Need Swconfig / Nvram VLAN help WRT3200ACM

Post new topic   Reply to topic    DD-WRT Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.)
Goto page 1, 2  Next
Author Message
Gigabitten
DD-WRT Novice


Joined: 02 Jun 2017
Posts: 43

PostPosted: Sat Jun 10, 2017 18:40    Post subject: Need Swconfig / Nvram VLAN help WRT3200ACM Reply with quote
I am a noob to swconfig. There is not a lot of great guides out there but a mishmash of snippets of information.

I am currently running brainslayers r32237 (which I just read he has a newer one which I will probably upgrade to) on the WRT3200ACM.

I am trying to use Swconfig to set up three Vlans on the WRT3200ACM.

My current understanding is the router has a default vlan 1 with vid 1. I want to assign this what’s labeled port 0 in swconfig.

I also want to then create a Vlan 2 and assign it what swconfig lists as port 1. I also want to add Virtual wireless Interfaces ath0.1 (unbridged 5 Ghz/802.11ac) and virtual wirelesses interface ath1.1 (unbridged 2.4Ghz) which I created in the GUI.

Finally I then want to create Vlan 3 and assign it ports that are listed in swconfig as port 2 and port 3. I also want to add the virtual wireless interface ath0.2 (unbridged 5 Ghz/802.11ac) and ath1.2 (unbridged 2.4Ghz) which I created in the GUI.

I can get the virtual interfaces to work (haven't assigned them to vlans yet).

But swconfig I can only seem to get the vlans to partially work and only if I put it in a startup script under the command section in the GUI. I say partially because when I try to setup the above with a startup script, my ethernet connections can’t connect but get stuck in connecting mode before it times out. But I can access the router wirelessly and run swconfig in telnet which shows:

swconfig dev switch0 show
…….

VLAN 1:
port_based: 0
vid: 1
ports: 0 5t
VLAN 2:
port_based: 0
vid: 2
ports: 1 5t
VLAN 3:
port_based: 0
vid: 3
ports: 2 3 5t



This I believe shows the correct configuration I am trying to set up. The ethernet just won’t connect. Here is just one of many start -up scripts I tried:

swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set vid 1
swconfig dev switch0 vlan 2 set vid 2
swconfig dev switch0 vlan 3 set vid 3
swconfig dev switch0 vlan 1 set ports "5t 0"
swconfig dev switch0 vlan 2 set ports "5t 1"
swconfig dev switch0 vlan 3 set ports "5t 2 3"
swconfig dev switch0 set apply
ifconfig eth0 up
ifconfig eth1 up



1. Any idea why my Ethernet connections cannot connect to the router?

2. Also what does this attribute mean under vlans in "swconfig dev switch0 help"

--vlan
Attribute 1 (int): port_based (Use port-based (non-802.1q) VLAN only)

??? Is it linked to “port_based: 0” under the Vlans in the first output I previously posted above?



3 . If the above vlaning can be made to work somehow do I then need to tag the wireless interfaces in the gui under “Vlan taging” under the networking tab and how exactly do I configure that?

4. Do I need to add more to the startup script are can continue to do the rest in the GUI.

5. Finally, I also have a question about port 6 I posted on this thread.

https://www.dd-wrt.com/phpBB2/viewtopic.php?t=309651

I know these are probably really basic questions and just request your patience, I just don’t really know a lot about this stuff.

-Chan



*UPDATE* 8.20.2017

Using the NVRAM utility instead of Swconfig utility got me pretty far. The only remaining problem I have is to get ethernet connections to have the proper ip address that's in the range assingned to the different bridges that the VLANs are in.


Also on page two of this thread I posted "resources" with useful links for anyone new who wants to get up to speed on this.


Last edited by Gigabitten on Sun Aug 20, 2017 19:57; edited 3 times in total
Sponsor
Gigabitten
DD-WRT Novice


Joined: 02 Jun 2017
Posts: 43

PostPosted: Thu Jun 15, 2017 20:18    Post subject: Reply with quote
*Update*

So I am starting to believe swconfig port 5 on the 3200ACM is a cpu port for the WAN and swconfig port 6 is a cpu port for the LAN. With that in mind I tagged port 5 in the default vlan for the Wan with the wan port (port 4) and port 6 in my regular vlans. ( I changed slightly my original vlan configuration for testing purposes).

Here is my latest test start up script which I believe to be theoretically sound and correct:



Code:
swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set vid 100
swconfig dev switch0 vlan 2 set vid 2
swconfig dev switch0 vlan 3 set vid 3
swconfig dev switch0 vlan 1 set ports "4 5t"
swconfig dev switch0 vlan 2 set ports "0 6t"
swconfig dev switch0 vlan 3 set ports "1 2 3 6t"
swconfig dev switch0 set apply
ifconfig eth0 up
ifconfig eth1 up
vconfig set_name_type VLAN_PLUS_VID_NO_PAD
vconfig add eth0 100
vconfig add eth1 2
vconfig add eth1 3
ifconfig vlan 1 up
ifconfig vlan 2 up
ifconfig vlan 3 up



Still ethernet connection to the router won't work.

Anyone have any ideas why my startup script isn't working?
ATHF
DD-WRT Guru


Joined: 14 Dec 2015
Posts: 774
Location: 127.0.0.1

PostPosted: Fri Jun 16, 2017 3:46    Post subject: Reply with quote
Try posting this in the Advanced Networking forum, or see if a moderator can move it, would probably get more gurus looking at it.
_________________
Tutorial for flashing WRT series
WRT Installation,Upgrade & Basic Setup–Cliff Notes
r52242: WRT3200ACM, WRT1200ACv1 & 1 Velop in bridge mode(IoT subnet), r52242 WRT1900ACv1 AP
Velop:2 WHW0101, RE6500, RE9000(AP)
Spectrum - 1000/50
SysLog Watcher 5, New security Onion box coming soon, Fingboxes, PiHoles, NEMS, Cacti, rpisurv
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6856
Location: Romerike, Norway

PostPosted: Fri Jun 16, 2017 4:55    Post subject: Reply with quote
ATHF wrote:
Try posting this in the Advanced Networking forum, or see if a moderator can move it, would probably get more gurus looking at it.


That is not a good idea, as this is Marvel specific. If you can't get help here, you will not in another forum.
ATHF
DD-WRT Guru


Joined: 14 Dec 2015
Posts: 774
Location: 127.0.0.1

PostPosted: Fri Jun 16, 2017 5:07    Post subject: Reply with quote
Yes, at times I forget that these units are a different monster than the rest.
I believe they got an answer by BS under the 3200ACM?? thread.

_________________
Tutorial for flashing WRT series
WRT Installation,Upgrade & Basic Setup–Cliff Notes
r52242: WRT3200ACM, WRT1200ACv1 & 1 Velop in bridge mode(IoT subnet), r52242 WRT1900ACv1 AP
Velop:2 WHW0101, RE6500, RE9000(AP)
Spectrum - 1000/50
SysLog Watcher 5, New security Onion box coming soon, Fingboxes, PiHoles, NEMS, Cacti, rpisurv
Gigabitten
DD-WRT Novice


Joined: 02 Jun 2017
Posts: 43

PostPosted: Fri Jun 23, 2017 15:31    Post subject: Reply with quote
**update**


Okay for testing purposes I reset my router configuration to only default settings and made only the configuration changes you see below

I simplified the switch configuration even more with this start-up script:

Code:
swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 3 set vid 3
swconfig dev switch0 vlan 3 set ports "1t 2t 3t 4t 5t 6t"
swconfig dev switch0 set apply
ifconfig eth0 up
ifconfig eth1 up
vconfig set_name_type VLAN_PLUS_VID_NO_PAD
vconfig add eth1 3
ifconfig vlan3 up



All ethernet ports except swconfig port 0 (external port 4) are in a single vlan, VLAN 3. I added the the Wan port 4 the WAN cpu 6 and the LAN cpu port 5 into the VLAN 3 with tagging on all ports.

Still cannot connect to my router through ethernet cable.

What’s most troubling is I can’t access my router by ethernet to configure it through port 0 which is the one ethernet port I excluded from the VLAN with the idea I would use it to access the router if trouble arose with accessing the router through the VLAN 3 ports.


