the port 6 cpu into eth1 (untagged) and vlan3 (tagged)
  swconfig dev switch0 set reset 1
  swconfig dev switch0 set enable_vlan 1
  #vlans 1 and 2 connect eth1 and eth0 to the correct ports
    swconfig dev switch0 vlan 1 set ports "6 1 2 3"
    swconfig dev switch0 vlan 2 set ports "5 4"
  #a new vlan 3 interface will handle the remaining port
    swconfig dev switch0 vlan 3 set ports "6t 0"
  swconfig dev switch0 set apply
  vconfig set_name_type VLAN_PLUS_VID_NO_PAD
  vconfig add eth1 3
  ifconfig vlan3 up
  brctl addif br1 vlan3 )

The roomie then gets vlan3. This setup was heavily influenced by TheDude1864 when it was set up, so read his notes above well. He has a clue. The long discussion of all this (in my case oriented towards a 2-port split off) is at the VLANs link in my sig.

_________________
Five Linksys WRT1900ACSv2's on 42926, 44048
VLANs, multiple VAPs, NAS, client-mode travel router, OpenVPN client/PBR (AirVPN), wireguard/PBR (AzireVPN), two DNSCrypt servers (incl Quad9) routed through OpenVPN.
LearnDev
DD-WRT Novice


Joined: 17 May 2019
Posts: 6

PostPosted: Mon May 18, 2020 16:35    Post subject: Reply with quote
Finally it worked but with another issue, I am not able to receive dynamic IP address from the first three ports nor wan connection, please see the code on the startup:


swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
# Your local network - eth0 br0 and wifis - untagged physical ports 1,2,3
swconfig dev switch0 vlan 1 set ports "6t 1 2 3"
# Wan connection - physical wan and eth0 connection
swconfig dev switch0 vlan 2 set ports "5 4"
# Your neighbors vlan - physical port 4 connected to vlan3
swconfig dev switch0 vlan 3 set ports "6t 0"
swconfig dev switch0 set apply

#vlan config
vconfig set_name_type VLAN_PLUS_VID_NO_PAD

# dont need vlan 1 - that's just a switch config
# dont need vlan 2 - that's just a switch config
vconfig add eth1 3 # add vlan 3
vconfig add eth0 2

ifconfig vlan1 up
ifconfig vlan2 up
ifconfig vlan3 up

#bridge config

brctl addif br0 vlan1
brctl addif br1 vlan3
brctl addif br0 eth1

#wan service restart
(stopservice wan;startservice wan) 2>&1 | logger -t startup[$$]
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 933
Location: Appalachian mountains, USA

PostPosted: Mon May 18, 2020 17:32    Post subject: Reply with quote
LearnDev wrote:
Finally it worked but with another issue, I am not able to receive dynamic IP address from the first three ports nor wan connection, please see the code on the startup:

What I suggested above was my complete setup. No other ifconfig or brctl commands were needed (and your brctl to add vlan1 to br0 seems to not work anyway). So just to have a starting point... what happens if you delete the red bits (including the "t" in the third swconfig command) and just try a minimal approach? I initially had more there, similar to you, but TheDude1864 explained (VLANs thread in my sig) how to do without much of it and go for the simpler path I'm suggesting. It even allowed me to skip restarting the wan service! And leaving stuff out turned out to have an important side benefit: it eliminated a potential race condition that was quite troublesome.

swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
# Your local network - eth0 br0 and wifis - untagged physical ports 1,2,3
swconfig dev switch0 vlan 1 set ports "6t 1 2 3"
# Wan connection - physical wan and eth0 connection
swconfig dev switch0 vlan 2 set ports "5 4"
# Your neighbors vlan - physical port 4 connected to vlan3
swconfig dev switch0 vlan 3 set ports "6t 0"
swconfig dev switch0 set apply

#vlan config
vconfig set_name_type VLAN_PLUS_VID_NO_PAD

# dont need vlan 1 - that's just a switch config
# dont need vlan 2 - that's just a switch config
vconfig add eth1 3 # add vlan 3
vconfig add eth0 2

ifconfig vlan1 up
ifconfig vlan2 up

ifconfig vlan3 up

#bridge config

brctl addif br0 vlan1
brctl addif br1 vlan3
brctl addif br0 eth1

#wan service restart
(stopservice wan;startservice wan) 2>&1 | logger -t startup[$$]

It's been so long since I've looked at any of this that to say more, I'd have to go back and study my own VLANs thread, so I'll leave that to you if you are inclined. If you do, be sure to digest TheDude1864's contributions, as they were the streamlining factor.

_________________
Five Linksys WRT1900ACSv2's on 42926, 44048
VLANs, multiple VAPs, NAS, client-mode travel router, OpenVPN client/PBR (AirVPN), wireguard/PBR (AzireVPN), two DNSCrypt servers (incl Quad9) routed through OpenVPN.
LearnDev
DD-WRT Novice


Joined: 17 May 2019
Posts: 6

PostPosted: Mon May 18, 2020 17:53    Post subject: Reply with quote
SurprisedItWorks wrote:
LearnDev wrote:
Finally it worked but with another issue, I am not able to receive dynamic IP address from the first three ports nor wan connection, please see the code on the startup:

What I suggested above was my complete setup. No other ifconfig or brctl commands were needed (and your brctl to add vlan1 to br0 seems to not work anyway). So just to have a starting point... what happens if you delete the red bits (including the "t" in the third swconfig command) and just try a minimal approach? I initially had more there, similar to you, but TheDude1864 explained (VLANs thread in my sig) how to do without much of it and go for the simpler path I'm suggesting. It even allowed me to skip restarting the wan service! And leaving stuff out turned out to have an important side benefit: it eliminated a potential race condition that was quite troublesome.

swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
# Your local network - eth0 br0 and wifis - untagged physical ports 1,2,3
swconfig dev switch0 vlan 1 set ports "6t 1 2 3"
# Wan connection - physical wan and eth0 connection
swconfig dev switch0 vlan 2 set ports "5 4"
# Your neighbors vlan - physical port 4 connected to vlan3
swconfig dev switch0 vlan 3 set ports "6t 0"
swconfig dev switch0 set apply

#vlan config
vconfig set_name_type VLAN_PLUS_VID_NO_PAD

# dont need vlan 1 - that's just a switch config
# dont need vlan 2 - that's just a switch config
vconfig add eth1 3 # add vlan 3
vconfig add eth0 2

ifconfig vlan1 up
ifconfig vlan2 up

ifconfig vlan3 up

#bridge config

brctl addif br0 vlan1
brctl addif br1 vlan3
brctl addif br0 eth1

#wan service restart
(stopservice wan;startservice wan) 2>&1 | logger -t startup[$$]

It's been so long since I've looked at any of this that to say more, I'd have to go back and study my own VLANs thread, so I'll leave that to you if you are inclined. If you do, be sure to digest TheDude1864's contributions, as they were the streamlining factor.


I really appreciate your help (You and TheDude1864)Thank you very much, it is working perfectly now!
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.) All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum