root@DD-WRT:/tmp# for s in switch0 switch1; do for i in $(seq 0 6); do echo $i $(swconfig
dev $s port $i get link 2>/dev/null); done; echo; done > /tmp/c000000
ironstaff, can you please run this with SFP+ connected and then disconnected, and post the diff?
For the r9000 doing vlans is very complicated. the r9000 has 2 switches
so switch 1 connected to 2 ethernet phys (for wan and lan). switch 2 is connected to switch 1. so its problematic
so doing straight vlans configs is somewhat possible but not easy since i always have to pass through everything from switch 2 to switch 1
and its only operating in vlan mode or without. but i cannot combine both operation modes. and if i run vlan1 mode it will not pass packets without vlans from switch 2
Unless you really want to understand how everything works, let's accept we won't get R9000 to fully support VLAN Detached Networks. BUT if we manage to disable the second switch, we have a chance to enable vlan mode on the first switch and set up a separate VLAN for each of the two ethernet ports powered by the first switch.
If anyone gets any results, I'll be happy to update the wiki.
Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Thu May 07, 2020 12:04 Post subject:
I have commitments today, but I think I figured out where I was in error and where dd-wrt defaults may conflict. I won't share information until an actual fool-proof solution is figured out where I can plug an R9000 into an already established test environment that works with any other supported router. Anyone else could have already looked into this and come up with a solution most likely, but here we are. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
I have commitments today, but I think I figured out where I was in error and where dd-wrt defaults may conflict. I won't share information until an actual fool-proof solution is figured out where I can plug an R9000 into an already established test environment that works with any other supported router. Anyone else could have already looked into this and come up with a solution most likely, but here we are.
Thank you!
For my curiosity, what's this "established test environment"?
could eth0/SFP+ port be configured to trunk VLANS?
Yes. 802.1q is called vlan tagging in dd-wrt. Find it under the networking tab. Set your interface (eth0, in this case), tag number, and save + apply.
Enter the tag number on the receiving switch/AP/whatever device supports dot Q standard and set the receiving port to trunk. Good to go from there. _________________ Fleet Deployment of Netgear Nighthawk X10 R9000s
File: DD-WRT v3.0-r45229 std (01/01/21)
Active Settings: SFE, Multi-DHCP, Net Isolation, 10 Gbps SFP+ Module, VLANs, Wireguard Client, FreeRadius, WAN + 4G LTE fail-over, All internal radios - Disabled
PfSense - Intel Xeon, 32GB ECC RAM - Suricata, pfBlockerNG, Squid Proxy + ClamAV, VLANs w/ 802.1x Auth
Cisco WiFi 6 Access Points - Client Isolation & Radius Auth via DD-WRT R9000 w/ WPA3 Enterprise
Cisco Switches - 802.1x-VLANs & Radius Auth via DD-WRT R9000
Awesome, gonna plug it into my Cisco switch and test as soon as I can! If I can trunk the VLAN's out of the SFP+ port to my switch I can use the switch to detach ports to separate vlans.
If you do that, you will lose all other access to the remaining lan ports under dd-wrt and they won't be able to access the bridge to the wan side due to how the switch is configured...
Stock Netgear firmware is the only way I know of and you still may lose the 4 other lan ports to wan internet access. _________________ FORUM RULES
If you do that, you will lose all other access to the remaining lan ports under dd-wrt and they won't be able to access the bridge to the wan side due to how the switch is configured...
Stock Netgear firmware is the only way I know of and you still may lose the 4 other lan ports to wan internet access.
Thanks, do you think it's possible by adding a sfp/rj45 module?
It is possible to get VLANs working on the R9000 switch ports. It took me a while to figure it out, but I have done it successfully to bridge 3 wireless networks (1 physical and 2 VAPs) to relevant VLANs and have a management VLAN. I ended up leaving VLAN1 and VLAN2 alone and setting up new VLANs 4 - LAN, 8 - Guest, 12 - IoT & 15 - Management.
I created the wireless networks, VLANs and bridges in the GUI first, then used swconfig to assign the VLANs to specific ports. I am using this as an AP only, so I've assigned my WAN port as my trunked port to connect to the rest of the network.
My startup script is:
Code:
sleep 8
# Setup VLANS
# Switch0 Config
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "0t 4t 6t"
swconfig dev switch0 vlan 2 set ports "5t"
swconfig dev switch0 vlan 4 set ports "0t 1 2 3t 4t 6t"
swconfig dev switch0 vlan 8 set ports "0t 3t 4t 6t"
swconfig dev switch0 vlan 12 set ports "0t 3t 4t 6t"
swconfig dev switch0 vlan 15 set ports "0t 3t 4t 6t"
swconfig dev switch0 set apply
# Switch1 Config
swconfig dev switch1 set enable_vlan 1
swconfig dev switch1 vlan 1 set ports "0t 5t"
swconfig dev switch1 vlan 4 set ports "0t 2 5t"
swconfig dev switch1 vlan 8 set ports "0t 4 5t"
swconfig dev switch1 vlan 12 set ports "0t 3 5t"
swconfig dev switch1 vlan 15 set ports "0t 1 5t"
swconfig dev switch1 set apply
This sets the WAN port to be the trunked port, LAN ports 1, 2 & 5, Guest port 3, IoT port 4 and management port 6. This isn't actually my final setup, but it's what I used for testing.
Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Wed Mar 03, 2021 19:46 Post subject:
Awesome stuff. The only thing is, we would still need to figure out how to figure in eth0 (WAN port), but this is good progress. I haven't really messed around with this since my wireless interfaces took a dump, but it looks like some of my logic wasn't far off on what ports connect where. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net