From: "Toke Høiland-Jørgensen" <toke@toke.dk>
To: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Cc: "cerowrt-devel@lists.bufferbloat.net"
<cerowrt-devel@lists.bufferbloat.net>
Subject: Re: [Cerowrt-devel] Routed LANs vs WOL & Windows troubles
Date: Sun, 12 Apr 2015 16:29:47 +0200 [thread overview]
Message-ID: <87zj6dmnc4.fsf@toke.dk> (raw)
In-Reply-To: <C7617157-725D-4C69-A4D8-2D6DB7D3A622@darbyshire-bryant.me.uk> (Kevin Darbyshire-Bryant's message of "Sun, 12 Apr 2015 12:40:17 +0000")
Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk> writes:
> Yes please!
Right, well you can do it in two ways - depending on whether you want to
use the switch VLAN functionality (this is on the WNDR3800 - no idea
what the Archer has). I happen to have one box use the switch VLANs and
the other not, so both are included below:
This is all in /etc/config/network:
On the gateway device, I changed each of the sw* and gw* interfaces so
they use the VLANs:
config interface sw00
option 'type' 'bridge'
option 'ifname' 'se00.2'
option 'proto' 'static'
The 'bridge' turns the interface into a bridge connected to the 'se00.2'
interface. The '.2' means 'use VLAN 2' on that interface, so in this
case, use VLAN 2 on the se00 interface. You need to use separate VLANS
for each of the interfaces you want to bridge in this way.
On this box, I then activate the switch VLAN functionality as follows:
config switch
option name rtl8366s
option reset 1
option enable_vlan 1
option enable_vlan4k 1
# Blinkrate: 0=43ms; 1=84ms; 2=120ms; 3=170ms; 4=340ms; 5=670ms
option blinkrate 2
option max_length 3
Note the 'enable_vlan' and 'enable_vlan4k' options - both are needed!
Then, modify the existing switch_vlan section:
config switch_vlan
option device rtl8366s
option vlan 1
option ports "0 1 2t 3t 5t"
# option ports "0 1 2 3 5t"
The commented out option was the original setting. The 't' is for
'tagged', meaning that in this case, ports 0 and 1 are on VLAN 1
untagged (so traffic is considered to be part of VLAN 1, but no tags go
out on the wire), while ports 2 and 3 have VLAN tags on them (so the
equipment at the other end need to understand them). Port 5 is the
internal port that the WNDR itself sees all the traffic on, so should
always be tagged.
Now, add a section for each additional VLAN that you want to use:
config switch_vlan
option device rtl8366s
option vlan 2
option ports "2t 3t 5t"
Here I define VLAN 2 active on ports 2 and 3 with VLAN tags. I have
identical sections for VLANs 3, 4 and 5.
Finally, I have sections:
config switch_port
option port 0
option pvid 1
Which basically tells the switch that the default VLAN for port 0 is
vlan 1. I have those for ports 0 and 1, but not entirely sure they're
absolutely needed.
The above config (repeated appropriately for all the wireless interfaces
you want this to work for) should get your wireless interfaces setup to
be bridged with a VLAN each. No changes are needed in
/etc/config/wireless, as long as you keep the 'config interface sw00'
part the same.
Now, on the secondary AP, I use the WAN port as the VLAN-aware 'uplink'
port to the primary gateway, and I don't use the switch VLAN support. So
this config is a bit simpler, and may be applicable to your setup if you
don't have a hardware switch in your device (or just don't want to use
it).
So what I do on the secondary AP is just, in /etc/config/network, set up
the bridging similar to on the primary AP:
config interface sw00
option 'type' 'bridge'
option 'ifname' 'ge00.2'
(again, repeat for all the sw* and gw* interfaces).
Make sure to match the VLAN number with what you had at the other end.
Also, I bridge the LAN ports with VLAN1:
config interface se00
option 'ifname' 'se00 ge00.1'
option 'type' 'bridge'
so anything connecting to the other side of the secondary AP will work
as though they're just on the LAN.
Also, on the secondary AP, I turn off all services (only ntpd, dropbear
and hostapd are running), and assign different IPs to the interfaces
(just add one to the last octet). The wireless config on the secondary
AP is identical to the primary, except I change the wireless channels to
minimise interference. If you're using PSKs for encrypted wifi, just use
the same key. If you're using WPA enterprise-type setups, just point the
secondary AP at the primary in the auth_server directive.
Hope the above explanation makes sense; if not, feel free to ask more
questions :P
-Toke
next prev parent reply other threads:[~2015-04-12 14:29 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-11 17:01 Kevin Darbyshire-Bryant
2015-04-12 11:57 ` Toke Høiland-Jørgensen
2015-04-12 12:40 ` Kevin Darbyshire-Bryant
2015-04-12 14:29 ` Toke Høiland-Jørgensen [this message]
2015-04-12 18:18 ` Kevin Darbyshire-Bryant
2015-04-12 18:23 ` Toke Høiland-Jørgensen
2015-04-12 14:18 ` Alan Jenkins
2015-04-12 18:31 ` Kevin Darbyshire-Bryant
2015-04-12 21:57 ` Dave Taht
[not found] <552CDDB9.40909@darbyshire-bryant.me.uk>
2015-04-14 19:48 ` Kevin Darbyshire-Bryant
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/cerowrt-devel.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87zj6dmnc4.fsf@toke.dk \
--to=toke@toke.dk \
--cc=cerowrt-devel@lists.bufferbloat.net \
--cc=kevin@darbyshire-bryant.me.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox