[RFC PATCH v2 0/1] Introduce UCI support for configuring DSA VLAN filter rules
Jo-Philipp Wich
jo at mein.io
Thu Jul 23 08:17:49 EDT 2020
Hi,
> 1. Have VLAN devices on top of vlan-enabled bridges to define hotplug
> ops where applicable, so LAN could be a plain VLAN interface switch0.1
> instead of its own bridge.
> 2. With these wrapper hotplug ops, a default VLAN would be passed as
> well, unless overwritten by other VLAN settings (see below)
> 3. In addition to option network, allow specifying option network-vlan
> in the wifi-iface section and have it contain a list of VLANs +
> modifiers (tagged/PVID).
I am a little bit torn. While the simplification of the config is nice, I
don't like how "option network" acts completely different compared to when the
target interface does not happen to be a (vlan enabled) bridge. People might
assume that merely specifying "option network" somehow creates a bridge.
What about spelling out the dependency explicitly? Instead of overloading the
meaning of "option network", add an "option bridge" instead which reuses the
existing vlan notation followed by a vlan id spec as defined by the "option
ports" notation for bridge devices, e.g.
option bridge switch0 (default vlan 1 untagged)
or
option bridge switch0
option vlan 1:u* # equivalent to just switch0
or
option bridge switch0
option vlan 20:t
The advantage would also be, that is is completely clear that we're not
inheriting any layer 3 ip settings but that we make the wifi netdev act as
bridge port. It is also somewhat aligned with native hostapd configuration.
~Jo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20200723/089deee2/attachment.sig>
More information about the openwrt-devel
mailing list