Configuring Tagged LAN Port in TOS5

Hi!

I have tried to configure a tagged LAN port on my Turris Omnia.

What I already have: A separate interface br-cctv which is mapped to its own firewall zone and has lan0.12 assigned. It has its own DHCP server with a separate range. I’m already using a separate switch connected to lan0 which routes traffic in VLAN1 and VLAN12 fine.

Now I want to add a new device to VLAN12 directly on the Omnia. It does not support VLAN, so I need a tagged interface. In previous version this was easier, but I’m unable to figure out how this works in TOS 5.3. Tried adding lan2.12 to br-cctv, but then I don’t get an IP address. With some other configuration I managed to get an IP address from the wrong DHCP-Server (VLAN1).

Any idea how I can make that port tagged? Do I need to change br-lan maybe?

Network switch configuration uses DSA in Turris OS 5.x
See official up to date documentation on how to configure VLANs.

1 Like

Thanks, I know that page but I wasn’t able to use it successfully yet.
Do I need to remove the lan2 device from br-lan if I add lan2.12 to the br-cctv interface?

DSA in Turris OS 5.x doesn’t work properly because of some bug…

I spent several evenings to figure out why it doesn’t work too. Until I found some post here in this forum. I will not search for it but here is summary what I had to do to get it work.

It seems that it works only when eth2 interface is used. So you have to use eth2 for vlan. Eth2 is normally used for wan. So I have to remove lan4 from LAN - so lan4 can be used for WAN instead.

Then I had to change WAN to use lan4. And finally you can create DSA definition for vlan e.g. eth2.10 for vlan 10.

You have to of course plug wan cable to lan4. And vlan will be working on wan port on Omnia.