Posted: Sun Jul 04, 2021 19:52 Post subject: EA8500 vlans on r46885
This topic was split off the build thread - kp69
Something funny is going on with my EA8500 with this build (and potentially others, not tried).
While attempting to create vlan10 on LAN port 4 via the Switch Config page, I lose all connections to my router. Port 4 is not connected to anything yet, but I can verify if I DO connect it, it shows as connected on the Switch Config page, so they do appear to be in sync with the hardware. Note that this happens just doing an Apply. I have not even Saved it yet and cannot because of the disconnect.
I can move my port 1 ethernet cable at this point to port 3 or 4 (weird I know) and get access to the router GUI again, but the WAN is also not connected at this point. Reverting port 4 back to vlan 0 does not fix the WAN routing issue. I have to do a full reset and restore to get the WAN back.
This is how things appear BEFORE making the vlan10 on LAN port 4.
Netgear R7800 (AP, VAP) - DD-WRT r50146
Features in use: multiple VLANs over single trunk port, multiple VAPs
Linksys EA8500 (Spare) - DD-WRT r50146
Netgear R6250 (Spare) - DD-WRT r50057
OSes: Fedora 35, 7x RPis (2,3,4), 16x ESP8266s: Straight from Amiga to Linux in '94. Never having owned a Windows PC.
Member #248
Last edited by lexridge on Mon Jul 05, 2021 19:26; edited 1 time in total
Then all the other platforms besides Broadcom still have to use command line voodoo and not the webUI; I guess I was wrong thinking that it was going to be working across the board.
Not to jump to quick conclusions, but perhaps someone with an EA8500 can try this to see if their results are similar? _________________ Linksys EA8500 (Internet Gateway, AP/VAP) - DD-WRT r50146
Features in use: multiple VLANs, Samba, OpenVPN, WireGuard, Entware: mqtt, mlocate, gcc
Netgear R7800 (AP, VAP) - DD-WRT r50146
Features in use: multiple VLANs over single trunk port, multiple VAPs
Linksys EA8500 (Spare) - DD-WRT r50146
Netgear R6250 (Spare) - DD-WRT r50057
OSes: Fedora 35, 7x RPis (2,3,4), 16x ESP8266s: Straight from Amiga to Linux in '94. Never having owned a Windows PC.
I was under the impression that this was functional across the board by this release and it apparently is not; others have stated they are still using startup commands for multiple vlan assignment functionality on Atheros. If anyone has a "me, too" to add here, please do.
I don't know if my problem (tried on Netgear 7800 with r47000) is the same, but it might be; it's definitely similar. When I restore my settings from an old build where the "switch config" page didn't appear, vlans work and the ethernet port assignments work (using custom commands).
When I try to reproduce those settings by manually entering settings in the GUI (and in combination with the custom scripts), I can never get it to work, but I couldn't figure out quite why. Happy to share any info that might be helpful.
Googling on here it looked like the broadcoms had recently-ish changed to using the same approach as atheros for setting up vlans, but I didn't think that atheros had changed.
The only true way to test webUI functionality for vlans / switch config page is to remove *any* and *all* custom startup scripts and configure via the webUI; otherwise your reports that it does not work are invalid.
I don't have (and never have had) any vlans in startup so this is basically a fresh out of the box setup for me. I did a full wipe and set it all back up manually just a few versions ago. I tried this first on a Netgear R6250 (bcm) and it did work as expected there.
I did attempt to make this work using the swconfig command via ssh (not startup), and was still unable to make it work due to similar issues. I have since restored from my solid backup. These were my commands in the order ran:
Code:
swconfig dev eth0 vlan 1 set ports "0t 1 2 3"
swconfig dev eth0 vlan 10 set ports "0t 4"
swconfig dev eth0 set enable_vlan 10
swconfig dev eth0 set apply
vconfig add eth0 10
ifconfig vlan10 10.1.0.1 /24
The last line give me the error: ifconfig: bad address ''
It did show up under Networking after doing this, and I was able to add the 10.1.0.1 address to the port. Applying it however again, kills access to the router.
Also interesting, when doing a #ip a, it is giving me a netmask of /8.
Code:
16: vlan10@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 14:91:82:67:34:76 brd ff:ff:ff:ff:ff:ff
inet 10.1.0.1/8 brd 10.255.255.255 scope global vlan10
valid_lft forever preferred_lft forever
inet6 fe80::1691:82ff:fe67:3476/64 scope link
valid_lft forever preferred_lft forever
EDIT: When plugging port 4 into the Netgear switch, I am apparently creating a network loop totally overloading my entire network. _________________ Linksys EA8500 (Internet Gateway, AP/VAP) - DD-WRT r50146
Features in use: multiple VLANs, Samba, OpenVPN, WireGuard, Entware: mqtt, mlocate, gcc
Netgear R7800 (AP, VAP) - DD-WRT r50146
Features in use: multiple VLANs over single trunk port, multiple VAPs
Linksys EA8500 (Spare) - DD-WRT r50146
Netgear R6250 (Spare) - DD-WRT r50057
OSes: Fedora 35, 7x RPis (2,3,4), 16x ESP8266s: Straight from Amiga to Linux in '94. Never having owned a Windows PC.
There is an eth0 (WAN) and switch0 (LAN) on R7800 / EA8500 if memory serves me correctly. The output of 'swconfig list' will tell you for sure. I don't know why you are trying to configure vlans on your WAN and not your LAN.
Code:
# swconfig list
Found: switch0 - gpio-0
Humm, I didn't realize I was even doing that. The intention was to do it all on the LAN side. Just shows my lack of knowledge with swconfig and vlans. Doh! However, that is good to know. thanks for the tip.
EDIT: So I gather this is what you are suggesting?
Code:
swconfig dev eth0 vlan 1 set ports "0t 1 2 3"
swconfig dev switch0 vlan 10 set ports "0t 4"
swconfig dev switch0 set enable_vlan 10
swconfig dev switch0 set apply
vconfig add switch0 10 < -- Doesn't work
ifconfig vlan10 10.1.0.1 /24 < -- Doesn't work
Netgear R7800 (AP, VAP) - DD-WRT r50146
Features in use: multiple VLANs over single trunk port, multiple VAPs
Linksys EA8500 (Spare) - DD-WRT r50146
Netgear R6250 (Spare) - DD-WRT r50057
OSes: Fedora 35, 7x RPis (2,3,4), 16x ESP8266s: Straight from Amiga to Linux in '94. Never having owned a Windows PC.
Member #248
Last edited by lexridge on Mon Jul 05, 2021 19:40; edited 1 time in total
That looks about right. I guess the nomenclature changed at some point since @mrjcd's and other references use eth0. You *should* be able to do all of this on the lan side of your other router in the webUI if it is Broadcom, afaik.
I did in fact use @mrjcd's examples.
Yes, the R6250 worked great from the WebUI and is mostly configured and seems to be working. Just needing the other half to work now. _________________ Linksys EA8500 (Internet Gateway, AP/VAP) - DD-WRT r50146
Features in use: multiple VLANs, Samba, OpenVPN, WireGuard, Entware: mqtt, mlocate, gcc
Netgear R7800 (AP, VAP) - DD-WRT r50146
Features in use: multiple VLANs over single trunk port, multiple VAPs
Linksys EA8500 (Spare) - DD-WRT r50146
Netgear R6250 (Spare) - DD-WRT r50057
OSes: Fedora 35, 7x RPis (2,3,4), 16x ESP8266s: Straight from Amiga to Linux in '94. Never having owned a Windows PC.
for my VLAN same as I have used for many years.
VLAN on 1 port with wlan0.1
startup commands haven't changed a bit
Code:
swconfig dev eth0 vlan 1 set ports "0t 1 2 3"
swconfig dev eth0 vlan 4 set ports "0t 4"
swconfig dev eth0 set enable_vlan 4
swconfig dev eth0 set apply
vconfig add eth0 4
ifconfig vlan4 up
brctl addif br1 vlan4
firewall:
Code:
iptables -t nat -A POSTROUTING -s 10.172.128.240/28 -j MASQUERADE
iptables -I INPUT -i br1 -m state --state NEW -j DROP
iptables -I INPUT -i br1 -p udp -m multiport --dports 53,67 -j ACCEPT
iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j DROP
iptables -I FORWARD -i br1 -o br0 -d 10.72.28.1 -m state --state NEW -j ACCEPT
1. firewall is for its ovpn server
4. firewall is so br1 can access my public webserver
I was hoping that the switch config page would work across the board...
I've never tried it. Used to the way I always have so that's what I use.
The brm E2500 I set same VLAN when I use it as main router.....have to do a bit of command stuff with it just cause it ain't like other broadcomy units.
Might have to have a looksee someday just to see whats what now
