Awesome stuff. The only thing is, we would still need to figure out how to figure in eth0 (WAN port), but this is good progress. I haven't really messed around with this since my wireless interfaces took a dump, but it looks like some of my logic wasn't far off on what ports connect where.
Yes, I posted back to this thread as it was all the hard work done here that helped me get it up and running - standing on the shoulders of giants.
Do you mean the WAN port or the SFP port? I think eth0 is the SFP port and I haven't played with that. The WAN port can be joined into the VLANS quite easily (I'm using it as my trunk port).
Since Wan is already on vlan2 why not start by assigning Lan port1 to vlan2.
Not certain what is needed to allow aggregation between Lan port1(added Wan) and normal Wan so as to allow 2 (1) gig aggregated connection from a modem to these two ports. Say to enable 2gig comcast support. But I'd imagine it is possible. Switch Config certainly recognizes a 1 gig signal on Lanport1 when plugged in to port2 on my modem if lanport1 is assigned to vlan2.
edit: What would something like this do?
#sleep 8
## Setup VLANS
## Switch0 Config
#swconfig dev switch0 set enable_vlan 1
#swconfig dev switch0 vlan 1 set ports "0t 1 4t 6t"
####swconfig dev switch0 vlan 2 set ports "2 5t"
#or
#swconfig dev switch0 vlan 2 set ports "2 3 5t"
#swconfig dev switch0 set apply
## Switch1 Config
#swconfig dev switch1 set enable_vlan 1
#swconfig dev switch1 vlan 1 set ports "0t 1 2 3 4 5t"
#swconfig dev switch1 set apply
seems to me it would make Lanport1 another Wan (connected to vlan2)
edit2:#nvram set vlan1ports="0t 1t 2 3 4 5 6" #Is this also needed to add wan tag for port1 vlan1?
Since Wan is already on vlan2 why not start by assigning Lan port1 to vlan2.
Not certain what is needed to allow aggregation between Lan port1(added Wan) and normal Wan so as to allow 2 (1) gig aggregated connection from a modem to these two ports. Say to enable 2gig comcast support. But I'd imagine it is possible. Switch Config certainly recognizes a 1 gig signal on Lanport1 when plugged in to port2 on my modem if lanport1 is assigned to vlan2.
edit: What would something like this do?
#sleep 8
## Setup VLANS
## Switch0 Config
#swconfig dev switch0 set enable_vlan 1
#swconfig dev switch0 vlan 1 set ports "0t 1 4t 6t"
####swconfig dev switch0 vlan 2 set ports "2 5t"
#or
#swconfig dev switch0 vlan 2 set ports "2 3 5t"
#swconfig dev switch0 set apply
## Switch1 Config
#swconfig dev switch1 set enable_vlan 1
#swconfig dev switch1 vlan 1 set ports "0t 1 2 3 4 5t"
#swconfig dev switch1 set apply
seems to me it would make Lanport1 another Wan (connected to vlan2)
edit2:#nvram set vlan1ports="0t 1t 2 3 4 5 6" #Is this also needed to add wan tag for port1 vlan1?
The above would put the WAN and LAN 1 ports together on the WAN side and all the other ports on the standard LAN I think.
The above would put the WAN and LAN 1 ports together on the WAN side and all the other ports on the standard LAN I think.
Assuming this works. I don't know that dd-wrt bonding interface allows LACP 802.3ad to be assigned to each WAN port individually; first to vlan2, second to eth2? (Both appear as slave bond interface options). If so would it even work with comcast's current modem LAG firmware?
I'd probably test it if I had access to a 2 gig connection.
It is possible to get VLANs working on the R9000 switch ports. It took me a while to figure it out, but I have done it successfully to bridge 3 wireless networks (1 physical and 2 VAPs) to relevant VLANs and have a management VLAN. I ended up leaving VLAN1 and VLAN2 alone and setting up new VLANs 4 - LAN, 8 - Guest, 12 - IoT & 15 - Management.
I created the wireless networks, VLANs and bridges in the GUI first, then used swconfig to assign the VLANs to specific ports. I am using this as an AP only, so I've assigned my WAN port as my trunked port to connect to the rest of the network.
My startup script is:
Code:
sleep 8
# Setup VLANS
# Switch0 Config
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "0t 4t 6t"
swconfig dev switch0 vlan 2 set ports "5t"
swconfig dev switch0 vlan 4 set ports "0t 1 2 3t 4t 6t"
swconfig dev switch0 vlan 8 set ports "0t 3t 4t 6t"
swconfig dev switch0 vlan 12 set ports "0t 3t 4t 6t"
swconfig dev switch0 vlan 15 set ports "0t 3t 4t 6t"
swconfig dev switch0 set apply
# Switch1 Config
swconfig dev switch1 set enable_vlan 1
swconfig dev switch1 vlan 1 set ports "0t 5t"
swconfig dev switch1 vlan 4 set ports "0t 2 5t"
swconfig dev switch1 vlan 8 set ports "0t 4 5t"
swconfig dev switch1 vlan 12 set ports "0t 3 5t"
swconfig dev switch1 vlan 15 set ports "0t 1 5t"
swconfig dev switch1 set apply
This sets the WAN port to be the trunked port, LAN ports 1, 2 & 5, Guest port 3, IoT port 4 and management port 6. This isn't actually my final setup, but it's what I used for testing.
Awesome stuff. The only thing is, we would still need to figure out how to figure in eth0 (WAN port), but this is good progress. I haven't really messed around with this since my wireless interfaces took a dump, but it looks like some of my logic wasn't far off on what ports connect where.
Yes, I posted back to this thread as it was all the hard work done here that helped me get it up and running - standing on the shoulders of giants.
Do you mean the WAN port or the SFP port? I think eth0 is the SFP port and I haven't played with that. The WAN port can be joined into the VLANS quite easily (I'm using it as my trunk port).
Hi.
Did someone manage to get SFP port working as VLAN trunk for the the LAN switch? I followed all the tutorials using WAN port (physical port) as VLANS trunk, and got the LAN ports working (different VLANs assigned to different ports), but no way to get DHCP working on VAP. Instead, using the SFP port as VLANS trunk did let me use VAP…but I’ve lost the LAN ports (DHCP not assigned).
Using both SFP and WAN at the same time is the only way to have both VAPs and LAN ports working (weird behavior of the R9000), but following this route I obviously cannot get more than 1gbps for the LAN switch (10gbps assigned to VAPs via SFP), which was the main reason I wanted to install dd-wrt.
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Mon Jan 03, 2022 17:16 Post subject:
did you managed to make the SFP port..it has very narrow SFP hardware modules compatibility, witch SFP do you use atm...
The current DDWRT SFP detached guide must make SFP port as an extra VLan as the SFP port is not hardware linked to the rest of the switch...if im not wrong..i never made it to work as my SFP module was not compatible...
If its not a secret, could you share your start up script as you mentioned you made it to isolate VLAN to separated physical LAN (switch) ports...is it working...as a separated subnet with own IP/mask, DHCP and DNS...?? _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
did you managed to make the SFP port..it has very narrow SFP hardware modules compatibility, witch SFP do you use atm...
The current DDWRT SFP detached guide must make SFP port as an extra VLan as the SFP port is not hardware linked to the rest of the switch...if im not wrong..i never made it to work as my SFP module was not compatible...
If its not a secret, could you share your start up script as you mentioned you made it to isolate VLAN to separated physical LAN (switch) ports...is it working...as a separated subnet with own IP/mask, DHCP and DNS...??
I'm currently using 2x "10G Netgear SFP+ AXM761-10000S" modules to link my R9000 with a Netgear XS708T, and also tested "Netgear 10GBe SFP+ model AXC763-10000S cable" between them. Both solutions perfectly work with dd-wrt and native Netgear firmwares.
I did follow the guide posted by lh-reg (please forgive me I cannot tag names, but thank you so much for the helpful guide) at page 4 of this topic (complete guide link available at his signature) in my CONFIG TEST1, and also tested another way to create vlans on eth0 sfp+ port (CONFIG TEST2).
My setup consists of following VLANs created on pfSense (trunked to Netgear XS708T switch, and then trunked again to the R9000 via SFP+):
After following the setup guide, I had to modify the nvram and swconfig (using vlan 5 instead of 4, vlan 6 instead of 8, vlan 10 instead of 15):
NVRAM commands:
nvram set vlan5ports="0t 1 2 5"
nvram set vlan6ports="0t 3 5"
nvram set vlan12ports="0t 4 5"
nvram set vlan10ports="0t 6 5"
nvram set port0vlans="1 2 5 6 12 10 16"
nvram set port1vlans="5"
nvram set port2vlans="5"
nvram set port3vlans="6"
nvram set port4vlans="12"
nvram set port5vlans="1 2"
nvram set port6vlans="10"
nvram set port7vlans="1 2 5 6 12 10 16"
nvram set vlan5hwname=et0
nvram set vlan6hwname=et0
nvram set vlan10hwname=et0
nvram set vlan12hwname=et0
nvram set apply
SWCONFIG stratup script:
sleep 8
# Switch0 Config
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "0t 4t 6t"
swconfig dev switch0 vlan 2 set ports "5t"
swconfig dev switch0 vlan 5 set ports "0t 1 2 3t 4t 6t"
swconfig dev switch0 vlan 6 set ports "0t 3t 4t 6t"
swconfig dev switch0 vlan 12 set ports "0t 3t 4t 6t"
swconfig dev switch0 vlan 10 set ports "0t 3t 4t 6t"
swconfig dev switch0 set apply
# Switch1 Config
swconfig dev switch1 set enable_vlan 1
swconfig dev switch1 vlan 1 set ports "0t 5t"
swconfig dev switch1 vlan 5 set ports "0t 2 5t"
swconfig dev switch1 vlan 6 set ports "0t 4 5t"
swconfig dev switch1 vlan 12 set ports "0t 3 5t"
swconfig dev switch1 vlan 10 set ports "0t 1 5t"
swconfig dev switch1 set apply
Instead of creating vlans in the "switch config" tab within dd-wrt, I tried creating vlans withing the "networking" tab, so I did add multiple vlan entries at the top "VALN Tagging" section and assigned to eth= (vlans 1,2,5,6,10,16). I also did segregate eth0 port (unbridge option + net isolation, giving it the 10.13.10.254/24 instead of 10.13.10.253 used by the R9000). Dns and gateway are provided by pfSense for all the VLANs.
The reason I tried the second config test is that I could not use the lan ports: when starting the config test 2 with sfp module connected to the switch and to pfSense, all the lan ports got a dhcp address 10.13.10.x (VLAN 10) probably bacause the VLAN 10 has a pvid 10 at the switch. After segregating the eth0 port, lan ports lost the 10.13.10.x ip address.
[img]https://prnt.sc/25uty05[/img]
As I said before, I've never managed to get both the VAPs and LAN ports working together, neither using SFP+ port neither using the WAN port as trunk connection to the XS708T switch (I obviously erased firmware, nvram, tried another R9000 router, tried another switch, tried another brand new pfSense setup). So, to get both the wifi and lan VLANs working together, I must use a double trunk connection (SFP+ and the WAN) to the switch (SFP+ takes care of VAP, WAN of the lan ports).
[/quote]
Joined: 15 Aug 2016 Posts: 223 Location: Melbourne, Australia
Posted: Mon May 09, 2022 3:26 Post subject:
A Netgear R9000 came into my possession recently. And i researched about it online. My research went to various places. Numerous other posts by various posters, together with VLAN settings on my current R7800 shed a good light on the path to my VLAN solution.
The only way (i think) to make VLANs work as 'normally' as possible on R9000 is placing them on bridges. But then not totally on bridge if i can put it that way.
In a nutshell, Netgear R9000 is an unusual wireless router (with two internal switches) that it requires an unusual approach to tackle it. I call it the Recalcitrant R9000.
See attached PDF file. It's 5-page long.
I spent nearly two weeks on resolving it. So it should cover most relevant issues that i'm aware of. Especially for those not familiar with R9000. Lost a few hairs in the process so you don't have to.
P.S. Need to sign in to see the attached PDF file. _________________ Life is a journey; travel alone makes it less enjoyable and lonely.
Last edited by DWCruiser on Wed Aug 23, 2023 23:14; edited 12 times in total