[OpenWrt-Devel] DSA vlan configuration
Bjørn Mork
bjorn at mork.no
Thu Jun 4 09:06:37 EDT 2020
Did some quick experiments on my WRT1900ACv1 (Mamba) now that DSA is
finally in master...
I wonder if I have understood this correctly:
1) vlan_filtering is required when bridging tagged and untagged DSA
ports, and
2) all bridge ports, including the wireless VIFs, must be configured
with the correct VIDs when vlan_filtering is enabled
An if so, how are we supposed to configure that?
I guess a real example helps illustrating the problem. My example
network has 3 bridges, each connecting a set of untagged ports/VIFs with
one specific tagged vlan on the "wan" port:
config interface 'lan'
option type 'bridge'
option ifname 'wan.7 lan2 lan3 lan4'
option proto 'none'
config interface 'antiboks'
option ifname 'wan.8'
option type 'bridge'
option proto 'none'
config interface 'oob'
option ifname 'wan.203 lan1'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.99.2'
option netmask '255.255.255.0'
option dns '192.168.99.1'
option dns_search 'mork.no'
(I realize that this could be merged to a single bridge wth
vlan_filtering, but that doesn't really change the configuration
problem.)
For now I have just hardcoded bridge, port and VIF names in a simple
script. But this is obviously not a workable permanent solution..
# 1. enable vlan filtering on all bridges
for b in lan antiboks oob; do
echo 1 >/sys/class/net/br-$b/bridge/vlan_filtering
done
# 2. configure the vlans for each bridge port
for p in wan.7 wlan0 wlan1 lan2 lan3 lan4; do
bridge vlan add vid 7 pvid untagged dev $p
bridge vlan del vid 1 dev $p
done
for p in wan.8 wlan0-1 wlan1-1; do
bridge vlan add vid 8 pvid untagged dev $p
bridge vlan del vid 1 dev $p
done
for p in wan.203 wlan0-2 lan1; do
bridge vlan add vid 203 pvid untagged dev $p
bridge vlan del vid 1 dev $p
done
# 3. configure vlan for local bridge interfaces
bridge vlan add vid 203 pvid untagged dev br-oob self
bridge vlan del vid 1 dev br-oob self
The working result is:
root at wrt1900ac-1:/# brctl show
bridge name bridge id STP enabled interfaces
br-antiboks 7fff.b4750e60b7e5 no wlan0-1
wan.8
wlan1-1
br-lan 7fff.b4750e60b7e5 no lan4
lan2
wan.7
wlan0
lan3
wlan1
br-oob 7fff.b4750e60b7e5 no wlan0-2
wan.203
lan1
root at wrt1900ac-1:/# grep . /sys/class/net/*/bridge/vlan_filtering
/sys/class/net/br-antiboks/bridge/vlan_filtering:1
/sys/class/net/br-lan/bridge/vlan_filtering:1
/sys/class/net/br-oob/bridge/vlan_filtering:1
root at wrt1900ac-1:/# bridge vlan
port vlan ids
lan4 7 PVID Egress Untagged
lan3 7 PVID Egress Untagged
lan2 7 PVID Egress Untagged
lan1 203 PVID Egress Untagged
br-antiboks 1 PVID Egress Untagged
wan.8 8 PVID Egress Untagged
br-lan 1 PVID Egress Untagged
wan.7 7 PVID Egress Untagged
br-oob 203 PVID Egress Untagged
wan.203 203 PVID Egress Untagged
wlan1 7 PVID Egress Untagged
wlan0 7 PVID Egress Untagged
wlan0-1 8 PVID Egress Untagged
wlan0-2 203 PVID Egress Untagged
wlan1-1 8 PVID Egress Untagged
Bjørn
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list