Posted: Sat Jun 10, 2017 18:40 Post subject: Need Swconfig / Nvram VLAN help WRT3200ACM
I am a noob to swconfig. There is not a lot of great guides out there but a mishmash of snippets of information.
I am currently running brainslayers r32237 (which I just read he has a newer one which I will probably upgrade to) on the WRT3200ACM.
I am trying to use Swconfig to set up three Vlans on the WRT3200ACM.
My current understanding is the router has a default vlan 1 with vid 1. I want to assign this what’s labeled port 0 in swconfig.
I also want to then create a Vlan 2 and assign it what swconfig lists as port 1. I also want to add Virtual wireless Interfaces ath0.1 (unbridged 5 Ghz/802.11ac) and virtual wirelesses interface ath1.1 (unbridged 2.4Ghz) which I created in the GUI.
Finally I then want to create Vlan 3 and assign it ports that are listed in swconfig as port 2 and port 3. I also want to add the virtual wireless interface ath0.2 (unbridged 5 Ghz/802.11ac) and ath1.2 (unbridged 2.4Ghz) which I created in the GUI.
I can get the virtual interfaces to work (haven't assigned them to vlans yet).
But swconfig I can only seem to get the vlans to partially work and only if I put it in a startup script under the command section in the GUI. I say partially because when I try to setup the above with a startup script, my ethernet connections can’t connect but get stuck in connecting mode before it times out. But I can access the router wirelessly and run swconfig in telnet which shows:
This I believe shows the correct configuration I am trying to set up. The ethernet just won’t connect. Here is just one of many start -up scripts I tried:
swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set vid 1
swconfig dev switch0 vlan 2 set vid 2
swconfig dev switch0 vlan 3 set vid 3
swconfig dev switch0 vlan 1 set ports "5t 0"
swconfig dev switch0 vlan 2 set ports "5t 1"
swconfig dev switch0 vlan 3 set ports "5t 2 3"
swconfig dev switch0 set apply
ifconfig eth0 up
ifconfig eth1 up
1. Any idea why my Ethernet connections cannot connect to the router?
2. Also what does this attribute mean under vlans in "swconfig dev switch0 help"
??? Is it linked to “port_based: 0” under the Vlans in the first output I previously posted above?
3 . If the above vlaning can be made to work somehow do I then need to tag the wireless interfaces in the gui under “Vlan taging” under the networking tab and how exactly do I configure that?
4. Do I need to add more to the startup script are can continue to do the rest in the GUI.
5. Finally, I also have a question about port 6 I posted on this thread.
I know these are probably really basic questions and just request your patience, I just don’t really know a lot about this stuff.
-Chan
*UPDATE* 8.20.2017
Using the NVRAM utility instead of Swconfig utility got me pretty far. The only remaining problem I have is to get ethernet connections to have the proper ip address that's in the range assingned to the different bridges that the VLANs are in.
Also on page two of this thread I posted "resources" with useful links for anyone new who wants to get up to speed on this.
Last edited by Gigabitten on Sun Aug 20, 2017 19:57; edited 3 times in total
So I am starting to believe swconfig port 5 on the 3200ACM is a cpu port for the WAN and swconfig port 6 is a cpu port for the LAN. With that in mind I tagged port 5 in the default vlan for the Wan with the wan port (port 4) and port 6 in my regular vlans. ( I changed slightly my original vlan configuration for testing purposes).
Here is my latest test start up script which I believe to be theoretically sound and correct:
Code:
swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set vid 100
swconfig dev switch0 vlan 2 set vid 2
swconfig dev switch0 vlan 3 set vid 3
swconfig dev switch0 vlan 1 set ports "4 5t"
swconfig dev switch0 vlan 2 set ports "0 6t"
swconfig dev switch0 vlan 3 set ports "1 2 3 6t"
swconfig dev switch0 set apply
ifconfig eth0 up
ifconfig eth1 up
vconfig set_name_type VLAN_PLUS_VID_NO_PAD
vconfig add eth0 100
vconfig add eth1 2
vconfig add eth1 3
ifconfig vlan 1 up
ifconfig vlan 2 up
ifconfig vlan 3 up
Still ethernet connection to the router won't work.
Anyone have any ideas why my startup script isn't working?
Joined: 14 Dec 2015 Posts: 774 Location: 127.0.0.1
Posted: Fri Jun 16, 2017 3:46 Post subject:
Try posting this in the Advanced Networking forum, or see if a moderator can move it, would probably get more gurus looking at it. _________________ Tutorial for flashing WRT series WRT Installation,Upgrade & Basic Setup–Cliff Notes
r52242: WRT3200ACM, WRT1200ACv1 & 1 Velop in bridge mode(IoT subnet), r52242 WRT1900ACv1 AP
Velop:2 WHW0101, RE6500, RE9000(AP)
Spectrum - 1000/50
SysLog Watcher 5, New security Onion box coming soon, Fingboxes, PiHoles, NEMS, Cacti, rpisurv
Joined: 14 Dec 2015 Posts: 774 Location: 127.0.0.1
Posted: Fri Jun 16, 2017 5:07 Post subject:
Yes, at times I forget that these units are a different monster than the rest.
I believe they got an answer by BS under the 3200ACM?? thread. _________________ Tutorial for flashing WRT series WRT Installation,Upgrade & Basic Setup–Cliff Notes
r52242: WRT3200ACM, WRT1200ACv1 & 1 Velop in bridge mode(IoT subnet), r52242 WRT1900ACv1 AP
Velop:2 WHW0101, RE6500, RE9000(AP)
Spectrum - 1000/50
SysLog Watcher 5, New security Onion box coming soon, Fingboxes, PiHoles, NEMS, Cacti, rpisurv
Okay for testing purposes I reset my router configuration to only default settings and made only the configuration changes you see below
I simplified the switch configuration even more with this start-up script:
Code:
swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 3 set vid 3
swconfig dev switch0 vlan 3 set ports "1t 2t 3t 4t 5t 6t"
swconfig dev switch0 set apply
ifconfig eth0 up
ifconfig eth1 up
vconfig set_name_type VLAN_PLUS_VID_NO_PAD
vconfig add eth1 3
ifconfig vlan3 up
All ethernet ports except swconfig port 0 (external port 4) are in a single vlan, VLAN 3. I added the the Wan port 4 the WAN cpu 6 and the LAN cpu port 5 into the VLAN 3 with tagging on all ports.
Still cannot connect to my router through ethernet cable.
What’s most troubling is I can’t access my router by ethernet to configure it through port 0 which is the one ethernet port I excluded from the VLAN with the idea I would use it to access the router if trouble arose with accessing the router through the VLAN 3 ports.
So through wireless I had to connect to the router and tried the following configuration changes in the GUI:
1. Setup>Networking> Create Bridge >add bridge br1
2. Setup>Networking> Assign to bridge> br1 interface vlan3
3. Setup>Networking>Port Setup >Network Configuration vlan3> (check unbridged) give ip address of 192.168.3.1 and subnet mask 255.255.255.0
4.Setup>Networking>Port Setup >Network Configuration br1> (check unbridged) give ip address of 192.168.3.1 and subnet mask 255.255.255.
5. DHCPD>Multiple DHCP Serve DHCPD>br1 on.
Still ethernet ports don’t work to connect to configure the router. .
I use a similar GUI configuration that works very well with virtual interfaces on the wireless to create what are essentially wireless VLANS (But they don’t have any Ethernet port attached to them which is why I am trying to go full VLAN).
At this point I think it’s not a configuration issue, but a software bug / issue with VLANs (I challenge anyone to post any startup script with a working VLAN for the 3200ACM). It seems to be a problem of communication between the switch and the router as the swconfig shows the correct configuration resulting from the startup script and the workstation recognizing something and tries to connect when the ethernet cable is plugged in .
It’s a shame because the recent builds coming out for the 3200ACM have otherwise been quite excellent.
I am going to post what might be an important observation.
If I run this basic start-up script to enable VLAN on the WRT 3200acm :
Code:
swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
The ethernet connections can't connect to router.
So this is where the problem starts.
I believe in theory all Ethernet connections to the router should still work even with just this script because the ethernet ports are automatically part of the default VLAN which is pvid 0.
But I still can't get ethernet connections to the router when VLANing is enabled.
Since it doesn't seem to be a switch configuration problem but a router problem is there something I have to configure in Nvram and anybody have any ideas on how to do that?
So I've been working under the assumption that the swconfig utility is deprecated and no longer fully functional at least for the r32237 build. The output of Swconfig dev switch0 showed what appeared to be two CPU ports. But Brainslayer said somewhere on this https://www.dd-wrt.com/phpBB2/viewtopic.php?t=304086 that the 3200 acm has the same switch configuration as the WRT1900 which I believe means only ONE CPU.
So I switched to using the nvram utility to configure the switch with Vlans.
I've had Much more success. I got the ethernet connections connected showing they were in the right subnet for the VLan. My only issues was when it came time for ping testing I would unplug my eternet cable in plug it into another ethernet port and it wouldn't connect. I'd have to reset my router and the computer.
I've since upgraded to build r32597. It's worked wonderfully for other issues unrelated to vlaning, but now when I connect my Ethernet cables it seems to bypass the vlan and puts the connection in the default subnet of the router.
My basic procedure for this is after configuring the switch in the nvram utility, is to a create startup script and save it in the GUI. There are basically eight steps in my startup script which are as follows:
1. The startup script first uses ifconfig to assign an ipaddress and netmask to the Vlan that is different than the router default broadcast domain/subnet.
2. Using ifconfig the script then brings the Wan and Lan interfaces up (eth0 and eth1).
3. I than use vfconfig to add vlans to the lan interface.
4 . Next use ifconfig to put the Vlans up.
5. Then I use the brctl utility to create the bridges.
6. Then use ifconfig to assign bridges an ip address with each bridge getting the same ip address as the ip address of the vlan that will be assigned to it (save for the default vlans or vlans I want to go to default bridge 0 such as WAN Vlan which is vlan3 in this setup, which I don't think I need to manually recreate a bridge "0" for or assign) .
7. Using brctl I then add the vlan inferface and the wireless interface to the bridge.
ifconfig vlan4 192.169.6.7 netmask 255.255.255.0
...(there are more vlan ip assignments here which have been omitted)
ifconfig eth0 up
ifconfig eth1 up
vconfig set_name_type VLAN_PLUS_VID_NO_PAD
vconfig add eth1 0
vconfig add eth1 1
vconfig add eth1 2
vconfig add eth1 3
vconfig add eth1 4
ifconfig vlan1 up
ifconfig vlan2 up
ifconfig vlan3 up
ifconfig vlan4 up
brctl addbr br1
brctl addbr br2
brctl addbr br3
brctl addbr br4
brctl addbr br5
...
ifconfig br4 192.169.6.7 netmask 255.255.255.0
… (There are more bridge ip assignment here which have been omitted_)
brctl addif br1 vlan1
brctl addif br1 ath0.1
brctl addif br2 vlan2
brctl addif br2 ath0.2
brctl addif br3 ath1.1
brctl addif br4 vlan4
brctl addif br5 ath1.2
ifconfig br1 up
ifconfig br2 up
ifconfig br3 up
ifconfig br4 up
ifconfig br5 up
The GUI showed the creation of bridges and correct interface bridge assignments but show the bridges and “unbridged’ with no ip address in them so I manually put the ip addresses in the for the bridges as well as for the VLANS from the GUI. I also assigned all the bridges a DHCP server from the GUI under the Multiple DHCP server tab.
Telneting to the router in the CLI
nvram show | grep vlan.*ports
nvram show | grep port.*vlans
nvram show | grep vlan.*hwname
ifconfig -a
brctl show
All show the correct switch and vlan configuration I am going for.
Yet “hostname -I” from the terminal shows an ip address in the subnet of the router.
Any idea why my Ethernet connections seem to pierce right through the VLANS and get assigned an ip from the router ip address /local subnet?
Doesn't this reset the switch? Since you do not add all commands to fully re-configure it, it will not work. There is no commands for vlan1.
I was just enabling vlaning with this script:
Code:
swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
enable_vlan 0 off enable vlan_1 vlaning.
I was just testing to see if my ethernet could connect to my router with vlanning enabled (without putting my configuration in), which I think it should by default because the diagrams of older router show all the ethernet ports in vlan 0 with the Wan port in vlan 1 by default. (can't find a reliable switch /internal router diagram of the 3200 acm)
I am kicking myself. I finally had a mostly working Vlan configuration with the nvram utility..
I got to the point where I was ping testing my firewall configuration and I was annoyed that I had to restart my router when switched the ethernet ports to ping test the firewall between the vlans of each port.
