* [Cerowrt-users] How to setup VLANs?
@ 2013-04-15 20:50 Jeremy Tourville
2013-04-16 6:11 ` Dave Taht
0 siblings, 1 reply; 2+ messages in thread
From: Jeremy Tourville @ 2013-04-15 20:50 UTC (permalink / raw)
To: cerowrt-users
[-- Attachment #1: Type: text/plain, Size: 6904 bytes --]
Hello,
I am trying to setup my WNDR3800 such that I have two vlans- one for my regular network and another for my VoIP equipment. I am connected to the internet via DSL connection. I hand configured my config files (network, firewall and dhcp) Upon reboot my I cannot login via the wired interface, I have to use wireless. I have used openwrt in the past starting with version 8.09 and most recently 10 (backfire) on my Asus WL520GU router. I do have a working config with two VLANs on the Asus system. While there are many similarities I can see there are enough differences that make things a little more complex. What am I doing wrong? I'd be glad to write up a document and post it for the benefit of everyone if I can make this work. Here are copies of my config files- with passwords changed to something generic for my dsl service (my real files have the correct info). I also removed some info to hopefully keep this email small enough for the list. I also reviewed what was written in another forum for some answers - http://www.mail-archive.com/cerowrt-devel@lists.bufferbloat.net/msg00595.html Many thanks in advance for your assistance.
Network
config interface 'se00'
option ifname 'se00'
option proto 'static'
option ipaddr '172.30.42.1'
option netmask '255.255.255.224'
option ip6assign '64'
config interface 'se01'
option ifname 'se01'
option proto 'static'
option ipaddr '172.30.42.33'
option netmask '255.255.255.224'
option ip6assign '64'
config interface 'ge00'
option ifname 'ge00'
option proto 'pppoe'
option username 'myusername'
option password 'mypassword'
config switch
option name 'rtl8366s'
option reset '1'
option blinkrate '2'
option max_length '3'
option enable_vlan '1'
option enable_vlan4k '1'
config switch_vlan
option device 'rtl8366s'
option vlan '1'
option ports '2 3 5t'
config switch_vlan
option device 'rtl8366s'
option vlan '2'
option ports '0 1 5t'
config switch_port
option device 'rtl8366s'
option port '1'
option led '6'
config switch_port
option device 'rtl8366s'
option port '2'
option led '9'
config switch_port
option device 'rtl8366s'
option port '5'
option led '2'
Firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option drop_invalid '1'
option syn_flood '1'
option synflood_rate '200'
option synflood_burst '500'
option tcp_ecn '1'
config zone
option input 'ACCEPT'
option forward 'REJECT'
option output 'ACCEPT'
option name 'wan'
option masq '1'
option mtu_fix '1'
option network 'ge00'
config zone
option input 'ACCEPT'
option forward 'ACCEPT'
option output 'ACCEPT'
option name 'lan'
option network 'se00 se01 sw00 sw10'
config forwarding
option dest 'wan'
option src 'lan'
config forwarding
option dest 'lan'
option src 'wan'
config zone
option input 'ACCEPT'
option output 'ACCEPT'
option name 'guest'
option forward 'ACCEPT'
option network 'gw00 gw01 gw10 gw11'
config forwarding
option dest 'wan'
option src 'guest'
config forwarding
option dest 'guest'
option src 'lan'
config forwarding
option dest 'guest'
option src 'wan'
config rule
option target 'ACCEPT'
option name 'domain'
option src '*'
option dest '*'
option dest_port '53'
config rule
option target 'ACCEPT'
option name 'ntp'
option proto 'udp'
option dest '*'
option src '*'
option dest_port '123'
config rule
option target 'ACCEPT'
option name 'dhcp4'
option family 'ipv4'
option proto 'udp'
option src '*'
option dest '*'
option dest_port '68'
config rule
option target 'ACCEPT'
option name 'printers'
option proto 'tcp'
option src '*'
option dest '*'
option dest_port '631'
config rule
option target 'ACCEPT'
option name 'Useful Services'
option proto 'tcp'
option src '*'
option dest '*'
option dest_port '80 443 873 993'
config rule
option target 'ACCEPT'
option name 'ipv6 dfz'
option family 'ipv6'
option proto 'all'
option src '*'
option dest 'guest'
config rule
option target 'ACCEPT'
option name 'icmpv6'
option family 'ipv6'
option proto 'icmp'
option src '*'
option dest '*'
config rule
option src 'wan'
option proto 'tcp udp'
option dest_port '81 137 138 139 445 9091 8123'
option name 'blockconfig'
option target 'DROP'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option src 'guest'
option proto 'tcp udp'
option dest_port '81 137 138 139 445 8123'
option name 'blockconfig2'
option target 'DROP'
DHCPconfig dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/home.lan/'
option domain 'home.lan'
option expandhosts '1'
option port '53'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option cachesize '5000'
option dhcpscript '/etc/dnsmasq_net6.sh'
list notinterface 'ge00'
config dhcp 'se00'
option interface 'se00'
option start '2'
option limit '26'
list dhcp_option '42,0.0.0.0'
list dhcp_option '44,0.0.0.0'
list dhcp_option '45,0.0.0.0'
list dhcp_option '46,8'
option leasetime '24h'
option domain 'home.lan'
config dhcp 'se01'
option interface 'se01'
option start '34'
option limit '4'
option leasetime '24h'
option domain 'home.lan'
config dhcp 'ge00'
option interface 'ge00'
option ignore '1'
config domain
option name 'gw.home.lan'
option ip '172.30.42.1'
config domain
option name 'wpad.home.lan'
option ip '172.30.42.1'
[-- Attachment #2: Type: text/html, Size: 14906 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [Cerowrt-users] How to setup VLANs?
2013-04-15 20:50 [Cerowrt-users] How to setup VLANs? Jeremy Tourville
@ 2013-04-16 6:11 ` Dave Taht
0 siblings, 0 replies; 2+ messages in thread
From: Dave Taht @ 2013-04-16 6:11 UTC (permalink / raw)
To: Jeremy Tourville; +Cc: cerowrt-users
[-- Attachment #1: Type: text/plain, Size: 7902 bytes --]
vlans are addressed via the "." syntax. So for example, the iface for vlan
1 would be se00.1. not se01. You can still use the interface line of se01
if you wish.
On Mon, Apr 15, 2013 at 1:50 PM, Jeremy Tourville <
jeremy_tourville@hotmail.com> wrote:
> Hello,
> I am trying to setup my WNDR3800 such that I have two vlans- one for my
> regular network and another for my VoIP equipment. I am connected to the
> internet via DSL connection. I hand configured my config files (network,
> firewall and dhcp) Upon reboot my I cannot login via the wired interface,
> I have to use wireless. I have used openwrt in the past starting with
> version 8.09 and most recently 10 (backfire) on my Asus WL520GU router. I
> do have a working config with two VLANs on the Asus system. While there
> are many similarities I can see there are enough differences that make
> things a little more complex. What am I doing wrong? I'd be glad to write
> up a document and post it for the benefit of everyone if I can make this
> work. Here are copies of my config files- with passwords changed to
> something generic for my dsl service (my real files have the correct
> info). I also removed some info to hopefully keep this email small enough
> for the list. I also reviewed what was written in another forum for some
> answers -
> http://www.mail-archive.com/cerowrt-devel@lists.bufferbloat.net/msg00595.html
> Many thanks in advance for your assistance.
>
> *Network*
>
> config interface 'se00'
> option ifname 'se00'
> option proto 'static'
> option ipaddr '172.30.42.1'
> option netmask '255.255.255.224'
> option ip6assign '64'
>
> config interface 'se01'
> option ifname 'se01'
> option proto 'static'
> option ipaddr '172.30.42.33'
> option netmask '255.255.255.224'
> option ip6assign '64'
>
> config interface 'ge00'
> option ifname 'ge00'
> option proto 'pppoe'
> option username 'myusername'
> option password 'mypassword'
>
>
> config switch
> option name 'rtl8366s'
> option reset '1'
> option blinkrate '2'
> option max_length '3'
> option enable_vlan '1'
> option enable_vlan4k '1'
>
> config switch_vlan
> option device 'rtl8366s'
> option vlan '1'
> option ports '2 3 5t'
>
> config switch_vlan
> option device 'rtl8366s'
> option vlan '2'
> option ports '0 1 5t'
>
> config switch_port
> option device 'rtl8366s'
> option port '1'
> option led '6'
>
> config switch_port
> option device 'rtl8366s'
> option port '2'
> option led '9'
>
> config switch_port
> option device 'rtl8366s'
> option port '5'
> option led '2'
>
> *Firewall*
>
> config defaults
> option input 'ACCEPT'
> option output 'ACCEPT'
> option forward 'REJECT'
> option drop_invalid '1'
> option syn_flood '1'
> option synflood_rate '200'
> option synflood_burst '500'
> option tcp_ecn '1'
>
> config zone
> option input 'ACCEPT'
> option forward 'REJECT'
> option output 'ACCEPT'
> option name 'wan'
> option masq '1'
> option mtu_fix '1'
> option network 'ge00'
>
> config zone
> option input 'ACCEPT'
> option forward 'ACCEPT'
> option output 'ACCEPT'
> option name 'lan'
> option network 'se00 se01 sw00 sw10'
>
> config forwarding
> option dest 'wan'
> option src 'lan'
>
> config forwarding
> option dest 'lan'
> option src 'wan'
>
> config zone
> option input 'ACCEPT'
> option output 'ACCEPT'
> option name 'guest'
> option forward 'ACCEPT'
> option network 'gw00 gw01 gw10 gw11'
>
> config forwarding
> option dest 'wan'
> option src 'guest'
>
> config forwarding
> option dest 'guest'
> option src 'lan'
>
> config forwarding
> option dest 'guest'
> option src 'wan'
>
> config rule
> option target 'ACCEPT'
> option name 'domain'
> option src '*'
> option dest '*'
> option dest_port '53'
>
> config rule
> option target 'ACCEPT'
> option name 'ntp'
> option proto 'udp'
> option dest '*'
> option src '*'
> option dest_port '123'
>
> config rule
> option target 'ACCEPT'
> option name 'dhcp4'
> option family 'ipv4'
> option proto 'udp'
> option src '*'
> option dest '*'
> option dest_port '68'
>
> config rule
> option target 'ACCEPT'
> option name 'printers'
> option proto 'tcp'
> option src '*'
> option dest '*'
> option dest_port '631'
>
> config rule
> option target 'ACCEPT'
> option name 'Useful Services'
> option proto 'tcp'
> option src '*'
> option dest '*'
> option dest_port '80 443 873 993'
>
> config rule
> option target 'ACCEPT'
> option name 'ipv6 dfz'
> option family 'ipv6'
> option proto 'all'
> option src '*'
> option dest 'guest'
>
> config rule
> option target 'ACCEPT'
> option name 'icmpv6'
> option family 'ipv6'
> option proto 'icmp'
> option src '*'
> option dest '*'
>
> config rule
> option src 'wan'
> option proto 'tcp udp'
> option dest_port '81 137 138 139 445 9091 8123'
> option name 'blockconfig'
> option target 'DROP'
>
> config rule
> option name 'Allow-DHCPv6'
> option src 'wan'
> option proto 'udp'
> option src_ip 'fe80::/10'
> option src_port '547'
> option dest_ip 'fe80::/10'
> option dest_port '546'
> option family 'ipv6'
> option target 'ACCEPT'
>
> config rule
> option src 'guest'
> option proto 'tcp udp'
> option dest_port '81 137 138 139 445 8123'
> option name 'blockconfig2'
> option target 'DROP'
>
> *DHCP*
>
> config dnsmasq
> option domainneeded '1'
> option boguspriv '1'
> option filterwin2k '0'
> option localise_queries '1'
> option rebind_protection '1'
> option rebind_localhost '1'
> option local '/home.lan/'
> option domain 'home.lan'
> option expandhosts '1'
> option port '53'
> option nonegcache '0'
> option authoritative '1'
> option readethers '1'
> option leasefile '/tmp/dhcp.leases'
> option resolvfile '/tmp/resolv.conf.auto'
> option cachesize '5000'
> option dhcpscript '/etc/dnsmasq_net6.sh'
> list notinterface 'ge00'
>
> config dhcp 'se00'
> option interface 'se00'
> option start '2'
> option limit '26'
> list dhcp_option '42,0.0.0.0'
> list dhcp_option '44,0.0.0.0'
> list dhcp_option '45,0.0.0.0'
> list dhcp_option '46,8'
> option leasetime '24h'
> option domain 'home.lan'
>
> config dhcp 'se01'
> option interface 'se01'
> option start '34'
> option limit '4'
> option leasetime '24h'
> option domain 'home.lan'
>
> config dhcp 'ge00'
> option interface 'ge00'
> option ignore '1'
>
> config domain
> option name 'gw.home.lan'
> option ip '172.30.42.1'
>
> config domain
> option name 'wpad.home.lan'
> option ip '172.30.42.1'
>
>
> _______________________________________________
> Cerowrt-users mailing list
> Cerowrt-users@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-users
>
>
--
Dave Täht
Fixing bufferbloat with cerowrt:
http://www.teklibre.com/cerowrt/subscribe.html
[-- Attachment #2: Type: text/html, Size: 12683 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-04-16 6:11 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-04-15 20:50 [Cerowrt-users] How to setup VLANs? Jeremy Tourville
2013-04-16 6:11 ` Dave Taht
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox