nvram set vlan0ports="1 2 4 5*"
nvram set vlan1ports="0 5"
nvram set vlan3ports="3 5"
nvram set port3vlans="3"
nvram set port5vlans="1 2 3"
nvram commit
I see now in the Setup -> Switch Config page that "port 3" is assigned to "vlan3", but when I go to Setup -> Networking I don't see vlan3 listed, so then I can't do these steps:
- Under "Port Setup" set VLAN3 to Unbridged.
- Set the IP Address to 192.168.2.1
- Set the Subnet Mask to 255.555.255.0
Any idea why VLAN3 does not appear?
Do you think multiple-separated-VLANs are possible with Netgear R9000?
Issues I've noticed with the Swith Config page:
- The device has 6 ethernet ports, and 6 ports are also visible in the Switch Config page. I see when I connect a cable to the ethernet port 5, the port 5 in that page turns green. But then I read port 5 has a special status. I guess dd-wrt could be updated to use port 8 instead of port 5, similarly to other routers, to remove the overlap.
- I tried first to work with "vlan103" but this caused the Switch Config page to crash the web UI. It could at least ignore it instead of crashing.
- The ports turn green when a cable is connected, but are still green when the cable is disconnected.
Last edited by a13b on Thu Dec 12, 2019 3:35; edited 1 time in total
Joined: 21 Jan 2017 Posts: 1783 Location: Illinois Moderator
Posted: Wed Dec 11, 2019 15:44 Post subject:
Funny, I am in the process of researching the same thing myself, not quite the same end use/same setup desired, but I am trying to make two separate vlans for a door camera, and one for streaming sticks...
Long and short, there are two switches in the R9000 and you have to do some very special things to make a VLAN work. It's not impossible, but it's a little above my skillset right now. So I'm doing the research to create a guide for everyone to follow at some point.
MRJCD has a fantastic VLAN guide for the EA8500 and the methodology will be similar for the R9000, but there's major differences when it comes to the switches...
I am still trying to wrap my head around it all and haven't made sense of it. That said, here are two possibly helpful links I found last night.
Here is some "useful" info about the switches from those posts with some add'l info I've added:
Switch 0:
Port 0: CPU?, VLAN 1, tagged
Port 1: LAN 2, VLAN 1
Port 2: LAN 1, VLAN 1
Port 3: WAN, VLAN 2
Port 4: ?, VLAN 1, tagged (Goes to Switch1- I think port 5 on SW1)
Port 5: ?, VLAN 2, tagged
Port 6: ?, VLAN 1, tagged
WAN is WAN port on the back of the router (Switch 0)
LAN 1 is port 1 on the back of the router (next to WAN port)(Switch 0)
LAN 2 is port 2 on the back of the router (Switch 0)
Ports 3 to 6 on the back of the router are on Switch1 ... here is how I understand the assignments on Switch1:
Port 0: CPU?, VLAN 1, tagged
Port 1: LAN 6, VLAN 1
Port 2: LAN 5, VLAN 1
Port 3: LAN 4, VLAN 1
Port 4: LAN 3, VLAN 1
Port 5: ?, VLAN 1, tagged
Port 6: Not used
Port 4 on switch0 has to be tagged and it connects to switch1 somehow (again trying to learn how/why/where).
Also, Eth0 is the SFP port
Vlan1 are ports 1-6
Vlan2 is the Wan Port
The remaining are:
ath0-5ghz radio
ath1-2.4ghz radio
eth1- Don't yet know
eth2- Don't yet know
sit0- No clue
ip6tnl0- assume this is wan ipv6 (not sure) _________________ FORUM RULES
# Switch-A:
# sw port 0 -> Trunk to CPU(eth1)
# sw port 5 -> Trunk to CPU(eth2)
# sw port 4 -> Trunk to Switch-B sw port 0
# sw port 6 -> Trunk to Switch-B sw port 5
# sw port 3 -> WAN
# sw port 2 -> LAN1
# sw port 1 -> LAN2
# Switch-B:
# sw port 0 -> Trunk to Switch-A sw port 4
# sw port 5 -> Trunk to Switch-A sw port 6
# sw port 4 -> LAN3
# sw port 3 -> LAN4
# sw port 2 -> LAN5
# sw port 1 -> LAN6
# sw port 6 -> No Used
On the good side, some recent work on R9000 support has been done in Summer 2019. On the bad side, the result is some cryptic code difficult to understand. But at least some more work is planned.
I would expect if somebody is working on investigating a router to update some wiki page dedicated to that model with all the info. This way, if users want to set up the device they'll be able to find that info easily. For example https://forum.dd-wrt.com/wiki/index.php/Netgear_R9000 Is there such info we missed?
Speaking about the wiki, I tried asking in the IRC channel about getting an account, but nobody replied.
Joined: 21 Jan 2017 Posts: 1783 Location: Illinois Moderator
Posted: Thu Dec 12, 2019 17:28 Post subject: Re: Code references
a13b wrote:
Speaking about the wiki, I tried asking in the IRC channel about getting an account, but nobody replied.
I am not sure what is taken into consideration to get access to edit wiki's, but AFAIK the "proper" method is to email info@dd-wrt.com with the subject line:
Code:
Requesting a wiki account be created: (Insert your username here in UPPERCASE only)
In the meantime, PM me and we can talk about me adding stuff to the wiki. _________________ FORUM RULES
Both switches expose the same features. These are the ones related to VLANs (I removed what I thought non-relevant):
Code:
root@DD-WRT:~# swconfig dev switch0 help
switch0: QCA AR8327 AR8337(QCA AR8327 AR8337), ports: 7 (cpu @ 0), vlans: 128
--switch
Attribute 1 (int): enable_vlan (Enable 8021q VLAN)
Attribute 5 (string): dump_arl (Dump All ARL table)
Attribute 7 (none): apply (Activate changes in the hardware)
--vlan
Attribute 1 (int): vid (Configure Vlan Id)
Attribute 2 (ports): ports (VLAN port mapping)
--port
Attribute 3 (int): pvid (Primary VLAN ID)
Attribute 4 (unknown): link (Get port link information)
Notice it says "ports: 7 (cpu @ 0)", meaning in the context of that switch the "CPU port" is port 0.
The `enable_vlan` is 0 on both switches by default. If I set enable_vlan=1 on switch0, the device instantly freezes, I have to press the power button to reset it. It does this even without having to "apply". Maybe it would work if I set properly the "pvid" on each port, and the "ports" on each vlan.
Code:
root@DD-WRT:~# swconfig dev switch0 get enable_vlan
0
root@DD-WRT:~# swconfig dev switch0 set enable_vlan 1
As described by the help command above, there seem to be 7 ports and 128 vlans:
Code:
root@DD-WRT:~# swconfig dev switch0 vlan 127 show
VLAN 127:
vid: 0
ports:
root@DD-WRT:~# swconfig dev switch0 port 6 show
Port 6:
mib: Port 6 MIB counters ......
pvid: 0
link: port:6 link:up speed:1000baseT full-duplex txflow rxflow
"Is there a VLAN-capable hardware switch integrated in your device?"
The answer could be yes since switch0 and switch1 both have the "enable_vlan" feature. There is also this which IIUC shows different physical devices for eth0, eth1, eth2:
Code:
root@DD-WRT:~# ls -l /sys/class/net
lrwxrwxrwx 1 root root 0 Dec 12 04:02 ath0 -> ../../devices/platform/soc/fd800000.pcie-external0/pci0001:00/0001:00:00.0/0001:01:00.0/0001:02:03.0/0001:03:00.0/net/ath0
lrwxrwxrwx 1 root root 0 Dec 12 04:02 ath1 -> ../../devices/platform/soc/fd800000.pcie-external0/pci0001:00/0001:00:00.0/0001:01:00.0/0001:02:07.0/0001:04:00.0/net/ath1
lrwxrwxrwx 1 root root 0 Jan 1 1970 br0 -> ../../devices/virtual/net/br0
lrwxrwxrwx 1 root root 0 Jan 1 1970 eth0 -> ../../devices/platform/soc/soc:pcie-internal/pci0000:00/0000:00:00.0/net/eth0
lrwxrwxrwx 1 root root 0 Jan 1 1970 eth1 -> ../../devices/platform/soc/soc:pcie-internal/pci0000:00/0000:00:01.0/net/eth1
lrwxrwxrwx 1 root root 0 Jan 1 1970 eth2 -> ../../devices/platform/soc/soc:pcie-internal/pci0000:00/0000:00:03.0/net/eth2
lrwxrwxrwx 1 root root 0 Jan 1 1970 giwifi0 -> ../../devices/platform/soc/fd840000.pcie-external2/pci0003:00/0003:00:00.0/0003:01:00.0/net/giwifi0
lrwxrwxrwx 1 root root 0 Jan 1 1970 lo -> ../../devices/virtual/net/lo
lrwxrwxrwx 1 root root 0 Jan 1 1970 teql0 -> ../../devices/virtual/net/teql0
lrwxrwxrwx 1 root root 0 Jan 1 1970 vlan1 -> ../../devices/virtual/net/vlan1
lrwxrwxrwx 1 root root 0 Jan 1 1970 vlan2 -> ../../devices/virtual/net/vlan2
But then there is this which shows eth0 and eth2 with the same mac address:
Code:
root@DD-WRT:~# ip addr
1: lo: <LOOPBACK,MULTICAST,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq master br0 state DOWN qlen 1000
link/ether 08:02:8e:a2:cd:92 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 08:02:8e:a2:cd:91 brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 08:02:8e:a2:cd:92 brd ff:ff:ff:ff:ff:ff
5: teql0: <NOARP> mtu 1500 qdisc noop state DOWN qlen 100
link/void
8: giwifi0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UP qlen 4000
link/ether 04:ce:14:0b:59:97 brd ff:ff:ff:ff:ff:ff
9: vlan1@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP qlen 1000
link/ether 08:02:8e:a2:cd:91 brd ff:ff:ff:ff:ff:ff
10: vlan2@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 08:02:8e:a2:cd:92 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.10/24 brd 192.168.0.255 scope global vlan2
valid_lft forever preferred_lft forever
11: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 04:ce:14:0b:59:97 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 brd 192.168.1.255 scope global br0
valid_lft forever preferred_lft forever
16: ath0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP qlen 1000
link/ether 08:02:8e:a2:cd:93 brd ff:ff:ff:ff:ff:ff
17: ath1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP qlen 1000
link/ether 08:02:8e:a2:cd:94 brd ff:ff:ff:ff:ff:ff
That code is there since the beginning of sysinit-alpine.c. Looking at the code I've seen a lot of cleanup commits, which is nice. It would be better if the code has some explanations for why things are done like that.
