1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Many questions about toastman vlan build on rt-n66u

Discussion in 'Tomato Firmware' started by bagu, May 27, 2013.

  1. bagu

    bagu Network Guru Member

    Hello,

    I have the latest Tomato Firmware v1.28.0502 MIPSR2Toastman-RT-N K26 USB VLAN-Ext on a new asus RT-N66U.
    With help, i have set some vlan and virtual wireless.
    br0 (vlan1) for port 0,4
    br1 (vlan3) for port 2
    br2 (vlan4) for port 3
    wl0.1 bridged with br1 (vlan3)

    Here are my questions :
    -How can i set br0 to be able to make file transfert on br1 (and only for br0 to br1) ?
    -What is the benefit of a 64k firmware ? Ok, just more nvram variables...
    -How can i see the RT-N66U smb share on both Network Places (br0 and br1) ? Work now...

    thanks a lot.
     
  2. bagu

    bagu Network Guru Member

    Here are my iptables configurations: http://pastebin.com/zrcBAYtp

    And here is a simplified diagram of the network:
    [​IMG]

    It's been four days since I try, and I do not understand or I make a mistake.

    Is anybody can help me ?
     
  3. bagu

    bagu Network Guru Member

    I offer a beer (or a coffee) to those who managed to find me the solution :D (paypal)
     
  4. kthaddock

    kthaddock Network Guru Member

    Hi
    Use under "Advanced" => "LAN Access" there you can set access.

    kthaddock
     
  5. bagu

    bagu Network Guru Member

    I already do, and for a long time.
    But that does not seem to work.

    [​IMG]
     
  6. kthaddock

    kthaddock Network Guru Member

    Try to remove your Src address and try.
     
  7. bagu

    bagu Network Guru Member

    I had already tried without success.
    I tried it but it again does not work better.

    You should know that I get good at ping on 192.168.2.1 from 192.168.1.30
     
  8. kthaddock

    kthaddock Network Guru Member

    Just to test try to switch Src LAN and Dst LAN1 with each other.
     
  9. bagu

    bagu Network Guru Member

    Like this ?
    [​IMG]

    It don't work.
     
  10. kthaddock

    kthaddock Network Guru Member

    Keep your setting and only switch Src and Dst eg LAN to LAN1 and LAN1 to LAN
     
  11. bagu

    bagu Network Guru Member

    Like that ?

    [​IMG]

    If yes, it don't work.
     
  12. Malitiacurt

    Malitiacurt Networkin' Nut Member

    This is the correct setting given the diagram you gave in the 2nd post, assuming LAN is the 192.168.1.0/24, LAN1 is 192.168.2.0/24, and LAN2 is 192.168.3.0/24.

    More than likely, could be a firewall issue. Many consumer firewalls don't let pings/sharing/access from IP's outside your subnet. This usually happens with the Windows firewalls I've used so you have to add the new subnet to exceptions/safe networks list.
     
  13. Monk E. Boy

    Monk E. Boy Network Guru Member

    One quirk of Tomato VLAN support is that all IP interfaces for all VLANs are pingable from any attached network. So even if you disallow traffic from VLAN1 to VLAN2, VLAN1 will still be able to reach the router's interface on VLAN2. The only way to block this behavior is via iptables.
     
  14. bagu

    bagu Network Guru Member

    @Malitiacurt : i'm able to ping 192.168.2.1, so i can ping outside of my network. An other thing, i disable my firewall when i make network tests to be sure that the problem is on the router. ;)

    @Monk E. Boy : i know that, i only say that to tell you i'm able to ping outside my own network and to say vlan3 gateway is up.

    I've try many other tests, i don't understand why this f... vlan3 is not reachable :oops:
     
  15. bagu

    bagu Network Guru Member

    Ahhhhh i found the problem... :confused:

    Please, don't throw me tomatoes... :eek:
    It's entirely my fault. I try to ping 192.168.2.130, but i've connected the cable on the port4...So the test pc was on the 192.168.1.0 network while i'm trying to ping the 192.168.2.130 ip.

    On my first tests, vlan3 was on port4 and i forget to switch the cable.
     
  16. kthaddock

    kthaddock Network Guru Member

    Hehe welcome to the club *blushing*
     
  17. bagu

    bagu Network Guru Member

    Yes ^^
     
  18. Monk E. Boy

    Monk E. Boy Network Guru Member

    Ah I love finding problems like those. I keep blaming the hardware and it's just the wet noodle between my ears to blame.
     
  19. bagu

    bagu Network Guru Member

    Huhuhu "wet noddle" :D

    I thought it was a mistake in my configurations, but, no...My wet noodle...I can't stop laughing ^^
     
  20. bagu

    bagu Network Guru Member

    New question/problem.

    When i make a data transfert between vlan1 and vlan3, i can't have more than 30Mo/s and when this speed is reach, the router begin to be unstable.
    sirq go up to 100% and some services restart.
    net crawling is really hard.

    Why ? And is there is not workaround, is there a way to limit only data transfert between vlan (and only between vlan) ?

    Thanks
     
  21. bagu

    bagu Network Guru Member

    rhaaa, i don't see where niether how, i can set a 25Mo/s limit between vlan1 and vlan 3.
    I can set a limit globaly, but not between two vlan and only between them.
     
  22. Malitiacurt

    Malitiacurt Networkin' Nut Member

    You can do it via iptables.

    DD-WRT paid version actually provides a GUI for limiting traffic like tomato does, the free version does not. However many users have asked and are able to limit the bandwidth on it using iptables. I'm sure it's possible to do the same for vlan-vlan transfers.

    Just google ddwrt iptables limit bandwidth, there's too many posts to tell which one is the correct solution. I personally haven't used it myself since I just use Tomato instead on routers I want to bandwidth limit clients.
     
  23. bagu

    bagu Network Guru Member

    I already done that, but, every script and answer i found say that i must use TC...Witch is not in tomato.
     

Share This Page