tomato with guest wireless using vlans

Discussion in 'Tomato Firmware' started by atomicrabbit, Jan 3, 2011.

  1. atomicrabbit

    atomicrabbit Addicted to LI Member

    I'm trying to create a guest wireless connection on tomato using vlans and only ONE router. I know this is entirely possible with DD-WRT and I know its possible with Tomato and two (or more) routers but I don't want to get another router. I'm currently using a Buffalo WHR-HP-G54 router running tomato v1.27. This is what I've figured out so far.

    Create new vlan (vlan2) in the CLI:
    nvram set vlan0ports="1 2 3 4 5*"
    nvram set vlan2hwname="et0"
    nvram set vlan2ports="5"
    nvram commit
    As you can see I have not assigned any physical ports to vlan2 because I only need a wireless connection on it. According to a site I found and trial & error, ports 1-4 are the physical LAN ports on the routers, port 0 is the WAN and port 5 is the internal CPU.

    Advanced > DNS > dnsmasq
    Giving the new bridge (br1) a DHCP IP range. NOTE: The bridge is created in the next section of code.
    Administration > Scripts > Startup
    Create the new bridge (br1) on startup, give it an IP in a different subnet.
    # Set some important values:
    nvram set dnsmasq_enable=1
    if [ "`nvram get dhcpfwd_enable`" = "0" ]; then
      nvram set dns_dnsmasq=1
      nvram set dhcp_dnsmasq=1
      nvram set auth_dnsmasq=1
    # Create bridge br1, move the virtual wireless interface to it,
    # and setup the interface's IP address:
    brctl addbr br1 
    brctl delif br0 wl0.1
    brctl addif br1 wl0.1
    ifconfig br1 netmask
    ifconfig vlan2 up
    brctl addif br1 vlan2 
    ifconfig br1 up
    This is where my problem begins. The line above that says "brctl addif br1 wl0.1" is basically trying to add the device wl0.1 to the new bridge I created. But wl0.1 doesn't exist. I get the error "interface wl0.1 does not exist!". The reason I'm using "wl0.1" is because the terminology in DD-WRT is wl0 (which is the physical wireless lan) and wl0.1 (which is the virtual wireless lan). You can see what I mean in this image:

    Continuing on....

    Administration > Scripts > Firewall
    This script basically separates the new bridge from the main bridge, so it ONLY has access to the internet and cannot access the local network.
    if [ "`nvram get wan_proto`" = "pppoe" ]; then
      wanif="`nvram get pppoe_ifname`"
      wanif="`nvram get wan_ifname`"
    # Make sure br1 has access to the internet:
    iptables -I INPUT -i br1 -m state --state NEW -j logaccept
    iptables -I FORWARD -i br1 -o $wanif -m state --state NEW -j ACCEPT
    # Keep the two wireless networks from talking to each other:
    iptables -I FORWARD -i br0 -o br1 -j logdrop
    iptables -I FORWARD -i br1 -o br0 -j logdrop
    Back to my problem: After doing a "nvram show" command in tomato's CLI, I can see that there are "wl0" variables used. My problem is I don't know how (or if it's possible) to create a "virtual wireless interface" (wl0.1) in tomato through the CLI.

    The brctl command uses the interface name of the wireless interface. In Tomato the interface name of the main wireless interface is "eth1", but the variables used are wl0. In nvram, wl0_ifname=eth1. So if I run "brctl addif br1 eth1" in the CLI, I get this error: "device eth1 is already a member of a bridge; can't enslave it to bridge br1."

    Anyone have any ideas? I think if I can figure out how to create the virtual wireless interface (wl0.1) in the CLI, I can do the rest with ease.
  2. atomicrabbit

    atomicrabbit Addicted to LI Member

    anyone have any suggestions?

    This page gives a command to check if multiple SSIDs is possible. The command is
    nvram get wl0_corerev
    if it returns 9 (which mine did) that apparently means "Your router will do multiple BSSIDs."
  3. Toastman

    Toastman Super Moderator Staff Member Member

    The wireless driver may be capable of it, but as yet tomato doesn't support multiple SSID's.
  4. tost

    tost Guest

  5. Toastman

    Toastman Super Moderator Staff Member Member

    Maybe it will be added one day, don't give up hope. It's a matter of priorities I guess.
  6. Azuse

    Azuse LI Guru Member

    *cough*inbound qos*cough*

  7. atomicrabbit

    atomicrabbit Addicted to LI Member

    I understand the Tomato UI doesn't support it, but the hardware does and based on commands it should be possible to create it via CLI.

    Maybe i'm just being stubborn.
  8. Toastman

    Toastman Super Moderator Staff Member Member

    All things are possible!

    Azuse - yes!
  9. atomicrabbit

    atomicrabbit Addicted to LI Member

    @Azuse - what about inbound qos?

    @toastman - ok.. any idea how. I mean, I figured out 90% of what I want to do, I just need to figure out that last 10% (actually creating the virtual wireless interface), which so happens to be the most important part :tongue:
  10. I really like how you are approaching this Atomicrabbit.

    I did some quick searching and came up with the following...

    We would need to use iwconfig and iw.

    I will assume that opkg is installed and it should be as easy as: opkg update; opkg install iw

    iw documentation shows:

    To create an ad-hoc network, you first create an ad-hoc interface (in this example named ah0):
    iw phy <phyname> interface add <devname> type ibss

    Next, you join/create the ibss:
    iw dev <devname> ibss join <SSID> <freq in MHz> [fixed-freq] [<fixed bssid>] [key d:0:abcde]


    iw phy phy0 interface add ah0 type ibss
    ifconfig ah0 up
    iw dev ah0 ibss join AdHocNetworkName 2412

    Another approach appears to be Madwifi-ng commands

    Another approach may be just setting the NVRAM as stated here:

    ben (guest) 22 Feb 2011, 10:00 GMT-07

    I was able to get multiple BSSID's working on a Belkin F7D4301 with tomato.

    It 'almost' works correctly by just setting all the relevant wl0.1 nvram settings. The only thing not set is the interface mac address (solved by ifconfig down, ifconfig hw ether …, ifconfig up)

    And (not to surprisingly) the gui goes into the weeds on anything related to the wireless interfaces.

    I will experiment more when my router is accessible.

    Good luck!

    Adding virtual interfaces to a physical interface
  11. jsmiddleton4

    jsmiddleton4 Network Guru Member

  12. TexasFlood

    TexasFlood Network Guru Member

    FYI, I've successfully created it on a corerev 7 with DD-WRT, although as it states at the link, you really need to load a "VINT" build for that to work 100%.
  13. tvlz

    tvlz LI Guru Member

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice