Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Thu Apr 09, 2020 14:41 Post subject:
There is no way to attach a binary that will likely not work with stock firmware for you to test. If the binary or command does not exist via telnet in stock firmware, then you must install DD-WRT first. Period. EDIT: There are only 3 firmwares that support this device. Stock Netgear, Voxel, and DD-WRT. DD-WRT is the only one of the 3 that I am aware of that has the swconfig utility. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Well, it looks like some progress has been made on VLANs with the majority of the switch ports. Any word on the SPF+ port?
SFP+ port is easy. Its eth0 so just unbridge eth0 and set dhcp server on it. Voila, SFP+ port is now in it’s own vlan (you can even net isolate). Been using it that way since forever and it works great. _________________ Fleet Deployment of Netgear Nighthawk X10 R9000s
File: DD-WRT v3.0-r45229 std (01/01/21)
Active Settings: SFE, Multi-DHCP, Net Isolation, 10 Gbps SFP+ Module, VLANs, Wireguard Client, FreeRadius, WAN + 4G LTE fail-over, All internal radios - Disabled
PfSense - Intel Xeon, 32GB ECC RAM - Suricata, pfBlockerNG, Squid Proxy + ClamAV, VLANs w/ 802.1x Auth
Cisco WiFi 6 Access Points - Client Isolation & Radius Auth via DD-WRT R9000 w/ WPA3 Enterprise
Cisco Switches - 802.1x-VLANs & Radius Auth via DD-WRT R9000
SFP+ port is easy. Its eth0 so just unbridge eth0 and set dhcp server on it. Voila, SFP+ port is now in it’s own vlan (you can even net isolate). Been using it that way since forever and it works great.
Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Wed May 06, 2020 14:05 Post subject:
So, I found out the other night the hard way that order does not matter as vlans seem to be already enabled by default. It's getting the rest of the picture working that is tricky. Trying to match the R9000 to an already established test environment has not happened yet. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
So, I found out the other night the hard way that order does not matter as vlans seem to be already enabled by default. It's getting the rest of the picture working that is tricky. Trying to match the R9000 to an already established test environment has not happened yet.
What do you mean "vlans seem to be already enabled"? What commands did you run to find that?
Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Wed May 06, 2020 14:24 Post subject:
Per Yngve Berg wrote:
Can anyone post the output of
swconfig dev switch0 show
swconfig dev switch1 show
Apparently switch0:6 is connected to switch1:0
As well as swconfig dev eth0 show, I think. I don't have my notes handy. I tried both orders from all RJ45 ports using the commands below, and it locked me out until reboot... I waited 10 minutes each time to see if it was just an anomaly.
Per Yngve Berg wrote:
You have to do things in the correct order not cut off the branch you are sitting on.
Configure the switches from a client connected to Switch A (LAN1/2)
Configure Switch B first, then A. Nothing will take action before the set 'apply'
swconfig dev switch1 set enable_vlan 1
swconfig dev switch0 set enable_vlan 1
swconfig dev switch1 set apply
swconfig dev switch0 set apply
SFP+ port is easy. Its eth0 so just unbridge eth0 and set dhcp server on it. Voila, SFP+ port is now in it’s own vlan (you can even net isolate). Been using it that way since forever and it works great.
I’ll see if I can be allowed to even edit the Wikis. In the meantime, I’ll do a quick writeup on here with screenshots as soon as I get off work. Also be aware that those SFP+ modules get HOT
Another interesting thing I noticed with the SFP+ port is a greater variance in throughput than the standard RJ-45 ports. _________________ Fleet Deployment of Netgear Nighthawk X10 R9000s
File: DD-WRT v3.0-r45229 std (01/01/21)
Active Settings: SFE, Multi-DHCP, Net Isolation, 10 Gbps SFP+ Module, VLANs, Wireguard Client, FreeRadius, WAN + 4G LTE fail-over, All internal radios - Disabled
PfSense - Intel Xeon, 32GB ECC RAM - Suricata, pfBlockerNG, Squid Proxy + ClamAV, VLANs w/ 802.1x Auth
Cisco WiFi 6 Access Points - Client Isolation & Radius Auth via DD-WRT R9000 w/ WPA3 Enterprise
Cisco Switches - 802.1x-VLANs & Radius Auth via DD-WRT R9000
Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Wed May 06, 2020 17:47 Post subject:
Have to request access if you don't have it, not the same credentials as the forum. If you post a write-up here, it can be linked or added by someone who already has access. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
The SFP+ port can be segregated into its own VLAN on DD-WRT once one realizes that it's associated with the eth0 interface. By default, that interface is bridged to br0. To change that, read further:
If you would like to create a 10 gb/sec VLAN, just set up the SFP+ port as you would any VAP by navigating to Setup --> Networking as shown in Screenshot 1(viewable only if signed into this forum).
Next, under the Port Setup heading, locate the group box called Network Configuration eth0 and unbridge the interface by selecting the Unbridged radio button assigned to Bridge Assignment. Since it's going to be a VLAN, select the Net Isolation radio button to isolate it from the rest of your network and assign IP/Subnet mask of your choosing as shown in Screenshot 2.
Optionally, you can force DNS redirection if you want the devices on that VLAN to be forced into using a preferred DNS server choice by enabling the Forced DNS Redirection option and entering the DNS server IP in the Optional DNS Target text boxes.
Stop here and click Save and Apply Settings at the bottom of the page, in that order.
Finally, create a DHCP server for your newly minted VLAN by scrolling to the bottom of the same page and, under the DHCPD heading, click the Add button to create a new DHCP server (as shown in Screenshot 3). In the ensuing list box, scroll through the list of interfaces and select eth0, make sure it is enabled by selecting On in the neighboring list box, leave the default lease time or modify it, click Save, then Apply Settings, in that order.
Restart for good measure and begin using the SFP+ VLAN.
As for choice of SFP+ modules, note that there really isn't any meaningful speed difference between them as shown in this Serve The Home YT video: https://www.youtube.com/watch?v=4qM9dyEuaS4
Also note that the SFP+ modules do get hot. I would change the fan threshold parameters to make sure that your R9000 fans stay on 24/7. They aren't loud and could help keep mobo and CPU temperatures in check during the incoming summer months while transferring files at 10 gb/sec in your new VLAN. _________________ Fleet Deployment of Netgear Nighthawk X10 R9000s
File: DD-WRT v3.0-r45229 std (01/01/21)
Active Settings: SFE, Multi-DHCP, Net Isolation, 10 Gbps SFP+ Module, VLANs, Wireguard Client, FreeRadius, WAN + 4G LTE fail-over, All internal radios - Disabled
PfSense - Intel Xeon, 32GB ECC RAM - Suricata, pfBlockerNG, Squid Proxy + ClamAV, VLANs w/ 802.1x Auth
Cisco WiFi 6 Access Points - Client Isolation & Radius Auth via DD-WRT R9000 w/ WPA3 Enterprise
Cisco Switches - 802.1x-VLANs & Radius Auth via DD-WRT R9000
Last edited by ironstaff on Thu May 07, 2020 8:56; edited 1 time in total
