Saturday 26 September 2020

Adding VLANs to OpenWRT

Adding VLANs to OpenWRT.md

Adding VLANs to a hacked OpenWRT router

Technicolor MediaAccess TG589vac

TG589vac Router

Warning: Incorrectly modifying the /etc/config/network file can cause switch/router inoperabilty, it could brick the device or cause it to lose network connectivity to it’s management interface. Follow these steps only with full knowledge that you could destroy your router or switch. I accept no responsibility!

I inherited one of these routers from a previous ISP and bought another from ebay since they make pretty competent 4-port gigabit switches once the firmware has been rooted. I have a guide to root your TG589vac here. Since setting them up as my home lab switches, I now have a requirement to implement VLANs on my network for segmentation and to make things tidyer on my virtualisation hosts.

Since these routers are running OpenWRT then adding VLANs to them is fairly straight forward. Log into the router as root and modify the network config file with vi /etc/config/network

The interesting section of this file is here:

config switch_vlan 'lan_switch'
	option ports '1* 2* 3* 4* 8t'
	option device 'bcmsw'
	option vlan '1'
config switch_vlan 'lan_switch'
	option ports '1* 2* 4t 8t'
	option device 'bcmsw'
	option vlan '1'

config switch_vlan 'lan_switch_vlan5'
	option ports '3* 4t 8t'
	option device 'bcmsw'
	option vlan '5'

Notice that port 3 was removed and port 4 was switched to tagged on VLAN id 1, then VLAN id 5 has been configured on port 3 untagged and port 4 tagged. I’m unsure of the significace of port 8t but in my case it works with the port included in all additional VLANs.

* - denotes untagged
t - denotes tagged

Warning: DO NOT change the name of the vlan ‘lan_switch’ doing so caused a segfault when reloading the network on my switch and soft-bricked it. The switch was left restarting the network over and over. After much trial and error, I managed to factory reset it once all physical network ports were unplugged.

Once you have made your edits, restart the network with /etc/init.d/network reload or service network reload depending on the OpenWRT version.

root@dsldevice:~# /etc/init.d/network reload  
Success  
JUMBO_PORT_MASK:0x000001FF  
GPHY_0 port accepts jumbo frames.  
GPHY_1 port accepts jumbo frames.  
GMII_1 port accepts jumbo frames.  
GMII_2 port accepts jumbo frames.  
GPON_SERDES port accepts jumbo frames.  
MOCA port accepts jumbo frames.  
USB port accepts jumbo frames.  
GPON port accepts jumbo frames.  
MIPS port accepts jumbo frames.  
Success  
Success  
CDK_E_PORT  
CDK_E_PORT

If you happen to do this and find out you cannot get multicast working on your new VLANs, check out this post.

Written with StackEdit.

No comments:

Post a Comment

Please be nice! :)

Nutanix CE 2.0 on ESXi AOS Upgrade Hangs

AOS Upgrade on ESXi from 6.5.2 to 6.5.3.6 hangs. Issue I have tried to upgrade my Nutanix CE 2.0 based on ESXi to a newer AOS version for ...