VLANs On Ralink / MediaTek Devices How-To

Post new topic   Reply to topic    DD-WRT Forum Index -> Ralink SoC based Hardware
Author Message
jefbuan
DD-WRT Novice


Joined: 18 May 2011
Posts: 18

PostPosted: Sat May 09, 2020 16:09    Post subject: VLANs On Ralink / MediaTek Devices How-To Reply with quote
anyone who wants to enable vlan on our router here's my start up script :

Quote:
swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "6t 1 2 3 4"
swconfig dev switch0 vlan 10 set ports "6t 0 4t"
vconfig set_name_type VLAN_PLUS_VID_NO_PAD
swconfig dev switch0 set apply
vconfig add eth0 10
ifconfig vlan10 up
brctl delif br0 ra1
brctl addbr br1
brctl addif br1 ra1
brctl addif br1 vlan10
brctl addif br1 rai1
ifconfig br1 up
ifconfig br1 172.26.10.254 netmask 255.255.255.0
iptables -I INPUT -i br1 -p tcp --dport 80 -j REJECT


on swconfig , 4 is our wan port and 3,2,1,0 goes to our lan ports ,so I made my wan port as my trunk vlan going to pfsense.tagged vlan 10 and untagged vlan1 . 0 is the last physical lan port so and I set it to vlan 10 .

Mod edit 10.27.23: Changed title in preparation to add updated content. -kp69


Last edited by jefbuan on Mon Aug 10, 2020 11:42; edited 3 times in total
Sponsor
canabal
DD-WRT Novice


Joined: 08 Dec 2009
Posts: 5

PostPosted: Sat Jun 13, 2020 16:53    Post subject: Re: vlan trunking Reply with quote
Thank you for posting this, I am going to need to try this out. Are you using this to send to one or more Wireless SSIDs also? If you are, can you share how the SSIDs are setup with bridging etc. I cannot seem to find any info for Ralink based hardware to bridge VLANs to WLANs, and anything I have tried has not been functional.

Also, what is the 6t referring to? Would this be the "CPU Port" on your router (I believe mine is port 5, so just trying to be sure).
canabal
DD-WRT Novice


Joined: 08 Dec 2009
Posts: 5

PostPosted: Sun Jun 14, 2020 2:17    Post subject: Reply with quote
Ok, so I gave this a shot, and thanks to what you put together, I was able to make it work, without your info, I would not have been able to, so thank you.

Mine is slightly different, as I wanted three total WLANs, so I split it up as follows.

In commands 3-5, I changed 0 to untagged for VLAN 1, and added the other VLANs as tagged on port 0 (physical port 4 on my device).

Quote:
swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "6t 0 1 2 3 4"
swconfig dev switch0 vlan 5 set ports "6t 0t 4t"
swconfig dev switch0 vlan 10 set ports "6t 0t 4t"
vconfig set_name_type VLAN_PLUS_VID_NO_PAD
swconfig dev switch0 set apply
vconfig add eth0 5
vconfig add eth0 10
ifconfig vlan5 up
ifconfig vlan10 up
brctl delif br0 ra1
brctl addbr br1
brctl addif br1 ra1
brctl addif br1 vlan5
brctl addif br1 rai1
brctl addbr br2
brctl addif br2 ra2
brctl addif br2 vlan10
brctl addif br2 rai2
ifconfig br1 up
ifconfig br1 172.16.10.254 netmask 255.255.255.0
ifconfig br2 up
ifconfig br2 172.16.11.254 netmask 255.255.255.0
iptables -I INPUT -i br1 -p tcp --dport 80 -j REJECT
iptables -I INPUT -i br2 -p tcp --dport 80 -j REJECT



In order to get it work for wireless, I then had to create a couple "virtual APs", after which I had to reboot (or they would not show in the next step).
Next, I assigned the br1 to the ath0.1 and ath 1.1, and br2 to the ath0.2 and 1.2. Then I was good to go, and the traffic began to route through.
jefbuan
DD-WRT Novice


Joined: 18 May 2011
Posts: 18

PostPosted: Mon Jun 15, 2020 9:10    Post subject: Reply with quote
Hi glad it did work on your device..currently I have 4 vlans now (trusted LAN , IOT,VOIP and GUEST) and each VLANS has 2 VAPs (2.4/5G) bridged and working great..

here's my current start up script

Code:
swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "6t 1 2 3 4"
swconfig dev switch0 vlan 10 set ports "6t 0 4t"
swconfig dev switch0 vlan 11 set ports "6t 4t"
swconfig dev switch0 vlan 100 set ports "6t 4t"
vconfig set_name_type VLAN_PLUS_VID_NO_PAD
swconfig dev switch0 set apply
vconfig add eth0 10
vconfig add eth0 100
vconfig add eth0 11
ifconfig vlan10 up
ifconfig vlan100 up
ifconfig vlan11 up
brctl delif br0 ra1
brctl delif br0 ra2
brctl delif br0 rai2
brctl addbr br1
brctl addif br1 ra1
brctl addif br1 vlan10
brctl addif br1 rai1
ifconfig br1 up
ifconfig br1 172.26.10.254 netmask 255.255.255.0
brctl addbr br2
brctl addif br2 vlan100
brctl addif br2 ra2
brctl addif br2 rai2
ifconfig br2 up
ifconfig br1 192.168.0.62 netmask 255.255.255.192
iptables -I INPUT -i br1 -p tcp --dport 80 -j REJECT
iptables -I INPUT -i br2 -p tcp --dport 80 -j REJECT
mkdir /mnt/main
mount /dev/sda1 /mnt/main
mount -o bind /mnt/main /opt
/opt/etc/init.d/S81aria2 start
noobensis
DD-WRT Novice


Joined: 12 Apr 2021
Posts: 4

PostPosted: Tue Mar 08, 2022 18:57    Post subject: Reply with quote
I have to admit, i am a bit stuck. I mean i have defined 3 dhcp servers on 2 vlans and they seem to work apart from the fact that my WiFi download is almost dead, as in 2Mb out of 300Mb
I assume i should code like you guys did, but i have no idea how
Could you please help me?


Gromitd90
DD-WRT Novice


Joined: 20 Jan 2016
Posts: 40

PostPosted: Wed Mar 30, 2022 16:20    Post subject: Reply with quote
I recently started playing with VLAN setup on my Netgear WAC124 build (r48432). The WAC is configured as an Access Point so DHCP is disabled. I configured 3 VLANs and 3 VAPs using a similar script to the one posted by @jefbuan (thanks).

For anyone else wanting to do this with a WAC124 the following is the mapping of the internal port numbers to the ports as labeled on the back of the unit:

Internal Unit label
0 4
1 3
2 2
3 1
4 WAN

6 is the internal CPU port.

I also wanted to pass on something I read over on the BroadCom board regarding startup scripts. Thanks to @the-Joker.

A startup script is only run at startup (sounds obvious) but what is not obvious is that settings made in that script can (and in my case were) reset if you make any changes anywhere else and press Apply Changes. So in my case VAPs that had been removed from br0 to other bridges were being reassigned to br0 on an Apply Changes operation. Things would go back to normal after a reboot.

The workaround for this is to Save the script to the Firewall instead of Startup. It still runs at Startup but is also rerun after applying changes elsewhere.

Mike
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Wed Mar 30, 2022 17:53    Post subject: Reply with quote
YW =), That little trick of saving scripts as firewall (for that reason), was imparted by egc, so in good form, we pass it forward. Wink
_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Ralink SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum