How to configure VLANs between LANs

Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware
Goto page Previous  1, 2, 3, 4  Next
Author Message
Fedex03
DD-WRT User


Joined: 18 Nov 2010
Posts: 89
Location: Italy

PostPosted: Mon Aug 01, 2022 6:24    Post subject: Reply with quote
Per Yngve Berg wrote:
There is no interface eth1.10 on newer builds. It has changed to vlan10


I know I have an older version and last friday I upted to the 27/07/2022 build but there was an issue with the VPN so I must roolback to my previous build (otherwise no internet at home).

Which change I should make to my startup commands to be compliant with newer build?

Thank you!
Sponsor
dale_gribble39
DD-WRT Guru


Joined: 11 Jun 2022
Posts: 1899

PostPosted: Mon Aug 01, 2022 12:35    Post subject: Reply with quote
Wouldn't it be more logical to fix the VPN issue with the current release and apply the advice given for VLANs after? It seems to me that you've already been given advice for the VLANs that applies to current releases, but what is holding you up is the VPN issue, which could be something really simple if you discussed that problem and rendered a resolution for that and then proceeded to get the VLANs situation resolved.
_________________
"The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost

"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio

<fact>code knows no gender</fact>

This is me, knowing I've ruffled your feathers, and not giving a ****
Some people are still hard-headed.

--------------------------------------
Mac Pro (Mid 2012) - Two 2.4GHz 6-Core Intel Xeon E5645 processors 64GB 1333MHz DDR3 ECC SDRAM OpenSUSE Leap 15.5
Fedex03
DD-WRT User


Joined: 18 Nov 2010
Posts: 89
Location: Italy

PostPosted: Mon Aug 01, 2022 13:19    Post subject: Reply with quote
dale_gribble39 wrote:
Wouldn't it be more logical to fix the VPN issue with the current release and apply the advice given for VLANs after? It seems to me that you've already been given advice for the VLANs that applies to current releases, but what is holding you up is the VPN issue, which could be something really simple if you discussed that problem and rendered a resolution for that and then proceeded to get the VLANs situation resolved.


dale_gribble39 wrote:
Wouldn't it be more logical to fix the VPN issue with the current release and apply the advice given for VLANs after? It seems to me that you've already been given advice for the VLANs that applies to current releases, but what is holding you up is the VPN issue, which could be something really simple if you discussed that problem and rendered a resolution for that and then proceeded to get the VLANs situation resolved.


Hi,

let me clarify all things: until today with my current build DD-WRT v3.0-r44467 std (09/24/2020) everything works.
* VLANs works,
* VPN Client works,
* VPN Server works.

Now, with the same buils, I want to made a trunk between my router and my Mikrotik AP(VLAN1 and VLAN10).

I think I have all configured everything but I cannot create two virtual AP on my Mikrotik (one for VLAN1 and one for VLAN10).

I wnato to fix this VLAN issue with the current buils and after that move to a new build.


My only problem is to verify that port 2 and 3 of my R7800 transport my two VLNAs.
dale_gribble39
DD-WRT Guru


Joined: 11 Jun 2022
Posts: 1899

PostPosted: Mon Aug 01, 2022 17:13    Post subject: Reply with quote
I probably copied these out of order, but you've already been given expert advice on how to configure VLANs, and you should be running a current release. There has to be a language barrier involved here.
Per Yngve Berg wrote:
On the switch, the port is set to tagged marked with a T for the VLAN. You can do that with a port for several VLANs.

Per Yngve Berg wrote:
To make a tagged trunk on port 1, add port "1t" to the vlan.

Per Yngve Berg wrote:
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1t 2 3 4 6"
swconfig dev switch0 vlan 10 set ports "1t 6t"
swconfig dev switch0 set apply


On newer builds, the interface name is no longer eth1.10, but vlan10

Per Yngve Berg wrote:
Fedex03 wrote:
vconfig add eth1 10
brctl addif br1 eth1.10
ifconfig eth1.10 up


Not sure if you need these. It can be done on the Networking tab in the GUI.

The interface names has also changed. I am currently on build 49492.