So I upgraded r32597 without writing down my nvram and startup script thinking I'd remember my configuration. Well I can't get it to semi-work and I don't remember the right configuration. .. All I remember is that I used the GUI to assign either the bridges or vlan a dhcp server. The rest steps involved a combination of a startup script or GUI configuration.
Posted: Sun Aug 06, 2017 22:12 Post subject: WRT3200ACM vlans
Hi, just wondering if you ever got vlans working on your WRT3200ACM?
I have the same router and wish to get this functionality working but am not experienced beyond the GUI which is quite limited. I've got 2 bridges, each with independent DHCP, currently eth1 (ethernet ports 1-4) and ath0/1/2 on br0 and ath0.1/1.1/2.1 on br2. I want to use vlans to split eth1 and assign 2 ports to each bridge.
I've succeeded in creating an additional vlan in telnet and reassigning ports accordingly, output:
I can't figure out how to assign the vlans to bridges though, and the GUI still lists only eth0 (I don't want to change the WAN port) and eth1. I can't find a tutorial suitable for Marvell based routers or specifically WRT3200ACM or any other Marvell based Linksys router.
If anyone has figured it out then please share. Thanks!
Posted: Tue Aug 08, 2017 20:09 Post subject: Re: WRT3200ACM vlans
rfry1 wrote:
Hi, just wondering if you ever got vlans working on your WRT3200ACM?
I have the same router and wish to get this functionality working but am not experienced beyond the GUI which is quite limited. I've got 2 bridges, each with independent DHCP, currently eth1 (ethernet ports 1-4) and ath0/1/2 on br0 and ath0.1/1.1/2.1 on br2. I want to use vlans to split eth1 and assign 2 ports to each bridge.
I've succeeded in creating an additional vlan in telnet and reassigning ports accordingly, output:
I can't figure out how to assign the vlans to bridges though, and the GUI still lists only eth0 (I don't want to change the WAN port) and eth1. I can't find a tutorial suitable for Marvell based routers or specifically WRT3200ACM or any other Marvell based Linksys router.
If anyone has figured it out then please share. Thanks!
To assign Vlans to bridges you are going to want to use the “brctl” bridge control utility with brctl commands in a startup script.
Here is more background info and information on the syntax for the brctl utility:
This is just the bridge part of a startup script. Startup scripts can be saved using the GUI under administration/commands/ save startup or in telnet/SSH with the nvram utility using
Code:
nvram set rc_startup="
<command 1>
<command 2>
...
<command n>
"
After running the above startup scripts the bridges should show up under the Networking tab of the GUI with with Vlans assigned.
The first part of your question, no I haven’t fully got it to work. I can get vlaning to work for the wireless but I can’t get ethernet ports to get the ip address of the Vlan they are supposed to be in despite Nvram and the GUI seeming to show the correct configurations. I run a different DHCP on each bridge where the VLANs are but it’s like my ethernet ports just ignore the manually assigned ip address range I put in for the bridges and VLANs, and take an ip address in the range of the router default.
If I ever figure out Vlaning on the 3200 ACM router /Marvell chipsets I’ll report back to this thread and every other thread where I brought the topic up.
I’ll even write an extensive guide.
I encourage anyone else who beats me to the punch or already knows, to do the same.!!
Not to hijack your thread but I'm trying to get the WAN port on my wrt1200ac to use vlan 201 with tagging and I'm having a heck of a time. Do any of you have any suggestions on how to do that since we have similar hardware? The code I'm trying to run just causes the router to lock up.
I'm getting confused with the difference between switch0 and eth0. eth0 is WAN I thought but port 4 is WAN, I am so lost.
Code:
swconfig dev eth0 set reset
swconfig dev eth0 set enable_vlan1
swconfig dev eth0 vlan 1 set vid 201
swconfig dev eth0 vlan 1 set ports '0 4t'
swconfig dev eth0 set apply
Joined: 13 Aug 2013 Posts: 6870 Location: Romerike, Norway
Posted: Mon Aug 14, 2017 9:02 Post subject:
Port 4 is where the WAN cable is connected to the switch.
Port 5 and 6 is where the processor is connected to the switch.
These interfaces is named eth0 and eth1 in the OS.
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set vid 201
swconfig dev switch0 vlan 1 set ports '4t 5t'
swconfig dev switch0 set apply