So through wireless I had to connect to the router and tried the following configuration changes in the GUI:

1. Setup>Networking> Create Bridge >add bridge br1
2. Setup>Networking> Assign to bridge> br1 interface vlan3
3. Setup>Networking>Port Setup >Network Configuration vlan3> (check unbridged) give ip address of 192.168.3.1 and subnet mask 255.255.255.0
4.Setup>Networking>Port Setup >Network Configuration br1> (check unbridged) give ip address of 192.168.3.1 and subnet mask 255.255.255.
5. DHCPD>Multiple DHCP Serve DHCPD>br1 on.

Still ethernet ports don’t work to connect to configure the router. .


I use a similar GUI configuration that works very well with virtual interfaces on the wireless to create what are essentially wireless VLANS (But they don’t have any Ethernet port attached to them which is why I am trying to go full VLAN).

At this point I think it’s not a configuration issue, but a software bug / issue with VLANs (I challenge anyone to post any startup script with a working VLAN for the 3200ACM). It seems to be a problem of communication between the switch and the router as the swconfig shows the correct configuration resulting from the startup script and the workstation recognizing something and tries to connect when the ethernet cable is plugged in .

It’s a shame because the recent builds coming out for the 3200ACM have otherwise been quite excellent.
Gigabitten
DD-WRT Novice


Joined: 02 Jun 2017
Posts: 43

PostPosted: Mon Jun 26, 2017 20:38    Post subject: Reply with quote
I am going to post what might be an important observation.

If I run this basic start-up script to enable VLAN on the WRT 3200acm :

Code:
swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1



The ethernet connections can't connect to router.

So this is where the problem starts.

I believe in theory all Ethernet connections to the router should still work even with just this script because the ethernet ports are automatically part of the default VLAN which is pvid 0.

But I still can't get ethernet connections to the router when VLANing is enabled.

Since it doesn't seem to be a switch configuration problem but a router problem is there something I have to configure in Nvram and anybody have any ideas on how to do that?
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6856
Location: Romerike, Norway

PostPosted: Wed Jul 05, 2017 16:24    Post subject: Reply with quote
Code:
swconfig dev switch0 set reset 1


Doesn't this reset the switch? Since you do not add all commands to fully re-configure it, it will not work. There is no commands for vlan1.
Gigabitten
DD-WRT Novice


Joined: 02 Jun 2017
Posts: 43

PostPosted: Mon Jul 17, 2017 17:43    Post subject: Reply with quote
***update***

So I've been working under the assumption that the swconfig utility is deprecated and no longer fully functional at least for the r32237 build. The output of Swconfig dev switch0 showed what appeared to be two CPU ports. But Brainslayer said somewhere on this https://www.dd-wrt.com/phpBB2/viewtopic.php?t=304086 that the 3200 acm has the same switch configuration as the WRT1900 which I believe means only ONE CPU.


So I switched to using the nvram utility to configure the switch with Vlans.

I've had Much more success. I got the ethernet connections connected showing they were in the right subnet for the VLan. My only issues was when it came time for ping testing I would unplug my eternet cable in plug it into another ethernet port and it wouldn't connect. I'd have to reset my router and the computer.

I've since upgraded to build r32597. It's worked wonderfully for other issues unrelated to vlaning, but now when I connect my Ethernet cables it seems to bypass the vlan and puts the connection in the default subnet of the router.

My basic procedure for this is after configuring the switch in the nvram utility, is to a create startup script and save it in the GUI. There are basically eight steps in my startup script which are as follows:

1. The startup script first uses ifconfig to assign an ipaddress and netmask to the Vlan that is different than the router default broadcast domain/subnet.

2. Using ifconfig the script then brings the Wan and Lan interfaces up (eth0 and eth1).

3. I than use vfconfig to add vlans to the lan interface.

4 . Next use ifconfig to put the Vlans up.

5. Then I use the brctl utility to create the bridges.

6. Then use ifconfig to assign bridges an ip address with each bridge getting the same ip address as the ip address of the vlan that will be assigned to it (save for the default vlans or vlans I want to go to default bridge 0 such as WAN Vlan which is vlan3 in this setup, which I don't think I need to manually recreate a bridge "0" for or assign) .

7. Using brctl I then add the vlan inferface and the wireless interface to the bridge.

8. Finally I bring the bridge up with ifconfig.


Here is a samplings of my startup script:



#!/bin/ash
PATH="/sbin:/usr/sbin:/bin:/usr/bin:${PATH}"

ifconfig vlan4 192.169.6.7 netmask 255.255.255.0
...(there are more vlan ip assignments here which have been omitted)
ifconfig eth0 up
ifconfig eth1 up
vconfig set_name_type VLAN_PLUS_VID_NO_PAD
vconfig add eth1 0
vconfig add eth1 1
vconfig add eth1 2
vconfig add eth1 3
vconfig add eth1 4
ifconfig vlan1 up
ifconfig vlan2 up
ifconfig vlan3 up
ifconfig vlan4 up
brctl addbr br1
brctl addbr br2
brctl addbr br3
brctl addbr br4
brctl addbr br5
...
ifconfig br4 192.169.6.7 netmask 255.255.255.0
… (There are more bridge ip assignment here which have been omitted_)

brctl addif br1 vlan1
brctl addif br1 ath0.1
brctl addif br2 vlan2
brctl addif br2 ath0.2
brctl addif br3 ath1.1
brctl addif br4 vlan4
brctl addif br5 ath1.2
ifconfig br1 up
ifconfig br2 up
ifconfig br3 up
ifconfig br4 up
ifconfig br5 up


The GUI showed the creation of bridges and correct interface bridge assignments but show the bridges and “unbridged’ with no ip address in them so I manually put the ip addresses in the for the bridges as well as for the VLANS from the GUI. I also assigned all the bridges a DHCP server from the GUI under the Multiple DHCP server tab.

Telneting to the router in the CLI

nvram show | grep vlan.*ports
nvram show | grep port.*vlans
nvram show | grep vlan.*hwname

ifconfig -a
brctl show

All show the correct switch and vlan configuration I am going for.


Yet “hostname -I” from the terminal shows an ip address in the subnet of the router.

Any idea why my Ethernet connections seem to pierce right through the VLANS and get assigned an ip from the router ip address /local subnet?
Gigabitten
DD-WRT Novice


Joined: 02 Jun 2017
Posts: 43

PostPosted: Thu Jul 20, 2017 14:20    Post subject: Reply with quote
Per Yngve Berg wrote:
Code:
swconfig dev switch0 set reset 1


Doesn't this reset the switch? Since you do not add all commands to fully re-configure it, it will not work. There is no commands for vlan1.


I was just enabling vlaning with this script:

Code:

swconfig dev switch0 set reset 1
swconfig dev switch0 set enable_vlan 1


enable_vlan 0 off enable vlan_1 vlaning.

I was just testing to see if my ethernet could connect to my router with vlanning enabled (without putting my configuration in), which I think it should by default because the diagrams of older router show all the ethernet ports in vlan 0 with the Wan port in vlan 1 by default. (can't find a reliable switch /internal router diagram of the 3200 acm)
Gigabitten
DD-WRT Novice


Joined: 02 Jun 2017
Posts: 43

PostPosted: Thu Jul 20, 2017 14:28    Post subject: Reply with quote
I am kicking myself. I finally had a mostly working Vlan configuration with the nvram utility..

I got to the point where I was ping testing my firewall configuration and I was annoyed that I had to restart my router when switched the ethernet ports to ping test the firewall between the vlans of each port.


So I upgraded r32597 without writing down my nvram and startup script thinking I'd remember my configuration. Well I can't get it to semi-work and I don't remember the right configuration. .. All I remember is that I used the GUI to assign either the bridges or vlan a dhcp server. The rest steps involved a combination of a startup script or GUI configuration.
rfry1
DD-WRT Novice


Joined: 07 Oct 2016
Posts: 8

PostPosted: Sun Aug 06, 2017 22:12    Post subject: WRT3200ACM vlans Reply with quote
Hi, just wondering if you ever got vlans working on your WRT3200ACM?

I have the same router and wish to get this functionality working but am not experienced beyond the GUI which is quite limited. I've got 2 bridges, each with independent DHCP, currently eth1 (ethernet ports 1-4) and ath0/1/2 on br0 and ath0.1/1.1/2.1 on br2. I want to use vlans to split eth1 and assign 2 ports to each bridge.

I've succeeded in creating an additional vlan in telnet and reassigning ports accordingly, output:



I can't figure out how to assign the vlans to bridges though, and the GUI still lists only eth0 (I don't want to change the WAN port) and eth1. I can't find a tutorial suitable for Marvell based routers or specifically WRT3200ACM or any other Marvell based Linksys router.