Here is most of the pertinent info. Switch1 won't reveal her secrets....anyone know how to see how swtich1 is connected to switch0? BS changed the code to something more cryptic and I'm no code guru...
I also pinged him for some hints and this is what I got
Quote:
For the r9000 doing vlans is very complicated. the r9000 has 2 switches
so switch 1 connected to 2 ethernet phys (for wan and lan). switch 2 is connected to switch 1. so its problematic
so doing straight vlans configs is somewhat possible but not easy since i always have to pass through everything from switch 2 to switch 1
and its only operating in vlan mode or without. but i cannot combine both operation modes. and if i run vlan1 mode it will not pass packets without vlans from switch 2
The above is somewhat "Greek" to me when he hints about the VLAN's....
Port 0 is the Wan
Port 5, I think is used to connect the two switches.
What's interesting is no ports are trunked in the R9000 right now... Unless that's hidden somehow, but reading posts above it was hinted there are no trunks.
Sfp is sitting on eth0 _________________ FORUM RULES
Posted: Sun Dec 15, 2019 23:15 Post subject: switches ports mapping to ethernet ports
By default there are no active vlans on switch0 and switch1:
Code:
root@DD-WRT:~# swconfig dev switch0 show | grep -i vlan
enable_vlan: 0
root@DD-WRT:~# swconfig dev switch0 vlan 0 show
VLAN 0:
vid: 0
ports:
If I inspect the "link" attribute of the switch ports like this, when no cable is connected (except WAN):
Code:
root@DD-WRT:/tmp# for s in switch0 switch1; do for i in $(seq 0 6); do echo $i $(swconfig
dev $s port $i get link 2>/dev/null); done; echo; done > /tmp/c000000
So:
- switch0-port0 seems to have some special meaning, being only "full-duplex".
- switch0-port4/6 and switch1-port0/5 are always up "full-duplex txflow rxflow".
- switch1-port6 is some always up "speed:10baseT half-duplex" weirdo.
The output on the R9000 is nothing like on the R7800 or EA8500 when you run the typical swconfig dev switch0 show & swconfig dev switch1 show.
it poops out all of the devices HW MAC that is connected to the ports and not the useful info we're used to...
having two switches is really goofy, furthermore I am not sure if this is BS's doing or how Netgear made the physical connections on the two switches... Either way, I am way out of my skill set on this one... _________________ FORUM RULES
Posted: Mon Dec 16, 2019 11:51 Post subject: Options with the R9000 complicated hardware
Thanks to Per Yngve Berg we now know we can ignore the nvram vlan settings, and focus on swconfig. We also have an idea about the two switches in the device. And we also have the current default setup in sysinit-alpine.c. We also have some great examples how to use swconfig with an atheros device.
Some thoughts about what BS said:
Quote:
For the r9000 doing vlans is very complicated. the r9000 has 2 switches
so switch 1 connected to 2 ethernet phys (for wan and lan). switch 2 is connected to switch 1. so its problematic
Ok, so it's difficult to support any possible configuration, because of the complexity of the two switches setup and the link between them. This means our only chance to get something working is to simplify the configuration.
Quote:
so doing straight vlans configs is somewhat possible but not easy since i always have to pass through everything from switch 2 to switch 1
and its only operating in vlan mode or without. but i cannot combine both operation modes. and if i run vlan1 mode it will not pass packets without vlans from switch 2
msoengineer, could you please ping BS and ask whether any of these options would work, and what suggestions he has? As long as it works, we can always make it more complicated later!
- Since the WAN ethernet port is on switch0:port3, can we ignore completely switch1 and only work with switch0 with its remaining two ethernet ports (LAN1-2)? Can we just ignore it and not use its ethernet ports, or do we have to actually disable it?
- Since it's possible to always pass everything between the two switches, would it be more complicated to do that, ignore/deactivate the LAN1 and LAN2 ethernet ports on switch0 and only support the remaining four ethernet ports on switch1 (LAN3-6)?