I had mentioned noticing something similar in another thread. However, as indicated to me, nvram variables/configuration should only be used with Broadcom devices.
For most cases, though, the webUI method should still be more functional on Broadcom than other platforms. Others may give further data to support this (or not). _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
@matjazk, this was directed at you: Well thanks to you I have both the nvram and swconfig vlan settings back to what they should be. Now I just have to find a tutorial showing how to configure vlans using swconfig. I saw mention of an r7800 vlan tutorial by ecg but haven't found it yet. I really appreciate your input.
@sumbuddie, this was for you: Thanks for that. Won't be touching that page anymore. Is there a tutorial available with the necessary swconfig commands?
@dale_gribble39: Thanks for the links. I had read through both of them previously. In the first one the only mention of swconfig was regarding Broadcom, and the second had lots of info, but I couldn’t see anything about setting up a new vlan from scratch. All I want to do at this point is use swconfig to add a new vlan I can and connect an ethernet cable to. Thanks again.
swconfig dev switch0 vlan 3 set ports "4"
swconfig dev switch0 set apply
Rebooted and hoped to assign vlan 3 to a new bridge on the Networking page but the new vlan isn't there. Did I add the vlan incorrectly or is the r7800 Networking page not to be used for this either?
Joined: 16 Nov 2015 Posts: 6436 Location: UK, London, just across the river..
Posted: Sat Feb 04, 2023 9:07 Post subject:
Back in the days there was no guide about it...lots of try's and errors i had to do, to find out what is what...and where..
As routers could have a different switch you have to start with output of the
swconfig dev switch0 show command to be able to find the switch ports layout than according to this output you set your start up script
DO NOT USE swconfig page on R7800 where you can set vlans via GUI... as it may produce bad results...
Than i used this thread to organise the swconfig commands...for start up script...
it is a messy but all its there...you may need to do some try's and err's to find out...
and this one could help you out, where i recently posted about vlan's too..
Joined: 13 Aug 2013 Posts: 6866 Location: Romerike, Norway
Posted: Sat Feb 04, 2023 12:22 Post subject:
Switch ports on a R7800:
Port 0: eth0
Port 6: eth1
Port 5: WAN
Port 1-4: LAN
The switch config tab in the GUI work 90% except for the WAN port it will not connect to Port 0.
Example:
swconfig dev switch0 enable vlan 1
swconfig dev switch0 vlan 2 set ports "5 0"
swconfig dev switch0 vlan 3 set ports "1 4t 6t"
swconfig dev switch0 vlan 1 set ports "2 3 4t 6t"
swconfig dev switch0 set apply
Joined: 16 Nov 2015 Posts: 6436 Location: UK, London, just across the river..
Posted: Sat Feb 04, 2023 13:55 Post subject:
"Note that the processor port(CPU) is the switch port6, and switch port5 is the WAN" --- well... those are not my words... in order to make those work port 6 is CPU must be added to the new vlans, also needs to be tagged as 6t
Guidance from Per Yngve Berg, Alzaros, DWCruiser, sweatbee, kernel-panic69, dale_gribble39, matjazk, sumbuddie and Dan Brown got this done.
Saved Startup Commands:
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1 2 6"
swconfig dev switch0 vlan 3 set ports "3 4 6t"
swconfig dev switch0 set apply
vconfig add eth1 3
brctl addif br1 eth1.3
ifconfig eth1.3 up
The only thing I did differently from sweatbees config at https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1136389#1136389 was change his eth1 config in Setup/Networking to Default, and add those settings to br1 on the same page. Before that change I was unable to connect to the new wifi.
Do I need any additional firewall config for vlan3?
Then edited Startup Commands to incorporate Per Yngve Berg recommendation.
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 2 set ports "5 0"
swconfig dev switch0 vlan 3 set ports "1 4t 6t"
swconfig dev switch0 vlan 1 set ports "2 3 4t 6t"
swconfig dev switch0 set apply
vconfig add eth1 3
brctl addif br1 eth1.3
ifconfig eth1.3 up
Joined: 15 Aug 2016 Posts: 223 Location: Melbourne, Australia
Posted: Mon Feb 06, 2023 19:26 Post subject:
As bridge connects and combines more than one (layer 2) interface into one single network, i see no advantage in creating bridge1 just for eth1.3 alone (i.e. VLAN3). After all, VLAN (i.e. for separating network) is kinda opposite to bridging (i.e. linking networks together). (*)
So brctl addif br1 eth1.3 is not really needed.
Lastly, by selecting 'Unbridged' and 'Network Isolation' options, VLAN3 is effectively shielded from the rest of your network in terms of broadcasting and communication. In addition to that, whatever your router's overall firewall would apply to VLAN3 the same way, as it would to the rest of your network. _________________ Life is a journey; travel alone makes it less enjoyable and lonely.
Re "brctl addif br1 eth1.3 is not really needed."
I included that after reading another post discussing how to create a new eth1.3 plus bridging which was (I thought) to allow wifi to be configured. So I deleted brctl addif br1 eth1.3 from the Startup Commands, deleted the bridging in the GUI, unbridged eth1.3 and added the new IP there. Then went to Multiple DHCP Servers, selected eth1.3 in Interface and saved. Do I have it right now?
Re "Lastly, by selecting 'Unbridged' and 'Network Isolation' options, VLAN3 is effectively shielded from the rest of your network in terms of broadcasting and communication."
I do want the new vlan to be isolated from the rest of the network.
Re "In addition to that, whatever your router's overall firewall would apply to VLAN3 the same way, as it would to the rest of your network."
Great! I thought that would be the case but also thought it would be best to ask the pros.
So now my Startup Commands are:
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 2 set ports "5 0"
swconfig dev switch0 vlan 3 set ports "1 4t 6t"
swconfig dev switch0 vlan 1 set ports "2 3 4t 6t"
swconfig dev switch0 set apply
vconfig add eth1 3
ifconfig eth1.3 up
If I want to add a vlan 4 using port 2, would the vlan1 command change to:
swconfig dev switch0 vlan 1 set ports "3 4t 6t"
and then add
swconfig dev switch0 vlan 4 set ports "2 4t 6t"?
Joined: 15 Aug 2016 Posts: 223 Location: Melbourne, Australia
Posted: Tue Feb 07, 2023 2:26 Post subject:
VLAN is one of the most confusing aspects of networking. My personal experience.
Added to that, different internal wiring of the switch of each router model makes it more so. As a result, the commands are slightly different, from model to model.
For example, as noted by @Alozeros earlier, R7800 has the Switch port# in opposite direction to Ethernet port# (as labelled on router case).
Switch port1 = Ethernet port4
Swtport2 = Eport3
Swtport3 = Eport2
Swtport4 = Eport1
(Methinks Netgear engineers want to discourage people from studying their gears in depth! )
Back to your case. Wifi (2.4GHz, 5GHz and vAPs), of Netgear R7800 work fine on their own. No need for bridging unless you want to combine into one network. But if you specify any Wifi as 'Unbridged', you need to add its IP scheme and DHCP under Networking tab (from my memory) for it to work properly. Note: As a good practice, i normally to use a VLAN# higher than 5 to avoid any potential clash with built-in one.
Here are some examples specific to R7800:
Example 1: Setting up one vlan (VLAN10) for Swtport 1.
swconfig dev switch0 set enable_vlan 1
# swconfig dev switch0 vlan 2 set ports "5 0" ->don't need this.
swconfig dev switch0 vlan 1 set ports "2 3 4 6t"
# Above CLI means any port listed in VLAN1 shares the same router’s network. Port 6 is tagged (t).
swconfig dev switch0 vlan 10 set ports "1 6t"
# Swtport 1 (i.e. Eport4) is placed in VLAN 10
swconfig dev switch0 set apply
vconfig add eth1 10
ifconfig eth1.10 up
Example 2: setting up one vlan (VLAN10) of Swtport1 & Swtport4
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports “2 3 6t"
swconfig dev switch0 vlan 10 set ports "1 4 6t"
# device plugged into either Eport4 or Eport1 will be in same network.
swconfig dev switch0 set apply
vconfig add eth1 10
ifconfig eth1.10 up
Example 3: setting up two separate vlans (VLAN10 & 11) for Swtport1 & Swtport3
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports “2 4 6t"
swconfig dev switch0 vlan 10 set ports "1 6t"
swconfig dev switch0 vlan 11 set ports "3 6t"
swconfig dev switch0 set apply
vconfig add eth1 10
vconfig add eth1 11
ifconfig eth1.10 up
ifconfig eth1.11 up
Lastly, unless Swtport4 (i.e. Eport1) is connected to a managed switch, it needs not to be tagged (i.e. with a t).
Hope this helps. _________________ Life is a journey; travel alone makes it less enjoyable and lonely.
)