If anyone has figured it out then please share. Thanks!
Gigabitten
DD-WRT Novice


Joined: 02 Jun 2017
Posts: 43

PostPosted: Tue Aug 08, 2017 20:09    Post subject: Re: WRT3200ACM vlans Reply with quote
rfry1 wrote:
Hi, just wondering if you ever got vlans working on your WRT3200ACM?

I have the same router and wish to get this functionality working but am not experienced beyond the GUI which is quite limited. I've got 2 bridges, each with independent DHCP, currently eth1 (ethernet ports 1-4) and ath0/1/2 on br0 and ath0.1/1.1/2.1 on br2. I want to use vlans to split eth1 and assign 2 ports to each bridge.

I've succeeded in creating an additional vlan in telnet and reassigning ports accordingly, output:



I can't figure out how to assign the vlans to bridges though, and the GUI still lists only eth0 (I don't want to change the WAN port) and eth1. I can't find a tutorial suitable for Marvell based routers or specifically WRT3200ACM or any other Marvell based Linksys router.

If anyone has figured it out then please share. Thanks!







To assign Vlans to bridges you are going to want to use the “brctl” bridge control utility with brctl commands in a startup script.

Here is more background info and information on the syntax for the brctl utility:

https://linux.die.net/man/8/brctl

https://wiki.linuxfoundation.org/networking/bridge


Example usage:

1. Create bridges with:

Code:
brctl addbr br1
brctl addbr br2
brctl addbr br3
   

2. Step (possibly optional?), assign different ip address to bridges:

Code:

ifconfig br1 172.16.0.1 netmask 255.255.255.0
ifconfig br2 172.16.5.22 netmask 255.255.255.0
ifconfig br3 192.18.22.14 netmask 255.255.255.0


3. Add Vlans and wireless devices to bridges:

Code:
 
brctl addif br1 vlan1
brctl addif br1 ath0.1
brctl addif br2 vlan2


4. Put bridges up

Code:
ifconfig br0 up
ifconfig br1 up
ifconfig br2 up


This is just the bridge part of a startup script. Startup scripts can be saved using the GUI under administration/commands/ save startup or in telnet/SSH with the nvram utility using
Code:

nvram set rc_startup="

 <command 1>
 <command 2>
 ...
 <command n>
 "


After running the above startup scripts the bridges should show up under the Networking tab of the GUI with with Vlans assigned.


The first part of your question, no I haven’t fully got it to work. I can get vlaning to work for the wireless but I can’t get ethernet ports to get the ip address of the Vlan they are supposed to be in despite Nvram and the GUI seeming to show the correct configurations. I run a different DHCP on each bridge where the VLANs are but it’s like my ethernet ports just ignore the manually assigned ip address range I put in for the bridges and VLANs, and take an ip address in the range of the router default.

If I ever figure out Vlaning on the 3200 ACM router /Marvell chipsets I’ll report back to this thread and every other thread where I brought the topic up.
I’ll even write an extensive guide.
I encourage anyone else who beats me to the punch or already knows, to do the same.!!
naps1saps
DD-WRT Novice


Joined: 16 Dec 2016
Posts: 14

PostPosted: Mon Aug 14, 2017 4:32    Post subject: Reply with quote
Not to hijack your thread but I'm trying to get the WAN port on my wrt1200ac to use vlan 201 with tagging and I'm having a heck of a time. Do any of you have any suggestions on how to do that since we have similar hardware? The code I'm trying to run just causes the router to lock up.

I'm getting confused with the difference between switch0 and eth0. eth0 is WAN I thought but port 4 is WAN, I am so lost.

Code:
swconfig dev eth0 set reset
swconfig dev eth0 set enable_vlan1
swconfig dev eth0 vlan 1 set vid 201
swconfig dev eth0 vlan 1 set ports '0 4t'
swconfig dev eth0 set apply
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6856
Location: Romerike, Norway

PostPosted: Mon Aug 14, 2017 9:02    Post subject: Reply with quote
Port 4 is where the WAN cable is connected to the switch.

Port 5 and 6 is where the processor is connected to the switch.

These interfaces is named eth0 and eth1 in the OS.

swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set vid 201
swconfig dev switch0 vlan 1 set ports '4t 5t'
swconfig dev switch0 set apply
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.) All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum