Lost between bridge and vlan, please help

Discussion in 'Tomato Firmware' started by e-gaulue, Dec 16, 2013.

  1. e-gaulue

    e-gaulue Networkin' Nut Member

    Dear community,

    I want to set something that looks easy to me but I can't manage it.

    I wan't to slice my WRT54GL in two. 2 port in br0 and two in br1 each one associated with different layer 3 subnet.

    I think I understand where to create br1 in Basic/Network settings. But then, it's linked to nothing.

    So I have to associate it with ports and if I do it well it's in Advanced/VLAN.

    So here is what I set:

    Capture d’écran 2013-12-16 à 15.49.58.png

    But when I reboot, it doesn't work and I get that:
    Capture d’écran 2013-12-16 à 16.08.38.png
    Is there something I'm missing? Is it possible to configure it by hand, how? where?

    Thank you and Best Regards,
  2. boboxx

    boboxx Networkin' Nut Member

    You have to bridge the lan in the Advance > LAN Access.. you can do it for the hole scope or just with a few specific host... you can also select the direction.
  3. e-gaulue

    e-gaulue Networkin' Nut Member

    I'm sorry, I did it but it doesn't change anything. Anyway, I think it's almost to leave packet go from one bridge to another.

    What I want to achieve is simple, some ports belong to a company and some others to another. They both connect their machines and access the Internet but they have no reason to communicate together.

    So to sum it up, what I want in a first time is to be able to ping my br1 address if I'm behind br1/VLAN2 associated port.

    Any other idea? Is there command to set VLAN by hand?
  4. boboxx

    boboxx Networkin' Nut Member

  5. boboxx

    boboxx Networkin' Nut Member

    you can get and set vlans with nvram get or nvram set...

    nvram get vlan1ports
    nvram get vlan2ports

    nvram set vlan1ports="1 2 3 4t 8*"
    nvram set vlan2ports="0t 4t 8"

    etc.. but there are many other values to complete the vlan config
  6. vmixus

    vmixus Serious Server Member

    Recently, I posted a step by step guide on how to successfully solve this problem and configure a VLAN with separate isolated networks.

    The problem is that the exact steps can vary depending on your router; as the port numbers which need to be defined internally to create separate vlan's may vary from router to router and are not necessarily labelled the same as they are on the outside of the router (i.e. LAN 1-4 may internally be referenced as 0-3 or 4-1). I've found that because of this the front end GUI for setting up VLAN's behaves differently depending on the router and in my case did not work at all (which might also be the case for you). The good news is that, it's possible to manually define the VLAN instead of relying on the front end.

    Assuming a clean start with no prior config, I'd recommend the following:
    1. Setup a bridge under [Basic -> Network] i.e. br1 with something different than br0
    2. Then login via ssh and try the steps posted here
    Your goal should be to try and isolate one of your physical ports to issue an IP in the range defined for br1 to help you figure out how each physical port is referenced internally. You can test out different port numbers by changing the vlan1ports / vlan2ports numbers and then rebooting to figure out how which ports are mapped by physically connecting a computer to each of the ports after every reboot and checking in what range you receive a new IP. The rest of the nvram variables will only need to be set once as their values will stay the same. Try different ranges and leave the 5* and 5 as shown in my post changing only the 4 numbers which correspond with the physical ports. Also the reference reading in my post might help point you in the right direction.

    -- G'luck
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice