VLAN configuration

Discussion in 'Tomato Firmware' started by Ignas, Jul 9, 2014.

  1. Ignas

    Ignas Addicted to LI Member

    Is it possible to achieve something like this on TomatoRAF (or maybe other Tomato flavor)?
  2. shibby20

    shibby20 Network Guru Member

    this is only untested suggestion. I MAY but don`t have to works. Please let us know.

  3. Algimantas

    Algimantas Network Newbie Member

    @shibby20 your suggestion doesn't seem to work. I have the same topology as Ignas posted and with your suggested configurations neither IPTV nor Internet works. If I uncheck "Tagged" from Port 4 on VLAN 6, IPTV starts working but still no internet. It's just says "Renewing..." in WAN section
  4. Ignas

    Ignas Addicted to LI Member

    I can confirm, that your config is not working fully. We've also tried this one on TomatoRAF with Native VLANs turned on, but also no internet, only IPTV works.

    vlanconfig2.png status2.png

    With Tomato defaults internet works fine, but no IPTV.
  5. TyShawn

    TyShawn Reformed Router Member

    Does your LAN devices obtain an IP address on ports 1-3?
  6. Ignas

    Ignas Addicted to LI Member

  7. shibby20

    shibby20 Network Guru Member

    In default configuration wan is as vid 2. Did you try leave this configuration and add only New vlan6 for iptv?
  8. Algimantas

    Algimantas Network Newbie Member

    I've just tried it but with no luck. IPTV works, but still no internet.

    Attached Files:

  9. Ignas

    Ignas Addicted to LI Member

    To my understanding, it doesn't matter which vlan number is used internally on untagged packets. So vlan1, vlan2, it doesn't matter as long as traffic from this vlan leaves WAN untagged and untagged traffic from WAN is assigned to same vlan. In my scheme it was marked as vlan1 just because it was this way on an original ISP provided router and some online specs I've managed to find.

    @Algimantas posted the results.
    Last edited: Jul 10, 2014
  10. vikkut

    vikkut Network Newbie Member

    You are right. There isn't point to mark separately VLAN's for wan and lan because there is only one switch chip. Look here for detailed explanation how vlan tagging works:


    IMHO, seems vlan configuration here is a little confusing.
  11. Ignas

    Ignas Addicted to LI Member

    Thing is, I receive trunk from ISP which has native VLAN (untagged) - internet, VLAN5 - management (don't care about this one), VLAN6 - IPTV. Both VLAN5 & VLAN6 on ISP cable are tagged with 802.1Q headers. So without special configuration they are unreachable. With Tomato defaults I can only access internet, because then Tomato acts with trunk link like it's a simple link (single VLAN on link, not multiplexed) thus caring only about untagged frames.

    I've heard that trunk and native are proprietary Cisco terminology, but I don't know how else to call it. I'm mostly familiar with Cisco IOS devices.

    On this site http://lag.lt/wr1043nd-gala-tv/ there is working OpenWRT configuration for this case. But I lack knowledge to port it to Tomato.
    Algimantas likes this.
  12. Monk E. Boy

    Monk E. Boy Network Guru Member

    I'm really unfamiliar with Tomato's VLAN tagging, but if VLAN1 is being sent to you untagged, then VLAN1 on the WAN port should set to be untagged, no? If the WAN port is tagging/untagging VLAN1 packets on the WAN port, then it could be sending packets encapsulated for VLAN1 to the ISP. Otherwise what shibby wrote looks sensible to me.

    Apologies if this is off-base, I've been dealing with VLANs on Cisco equipment lately, and they have a slightly more cumbersome method of flagging VLANs on ports, though at least it's easy to determine which VLAN is doing what on each port. I could configure what you want on a Cisco box, but you'll pay a few hundred to a couple thousand for the box... so that's out.

    On Cisco you can have the PVID (I think its PVID - end of a long day) which is the untagged traffic on a port, then VLANs are implemented on top of the PVID. So packets arrived either tagged for the VLAN they're in or they're untagged and part of the PVID.
  13. vikkut

    vikkut Network Newbie Member

  14. Ignas

    Ignas Addicted to LI Member

    Well, I thought so too, and as you can see in post #4 we've tried this configuration but it doesn't work. Maybe it's not the configuration fault, maybe RAF's native VLANs thing is not yet completely working. I don't know. If native VLANs checkbox is not enabled then all WAN vlans must be tagged thus can't have native/PVID.

    Well, a Cisco IOS device I probably could configure myself, I had some experience with them. But that's not an option.

    I'll post those later today. Or maybe @Algimantas will post it first.
    Last edited: Jul 11, 2014
  15. Algimantas

    Algimantas Network Newbie Member

    Here are my results with the same configuration as in post #8

    nvram show | grep vlan.*ports
    vlan6ports=3 4t 5
    vlan2ports=4 5
    size: 27972 bytes (37564 left)
    vlan1ports=0 1 2 5*
    nvram show | grep port.*vlans
    size: 27972 bytes (37564 left)
    nvram show | grep vlan.*hwname
    size: 27972 bytes (37564 left)
  16. IcyTexx

    IcyTexx Networkin' Nut Member

    I managed to make internet work on VLAN100, but my ISP is tagging IPTV to VLAN1500. Is it even possible to make it work with the 100-1500 offset?
  17. Algimantas

    Algimantas Network Newbie Member

    I managed to make IPTV and Internet work on merlinWRT, however i can't get IGMP or udpxy to work.
    STB connected to Port 4 and TV works fine.

    Values from nvram after GUI configuation:
    vlan2ports=4 5u
    vlan1ports=0 1 5*

    "nvram show | grep vlan" doesn't even show VLAN6

    Attached Files:

  18. Ignas

    Ignas Addicted to LI Member

    Well, then it seems that you have achieved the exact topology I'd asked on the first post except maybe for port 3. I guess my router will have to stick to @RMerlin's build. Thanks!
    Last edited: Jul 11, 2014
