From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ia0-x234.google.com (mail-ia0-x234.google.com [IPv6:2607:f8b0:4001:c02::234]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id E1B1421F1E0 for ; Mon, 15 Apr 2013 23:11:02 -0700 (PDT) Received: by mail-ia0-f180.google.com with SMTP id l29so100870iag.39 for ; Mon, 15 Apr 2013 23:11:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=d4UWhWia6BniUka4Lb8jUsBc61nrPYs1bF0xZBV8MYI=; b=BDErl6S8jpU7iLlkfWNs/CPpkSF/p9olDFS4BZnwcd6WBZ3GYZbNNBDL3TCF3GKgXe xe5KhQfo2qnPkPLErIhClRr78KISKRFzOyHR+kfU2MJihnV2WBEt8SlhQ+toGMSTDSL7 LZFUgYVdhlEbkuw+xMFj/z17g4rHa/3ZNJWIX7cRfn8IQ7zB926acnhWdyD3powD46xo 6gLQlLCB54ApKuWe2BXrGyc5yn18yH/ghQPtv61BcOOEcTe/QZnuBtGmvLbV8ngdwdyt oYuiwaHXwMpnPxcr6pM9PlOnURqheySNdk0wGA8EfIPY3hwhM00parlUWZyJM34haktT +gLw== MIME-Version: 1.0 X-Received: by 10.50.25.102 with SMTP id b6mr6932667igg.27.1366092661919; Mon, 15 Apr 2013 23:11:01 -0700 (PDT) Received: by 10.64.132.71 with HTTP; Mon, 15 Apr 2013 23:11:01 -0700 (PDT) In-Reply-To: References: Date: Mon, 15 Apr 2013 23:11:01 -0700 Message-ID: From: Dave Taht To: Jeremy Tourville Content-Type: multipart/alternative; boundary=047d7bd768bcd81b9e04da743b7b Cc: "cerowrt-users@lists.bufferbloat.net" Subject: Re: [Cerowrt-users] How to setup VLANs? X-BeenThere: cerowrt-users@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Support for user problems regarding cerowrt List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Apr 2013 06:11:03 -0000 --047d7bd768bcd81b9e04da743b7b Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable vlans are addressed via the "." syntax. So for example, the iface for vlan 1 would be se00.1. not se01. You can still use the interface line of se01 if you wish. On Mon, Apr 15, 2013 at 1:50 PM, Jeremy Tourville < jeremy_tourville@hotmail.com> wrote: > Hello, > I am trying to setup my WNDR3800 such that I have two vlans- one for my > regular network and another for my VoIP equipment. I am connected to the > internet via DSL connection. I hand configured my config files (network, > firewall and dhcp) Upon reboot my I cannot login via the wired interface= , > I have to use wireless. I have used openwrt in the past starting with > version 8.09 and most recently 10 (backfire) on my Asus WL520GU router. = I > do have a working config with two VLANs on the Asus system. While there > are many similarities I can see there are enough differences that make > things a little more complex. What am I doing wrong? I'd be glad to wri= te > up a document and post it for the benefit of everyone if I can make this > work. Here are copies of my config files- with passwords changed to > something generic for my dsl service (my real files have the correct > info). I also removed some info to hopefully keep this email small enoug= h > for the list. I also reviewed what was written in another forum for some > answers - > http://www.mail-archive.com/cerowrt-devel@lists.bufferbloat.net/msg00595.= html > Many thanks in advance for your assistance. > > *Network* > > config interface 'se00' > option ifname 'se00' > option proto 'static' > option ipaddr '172.30.42.1' > option netmask '255.255.255.224' > option ip6assign '64' > > config interface 'se01' > option ifname 'se01' > option proto 'static' > option ipaddr '172.30.42.33' > option netmask '255.255.255.224' > option ip6assign '64' > > config interface 'ge00' > option ifname 'ge00' > option proto 'pppoe' > option username 'myusername' > option password 'mypassword' > > > config switch > option name 'rtl8366s' > option reset '1' > option blinkrate '2' > option max_length '3' > option enable_vlan '1' > option enable_vlan4k '1' > > config switch_vlan > option device 'rtl8366s' > option vlan '1' > option ports '2 3 5t' > > config switch_vlan > option device 'rtl8366s' > option vlan '2' > option ports '0 1 5t' > > config switch_port > option device 'rtl8366s' > option port '1' > option led '6' > > config switch_port > option device 'rtl8366s' > option port '2' > option led '9' > > config switch_port > option device 'rtl8366s' > option port '5' > option led '2' > > *Firewall* > > config defaults > option input 'ACCEPT' > option output 'ACCEPT' > option forward 'REJECT' > option drop_invalid '1' > option syn_flood '1' > option synflood_rate '200' > option synflood_burst '500' > option tcp_ecn '1' > > config zone > option input 'ACCEPT' > option forward 'REJECT' > option output 'ACCEPT' > option name 'wan' > option masq '1' > option mtu_fix '1' > option network 'ge00' > > config zone > option input 'ACCEPT' > option forward 'ACCEPT' > option output 'ACCEPT' > option name 'lan' > option network 'se00 se01 sw00 sw10' > > config forwarding > option dest 'wan' > option src 'lan' > > config forwarding > option dest 'lan' > option src 'wan' > > config zone > option input 'ACCEPT' > option output 'ACCEPT' > option name 'guest' > option forward 'ACCEPT' > option network 'gw00 gw01 gw10 gw11' > > config forwarding > option dest 'wan' > option src 'guest' > > config forwarding > option dest 'guest' > option src 'lan' > > config forwarding > option dest 'guest' > option src 'wan' > > config rule > option target 'ACCEPT' > option name 'domain' > option src '*' > option dest '*' > option dest_port '53' > > config rule > option target 'ACCEPT' > option name 'ntp' > option proto 'udp' > option dest '*' > option src '*' > option dest_port '123' > > config rule > option target 'ACCEPT' > option name 'dhcp4' > option family 'ipv4' > option proto 'udp' > option src '*' > option dest '*' > option dest_port '68' > > config rule > option target 'ACCEPT' > option name 'printers' > option proto 'tcp' > option src '*' > option dest '*' > option dest_port '631' > > config rule > option target 'ACCEPT' > option name 'Useful Services' > option proto 'tcp' > option src '*' > option dest '*' > option dest_port '80 443 873 993' > > config rule > option target 'ACCEPT' > option name 'ipv6 dfz' > option family 'ipv6' > option proto 'all' > option src '*' > option dest 'guest' > > config rule > option target 'ACCEPT' > option name 'icmpv6' > option family 'ipv6' > option proto 'icmp' > option src '*' > option dest '*' > > config rule > option src 'wan' > option proto 'tcp udp' > option dest_port '81 137 138 139 445 9091 8123' > option name 'blockconfig' > option target 'DROP' > > config rule > option name 'Allow-DHCPv6' > option src 'wan' > option proto 'udp' > option src_ip 'fe80::/10' > option src_port '547' > option dest_ip 'fe80::/10' > option dest_port '546' > option family 'ipv6' > option target 'ACCEPT' > > config rule > option src 'guest' > option proto 'tcp udp' > option dest_port '81 137 138 139 445 8123' > option name 'blockconfig2' > option target 'DROP' > > *DHCP* > > config dnsmasq > option domainneeded '1' > option boguspriv '1' > option filterwin2k '0' > option localise_queries '1' > option rebind_protection '1' > option rebind_localhost '1' > option local '/home.lan/' > option domain 'home.lan' > option expandhosts '1' > option port '53' > option nonegcache '0' > option authoritative '1' > option readethers '1' > option leasefile '/tmp/dhcp.leases' > option resolvfile '/tmp/resolv.conf.auto' > option cachesize '5000' > option dhcpscript '/etc/dnsmasq_net6.sh' > list notinterface 'ge00' > > config dhcp 'se00' > option interface 'se00' > option start '2' > option limit '26' > list dhcp_option '42,0.0.0.0' > list dhcp_option '44,0.0.0.0' > list dhcp_option '45,0.0.0.0' > list dhcp_option '46,8' > option leasetime '24h' > option domain 'home.lan' > > config dhcp 'se01' > option interface 'se01' > option start '34' > option limit '4' > option leasetime '24h' > option domain 'home.lan' > > config dhcp 'ge00' > option interface 'ge00' > option ignore '1' > > config domain > option name 'gw.home.lan' > option ip '172.30.42.1' > > config domain > option name 'wpad.home.lan' > option ip '172.30.42.1' > > > _______________________________________________ > Cerowrt-users mailing list > Cerowrt-users@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-users > > --=20 Dave T=E4ht Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html --047d7bd768bcd81b9e04da743b7b Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable vlans are addressed via the "." syntax. So for example, the iface= for vlan 1 would be se00.1. not se01. You can still use the interface line= of se01 if you wish.

On Mon, Apr 15, 201= 3 at 1:50 PM, Jeremy Tourville <jeremy_tourville@hotmail.com> wrote:
Hello,
I am trying to setup my WNDR3800 such that= I have two vlans- one for my regular network and another for my VoIP equip= ment.=A0 I am connected to the internet via DSL connection.=A0 I hand confi= gured my config files (network, firewall and dhcp)=A0 Upon reboot my I cann= ot login via the wired interface, I have to use wireless.=A0 I have used op= enwrt in the past starting with version 8.09 and most recently 10 (backfire= ) on my Asus WL520GU router.=A0 I do have a working config with two=A0VLANs= on the Asus=A0system.=A0 While there are many similarities I can see there= are enough differences that make things a little more complex.=A0 What am = I doing wrong?=A0 I'd be glad to write up a document and post it for th= e benefit of everyone if I can make this work.=A0 Here are copies of my con= fig files- with passwords changed to something generic=A0for my dsl service= (my real files have the correct info).=A0=A0I also removed some info to ho= pefully=A0keep this email small enough for the list.=A0 I also reviewed wha= t was written in another forum for some answers - http://www.mail-archive.com/cerowrt-dev= el@lists.bufferbloat.net/msg00595.html=A0 Many thanks in advance= for your assistance.
=A0
Network

=A0config interface 'se00'
=A0=A0=A0=A0=A0 opt= ion ifname 'se00'
=A0=A0=A0=A0=A0 option proto '= ;static'
=A0=A0=A0=A0=A0 option ipaddr '172.30.42.1= '
=A0=A0=A0=A0=A0 option netmask '255.255.255.224'
=A0=A0=A0=A0=A0 option ip6assign '64'

config int= erface 'se01'
=A0=A0=A0=A0=A0 option ifname 'se= 01'
=A0=A0=A0=A0=A0 option proto 'static'
=A0=A0=A0=A0=A0 option ipaddr '172.30.42.33'
= =A0=A0=A0=A0=A0 option netmask '255.255.255.224'
= =A0=A0=A0=A0=A0 option ip6assign '64'

config interfa= ce 'ge00'
=A0=A0=A0=A0=A0 option ifname 'ge00&#= 39;
=A0=A0=A0=A0=A0 option proto 'pppoe'
=A0=A0= =A0=A0=A0 option username 'myusername'
=A0=A0=A0=A0= =A0 option password 'mypassword'

=A0
config switc= h
=A0=A0=A0=A0=A0 option name 'rtl8366s'
=A0=A0=A0=A0=A0 option reset '1'
=A0=A0=A0=A0= =A0 option blinkrate '2'
=A0=A0=A0=A0=A0 opt= ion max_length '3'
=A0=A0=A0=A0=A0 option enable_vl= an '1'
=A0=A0=A0=A0=A0 option enable_vlan4k '1&= #39;

config switch_vlan
=A0=A0=A0=A0=A0 option device '= rtl8366s'
=A0=A0=A0=A0=A0 option vlan '1'
=A0=A0=A0=A0=A0 option ports '2 3 5t'

config swi= tch_vlan
=A0=A0=A0=A0=A0 option device 'rtl8366s' =A0=A0=A0=A0=A0 option vlan '2'
=A0=A0=A0=A0= =A0 option ports '0 1 5t'

config switch_port
=A0=A0=A0=A0=A0 option device 'rtl8366s'
=A0=A0= =A0=A0=A0 option port '1'
=A0=A0=A0=A0=A0 option led '6'

config switch_p= ort
=A0=A0=A0=A0=A0 option device 'rtl8366s'
=A0=A0=A0=A0=A0 option port '2'
=A0=A0=A0=A0=A0 = option led '9'

config switch_port
=A0=A0=A0=A0=A0 option device 'rtl8= 366s'
=A0=A0=A0=A0=A0 option port '5'
= =A0=A0=A0=A0=A0 option led '2'

Firewall

config defaults<= br>=A0=A0=A0=A0=A0 option input 'ACCEPT'
=A0= =A0=A0=A0=A0 option output 'ACCEPT'
=A0=A0=A0=A0=A0= option forward 'REJECT'
=A0=A0=A0=A0=A0 option drop_invalid '1'
=A0= =A0=A0=A0=A0 option syn_flood '1'
=A0=A0=A0=A0=A0 <= /span>option synflood_rate '200'
=A0=A0=A0=A0=A0 op= tion synflood_burst '500'
=A0=A0=A0=A0=A0 option tc= p_ecn '1'

config zone
=A0=A0=A0=A0=A0 option input 'ACCEPT&#= 39;
=A0=A0=A0=A0=A0 option forward 'REJECT'
=A0=A0=A0=A0=A0 option output 'ACCEPT'
=A0=A0=A0= =A0=A0 option name 'wan'
=A0=A0=A0=A0=A0 option masq '1'
=A0=A0=A0=A0= =A0 option mtu_fix '1'
=A0=A0=A0=A0=A0 optio= n network 'ge00'

config zone
=A0=A0=A0=A0=A0 option input 'ACCEPT'
=A0=A0=A0=A0=A0 option forw= ard 'ACCEPT'
=A0=A0=A0=A0=A0 option output 'ACCEPT'
=A0=A0= =A0=A0=A0 option name 'lan'
=A0=A0=A0=A0=A0 = option network 'se00 se01 sw00 sw10'

config forwarding
<= span>=A0=A0=A0=A0=A0 option dest 'wan'
=A0=A0=A0=A0=A0 option src 'lan'

config forwar= ding
=A0=A0=A0=A0=A0 option dest 'lan'
=A0= =A0=A0=A0=A0 option src 'wan'

config zone
= =A0=A0=A0=A0=A0 option input 'ACCEPT'
=A0=A0=A0=A0=A0 option output 'ACCEPT'
=A0=A0= =A0=A0=A0 option name 'guest'
=A0=A0=A0=A0=A0 option forward 'ACCEPT'
=A0=A0=A0=A0=A0 option ne= twork 'gw00 gw01 gw10 gw11'

config forwarding
=A0=A0=A0=A0=A0 option dest 'wan= '
=A0=A0=A0=A0=A0 option src 'guest'

co= nfig forwarding
=A0=A0=A0=A0=A0 option dest 'guest'=
=A0=A0=A0=A0=A0 option src 'lan'

config forwarding
=A0=A0=A0=A0=A0 option dest 'gue= st'
=A0=A0=A0=A0=A0 option src 'wan'

co= nfig rule
=A0=A0=A0=A0=A0 option target 'ACCEPT'=A0=A0=A0=A0=A0 option name 'domain'
=A0=A0=A0=A0=A0 option src '*'
=A0=A0=A0=A0= =A0 option dest '*'
=A0=A0=A0=A0=A0 option d= est_port '53'

config rule
=A0=A0=A0=A0=A0 o= ption target 'ACCEPT'
=A0=A0=A0=A0=A0 option name &= #39;ntp'
=A0=A0=A0=A0=A0 option proto 'udp'
=A0=A0=A0= =A0=A0 option dest '*'
=A0=A0=A0=A0=A0 optio= n src '*'
=A0=A0=A0=A0=A0 option dest_port '123= '

config rule
=A0=A0=A0=A0=A0 option target = 9;ACCEPT'
=A0=A0=A0=A0=A0 option name 'dhcp4'
=A0=A0=A0= =A0=A0 option family 'ipv4'
=A0=A0=A0=A0=A0 = option proto 'udp'
=A0=A0=A0=A0=A0 option src '= *'
=A0=A0=A0=A0=A0 option dest '*'
=A0=A0=A0=A0=A0 option dest_port '68'

config r= ule
=A0=A0=A0=A0=A0 option target 'ACCEPT'
=A0=A0=A0=A0=A0 option name 'printers'
=A0=A0=A0= =A0=A0 option proto 'tcp'
=A0=A0=A0=A0=A0 option src '*'
=A0=A0=A0=A0= =A0 option dest '*'
=A0=A0=A0=A0=A0 option d= est_port '631'

config rule
=A0=A0=A0=A0=A0 = option target 'ACCEPT'
=A0=A0=A0=A0=A0 option name = 'Useful Services'
=A0=A0=A0=A0=A0 option proto 'tcp'
=A0=A0=A0= =A0=A0 option src '*'
=A0=A0=A0=A0=A0 option= dest '*'
=A0=A0=A0=A0=A0 option dest_port '80 = 443 873 993'

config rule
=A0=A0=A0=A0=A0 option target 'ACCEPT'
=A0=A0= =A0=A0=A0 option name 'ipv6 dfz'
=A0=A0=A0=A0=A0 option family 'ipv6'
=A0=A0=A0=A0=A0 option pr= oto 'all'
=A0=A0=A0=A0=A0 option src '*' =A0=A0=A0=A0=A0 option dest 'guest'

config rul= e
=A0=A0=A0=A0=A0 option target 'ACCEPT'
= =A0=A0=A0=A0=A0 option name 'icmpv6'
=A0=A0=A0=A0= =A0 option family 'ipv6'
=A0=A0=A0=A0=A0 option proto 'icmp'
=A0=A0=A0= =A0=A0 option src '*'
=A0=A0=A0=A0=A0 option= dest '*'

config rule
=A0=A0=A0=A0=A0 optio= n src 'wan'
=A0=A0=A0=A0=A0 option proto 'tcp u= dp'
=A0=A0=A0=A0=A0 option dest_port '81 137 138 139 445 9091 = 8123'
=A0=A0=A0=A0=A0 option name 'blockconfig'=
=A0=A0=A0=A0=A0 option target 'DROP'

confi= g rule
=A0=A0=A0=A0=A0 option name 'Allow-DHCPv6' =A0=A0=A0=A0=A0 option src 'wan'
=A0=A0=A0=A0= =A0 option proto 'udp'
=A0=A0=A0=A0=A0 optio= n src_ip 'fe80::/10'
=A0=A0=A0=A0=A0 option src_por= t '547'
=A0=A0=A0=A0=A0 option dest_ip 'fe80::/= 10'
=A0=A0=A0=A0=A0 option dest_port '546'
=A0=A0= =A0=A0=A0 option family 'ipv6'
=A0=A0=A0=A0=A0 option target 'ACCEPT'

config rule
=A0=A0=A0=A0= =A0 option src 'guest'
=A0=A0=A0=A0=A0 option proto 'tcp udp'
=A0=A0= =A0=A0=A0 option dest_port '81 137 138 139 445 8123'
=A0=A0=A0=A0=A0 option name 'blockconfig2'
=A0=A0= =A0=A0=A0 option target 'DROP'

DHCP

config dnsmasq
=A0=A0= =A0=A0=A0 option domainneeded '1'
=A0=A0=A0=A0=A0 option boguspriv '1'
=A0=A0= =A0=A0=A0 option filterwin2k '0'
=A0=A0=A0=A0=A0 option localise_queries '1'
=A0=A0=A0=A0=A0 op= tion rebind_protection '1'
=A0=A0=A0=A0=A0 option rebind_localhost '1'
= =A0=A0=A0=A0=A0 option local '/home.lan/'
=A0=A0=A0= =A0=A0 option domain 'home.lan'
=A0=A0=A0=A0=A0 option expandhosts '1'
=A0=A0=A0=A0=A0 option port '53'
=A0=A0=A0=A0= =A0 option nonegcache '0'
=A0=A0=A0=A0=A0 op= tion authoritative '1'
=A0=A0=A0=A0=A0 option reade= thers '1'
=A0=A0=A0=A0=A0 option leasefile '/tm= p/dhcp.leases'
=A0=A0=A0=A0=A0 option resolvfile '/tmp/resolv.conf.auto&#= 39;
=A0=A0=A0=A0=A0 option cachesize '5000'
=A0=A0=A0=A0=A0 option dhcpscript '/etc/dnsmasq_net6.sh'=A0=A0=A0=A0=A0 list notinterface 'ge00'

config dhcp 'se00'
=A0=A0=A0=A0=A0 option inte= rface 'se00'
=A0=A0=A0=A0=A0 option start '2= 9;
=A0=A0=A0=A0=A0 option limit '26'
=A0= =A0=A0=A0=A0 list dhcp_option '42,0.0.0.0'
=A0=A0=A0=A0=A0 list dhcp_option '44,0.0.0.0'
=A0=A0=A0=A0=A0 list dhcp_option '45,0.0.0.0'
=A0= =A0=A0=A0=A0 list dhcp_option '46,8'
=A0=A0=A0=A0= =A0 option leasetime '24h'
=A0=A0=A0=A0=A0 option domain 'home.lan'

confi= g dhcp 'se01'
=A0=A0=A0=A0=A0=A0=A0 option interfac= e 'se01'
=A0=A0=A0=A0=A0=A0=A0 option start '34= '
=A0=A0=A0=A0=A0=A0=A0 option limit '4'
=A0=A0=A0=A0=A0=A0=A0 option leasetime '24h'
= =A0=A0=A0=A0=A0=A0=A0 option domain 'home.lan'=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0
config dhcp 'ge00'
=A0=A0=A0=A0=A0 option in= terface 'ge00'
=A0=A0=A0=A0=A0 option ignore '1'

=A0config dom= ain
=A0=A0=A0=A0=A0 option name 'gw.home.lan'
=A0=A0=A0=A0=A0 option ip '172.30.42.1'

config d= omain
=A0=A0=A0=A0=A0 option name 'wpad.home.lan' =A0=A0=A0=A0=A0 option ip '172.30.42.1'

=


_______________________________________________
Cerowrt-users mailing list
Cerowrt-users@lists.= bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-users




--
Dave T=E4ht

= Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscrib= e.html=20 --047d7bd768bcd81b9e04da743b7b--