Per Yngve Berg wrote:
You must enable vlan on the switch


swconfig dev switch0 set enable_vlan 1

Per Yngve Berg wrote:
When you remove the 3 last lines, you should see interfaces vlan1 and vlan10 in Setup->Networking in the GUI.

Per Yngve Berg wrote:
Unbridge or assign to a bridge, add a dhcp server etc.

Per Yngve Berg wrote:
Tagging is done by adding 't' to the port as you have done.

Is the interfaces vlan1 and vlan10 member of a bridge?

Firewall rules have to reference the bridge for bridged interfaces.

Is the swconfig commands added to the startup script?

Per Yngve Berg wrote:
There is no interface eth1.10 on newer builds. It has changed to vlan10

_________________
"The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost

"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio

<fact>code knows no gender</fact>

This is me, knowing I've ruffled your feathers, and not giving a ****
Some people are still hard-headed.

--------------------------------------
Mac Pro (Mid 2012) - Two 2.4GHz 6-Core Intel Xeon E5645 processors 64GB 1333MHz DDR3 ECC SDRAM OpenSUSE Leap 15.5
Fedex03
DD-WRT User


Joined: 18 Nov 2010
Posts: 89
Location: Italy

PostPosted: Wed Aug 03, 2022 17:31    Post subject: Reply with quote
Hi there,

thank you @dale_gribble39 for the recap.

I updated to a more recent build (DD-WRT v3.0-r49492 std (07/14/22).

And I wanto to set my previous setup without my Tagged Port only:
* Private network on Ethernet Port 1.
* IoT network on Ethernet Port 4.

I followed the instruction of Per Yngve Berg and I updated the Startup command to:
Code:

swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "2 3 4 6"
swconfig dev switch0 vlan 10 set ports "1 6t"
swconfig dev switch0 set apply


But in that case VLAN10 does not appears into the Network session.

After that added again the missing lines:

Code:

swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "2 3 4 6"
swconfig dev switch0 vlan 10 set ports "1 6t"
swconfig dev switch0 set apply
vconfig add eth1 10
brctl addif br1 vlan10
ifconfig vlan10 up


Changing eth1.10 to vlan10, and the VLAN appears into the bridges drop down menu.

As you can see into the attached screenshot, the VLAN10 is associated to eth1.10 but if I attach this interface to br1, the interface eth1.10 does not appears into the "Current Bridging Table".
Only my Virtual APs appear into the "Current Bridging Table".

Is it correct to use vlan10 instead of eth1.10?

Thanks for the help.
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6856
Location: Romerike, Norway

PostPosted: Wed Aug 03, 2022 19:50    Post subject: Reply with quote
Did you enter the Networking tab after the swconfig commands had run?
userrox
DD-WRT Novice


Joined: 11 May 2019
Posts: 16

PostPosted: Thu Aug 04, 2022 4:31    Post subject: Reply with quote
I believe I have a similar VLAN configuration on my R7800 to what you described previously as your desired solution for APs in your attic. I am running r49418. I have a single LAN port (port 1) on the R7800 configured as a trunk with "1t" carrying four VLANS to an Archer C7 V2 configured with multiple virtual APs for guest, IoT etc. Here are the startup commands I use on the R7800:-
Code:

swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1t 6"
swconfig dev switch0 vlan 5 set ports "1t 2 3 4 6t"
swconfig dev switch0 vlan 7 set ports "1t 6t"
swconfig dev switch0 vlan 9 set ports "1t 6t"
swconfig dev switch0 set apply
sleep 2
vconfig add eth1 5
vconfig add eth1 7
vconfig add eth1 9
brctl addif br1 eth1.5
brctl addif br2 eth1.7
brctl addif br3 eth1.9
ifconfig eth1.5 up
ifconfig eth1.7 up
ifconfig eth1.9 up
ifconfig eth1 up


The sleep and final 'eth1 up' are probably not required.

In the setup, networking screen it displays the current bridging tables as:-


Bridge Name STP Interface
br0 no eth1 wlan0 wlan1
br1 no eth1.5 wlan0.2 wlan1.2
br2 no eth1.7 wlan0.3 wlan1.3
br3 no eth1.9 wlan0.1 wlan1.1

I can select eth1.5, 7, 9 from the Interface drop down in the networking screen. Hope that helps
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Thu Aug 04, 2022 6:26    Post subject: Reply with quote
userrox you havent done reset probably and the new functions are not triggered...your router still on the old way of Vlan...with eth1.10 instead of vlan 10...to be honest, with no reset for a while... my R7800 is still like that...
_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Fedex03
DD-WRT User


Joined: 18 Nov 2010
Posts: 89
Location: Italy

PostPosted: Fri Aug 05, 2022 16:37    Post subject: Reply with quote
Alozaros wrote:
userrox you havent done reset probably and the new functions are not triggered...your router still on the old way of Vlan...with eth1.10 instead of vlan 10...to be honest, with no reset for a while... my R7800 is still like that...


Hi,

after the build update, I performed a reset via GUI (Administration-->Factory Defaults) and I followed your instructions.

I changed my startup commands as below:
Code:

swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "2 3 4 6"
swconfig dev switch0 vlan 10 set ports "1 6t"
swconfig dev switch0 set apply
vconfig add vlan 10
brctl addif br1 vlan 10
ifconfig vlan 10 up


but the VLAN10 does not appear into "assign bridge" section (see attached image).
If I use eth1.10, the vlan interface appears into the bridge br1.

Is my startup commands right?

Thanks for the help,
Federico
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6856
Location: Romerike, Norway

PostPosted: Fri Aug 05, 2022 20:11    Post subject: Reply with quote
The interfaces are not showing up. Did you reboot the router after putting the swconfig commands in the startup script?
Fedex03
DD-WRT User


Joined: 18 Nov 2010
Posts: 89
Location: Italy

PostPosted: Fri Aug 05, 2022 20:14    Post subject: Reply with quote
Per Yngve Berg wrote:
The interfaces are not showing up. Did you reboot the router after putting the swconfig commands in the startup script?


Yes, everytine I modify the switch configuration, I reboot the router via the interface.
mac913
DD-WRT Guru


Joined: 02 May 2008
Posts: 1848
Location: Canada

PostPosted: Fri Aug 05, 2022 23:33    Post subject: Reply with quote
Fedex03 wrote:
Alozaros wrote:
userrox you havent done reset probably and the new functions are not triggered...your router still on the old way of Vlan...with eth1.10 instead of vlan 10...to be honest, with no reset for a while... my R7800 is still like that...


Hi,

after the build update, I performed a reset via GUI (Administration-->Factory Defaults) and I followed your instructions.

I changed my startup commands as below:
Code:

swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "2 3 4 6"
swconfig dev switch0 vlan 10 set ports "1 6t"
swconfig dev switch0 set apply
vconfig add vlan 10
brctl addif br1 vlan 10
ifconfig vlan 10 up


but the VLAN10 does not appear into "assign bridge" section (see attached image).
If I use eth1.10, the vlan interface appears into the bridge br1.

Is my startup commands right?

Thanks for the help,
Federico


Try This, I have R7800s. It similar to my configuration BUT I don't use vlan1 on the r7800 LAN switch and only set VLAN1 to ports 6. I leave VLAN1 as a local device VLAN and use other VLANs like 3,4,5 etc on my whole network of routers and switches.

CORRECTION for your setup with vlan1...

Code:

# Configure VLANs **only on vlan1 port 6 (processor) is not tagged**
# eth1.10 is VLAN10
swconfig dev switch0 vlan 1 set ports "2 3 4 6"
swconfig dev switch0 vlan 10 set ports "1 6t"
swconfig dev switch0 set apply
vconfig add eth1 10
ifconfig eth1.10 up
brctl addif br1 eth1.10

_________________
Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9

Off Site 1

R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4

Off Site 2

R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531


YAMon 3.4.6 | DNSCrypt-Proxy V2
bryanh99
DD-WRT Novice


Joined: 30 Aug 2018
Posts: 20

PostPosted: Wed Aug 17, 2022 16:30    Post subject: question about eth1.3 vs vlan3 Reply with quote
I keep reading that eth1.3 would no longer be available and to use vlan3 and this confuses me. I have an r7800 running r49492 and I have the following in my startup

swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "3 4 6"
swconfig dev switch0 vlan 3 set ports "1 2 6t"
swconfig dev switch0 set apply
vconfig add eth1 3
brctl addif br1 eth1.3
ifconfig eth1.3 up

and it works perfectly and as expected. The eth1.3 shows up in the network tab under "interface setup" and it shows up in the drop downs of the "Assign to bridge" section.

Should it?
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Wed Aug 17, 2022 16:58    Post subject: Re: question about eth1.3 vs vlan3 Reply with quote
bryanh99 wrote:
I keep reading that eth1.3 would no longer be available and to use vlan3 and this confuses me. I have an r7800 running r49492 and I have the following in my startup

swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "3 4 6"
swconfig dev switch0 vlan 3 set ports "1 2 6t"
swconfig dev switch0 set apply
vconfig add eth1 3
brctl addif br1 eth1.3
ifconfig eth1.3 up

and it works perfectly and as expected. The eth1.3 shows up in the network tab under "interface setup" and it shows up in the drop downs of the "Assign to bridge" section.

Should it?


Yes this is a source of confusion.

If you use the GUI (most Broadccom routers can use the GUI) to setup VLAN's then the VLANS are named as vlanX

But this is from my notes about the GUI and R7800:
Quote:
So what ever happens DO NOT TOUCH the Switch Config tab (not after and not before midnight!)

So you cannot use the GUI but do it manually and then you use the default naming which is ethx.x

But if you add to your script (and I am doing it to be more consistent with GUI setups (e.g. Broadcom):
Code:
vconfig set_name_type VLAN_PLUS_VID_NO_PAD

then the interfaces are named vlanx and you can address eth1.3 as vlan3 see: https://ixnfo.com/en/configuring-vlans-in-ubuntu.html

For completeness I have attached my notes, it took me some time to set this up as I am far from a VLAN expert

But that project is shelved as I am working with @eibgrad on an OpenVPN client import utility to setup an OpenVPN client with two clicks of the mouse now running in beta test Smile

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Fedex03
DD-WRT User


Joined: 18 Nov 2010
Posts: 89
Location: Italy

PostPosted: Tue Sep 20, 2022 6:40    Post subject: Reply with quote
Hi there,

sorry for the delay but I was on holiday and after that I was very busy at work.

Thank you @ecg for your guide about VLAN, I red it all!

I start with a new build (DD-WRT v3.0-r49934 std (08/28/22)), reset the router and then I configured everytihng manually.

This is my Startup Script

Code:
# Enable VLANs
swconfig dev switch0 set enable_vlan 1

swconfig dev switch0 vlan 1 set ports "4 6"
swconfig dev switch0 vlan 4 set ports "2t 3t 6t"
swconfig dev switch0 vlan 10 set ports "1 2t 3t 6t"
swconfig dev switch0 set apply

# if you use this then you can address eth1.3 as vlan3 see: https://ixnfo.com/en/configuring-vlans-in-ubuntu.html
vconfig set_name_type VLAN_PLUS_VID_NO_PAD

vconfig add eth1 4
## you can also use the GUI to add eth1.3 to br1 for better overview
ifconfig vlan4 up
brctl addif br0 vlan4

vconfig add eth1 10
## you can also use the GUI to add eth1.3 to br1 for better overview
ifconfig vlan10 up
brctl addif br1 vlan10


Just to recap:
- VLAN10: is the IoT Network 192.168.10.4
- VLAN4: I added this VLAN, bridged to BR0 (that is my private network) in order to have a specific VLAN ID (to be mapped into my Access Point).

Below you can find my Bridge configuration.

On my Unify AP (connnected to port 2), I added two networks, one for VLAN4 and one for VLAN10 but the devices didn't get the IP address. On each VLAN, is the bridge DHCP used or I should enable something?

Thanks in advance for your help!

Best Regards,
Federico
Goto page Previous  1, 2, 3, 4  Next Display posts from previous:    Page 3 of 4
Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum