jason schaefer . com

"arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say."

Tag: 802.1q

  • Setup VLAN on OpenWRT using hardware that has no switch ports

    The new versions of OpenWRT (18 and newer) have the ability to add vlan interfaces directly from LuCI (web gui). You can now skip the manual editing of the /etc/config/network file.

    Using 802.1q in OpenWRT is very difficult when working on a device that doesn’t have a built-in switch or the when the switch chipset isn’t supported.

    Creating VLANS is not possible via the web interface (luci) or using the “config switch_port” options in /etc/config/network. The Luci web gui will not have the “Network -> Switch” option available.

    In this example, we add a public interface and vlan 2 on ports eth0 and eth1.

    Start by getting into the device:
    ssh root@192.168.1.1
    vi /etc/config/network

    config interface 'public'         
            option type 'bridge'       
            option proto 'static'     
            option ifname 'eth0.2 eth1.2'
            option ipaddr '172.168.1.1'
            option netmask '255.255.255.0'
    
    config device 'eth0_2'       
            option name 'eth0.2' 
    
    config device 'eth1_2' 
            option name 'eth1.2'

    This creates three interfaces eth0.2, eth1.2 and both are bridged into the interface br-public.

    You can use luci to configure the interface if you use the “custom interface” and manually refer to the vlan like this:


    Just be sure you’ve already added the necessary VLAN to /etc/config/network:

    config device 'eth0_2' 
            option name 'eth0.2'

    After this, the VLAN will be defined but not show up in luci. You will need to specify it using the “custom interface” as shown in the red circle above.