WAN is eth1 on SoC (“CPU”), thus not connected to internal switch
port 5 on internal switch is eth0 on SoC (“CPU”)
port 6 on internal switch is eth2 on SoC (“CPU”)
ports 0-3 and 5 on internal switch are connected together, thus LAN0-3 is connected to eth0 on SoC
ports 4 and 6 on internal switch are connected together, thus LAN4 is connected to eth2 on SoC
eth0 and eth2 on SoC plus radio0 (5GHz) and radio1 (2.4GHz) are bridged on software stack, thus wireless 2.4GHz and 5GHz and LAN0-3 and LAN4 are connected together
I’m really struggling to understand this so please excuse the very basic question, with the default VLAN functionality switched on in luci…
A wired connection to LAN0 - LAN3 gets 10% of the download speed that I get through LAN4.
Unticking ‘Enable VLAN functionality’ doesn’t seem to fix this though. What am I doing wrong, is something wrong with the settings below? I have no QoS setup on the TO.
I don’t really need multiple VLANs but I would like equal connectivity speeds on my wired connections. I know this is a little off topic for the thread but it was the closest I could find - thanks.
The problem you describe should not have anything to do with VLAN configuration, just don’t touch these settings if you don’t know what it’s all about.
I think - if you can reproduce the problem - you should open a new thread and answer the following question there: how are you measuring the download speed?
I completely destroyed my networking settings to attempting to configure VLAN yesterday evening.
So i had to restore a snapshot of my turris omnia. Configuring this VLAN is not that easy as i thought…
I would like to have a DMZ on a separated LAN port. So took LAN4 (near the WAN port on turris) for maximum security.
Before i destroy my turris a second time, i would like to ask if someone have done a configuration like this and could share it (switch, interface, firewall,… configs).
@scottjl thx for the reply!
I have read the docu on openwrt.org. But i am struggle with the port and switch configuration on TO.
Which interface should i take? I took eth2.3 for VLAN3. Maybe - or definitely - i missconfigured the switch the last time or took the wrong ports with wrong settings - i don’t know.
Is the LAN4 Port ok or should i take an other one?
On top, im am a little bit confused about the given VLAN settings on TO.
If you need just DMZ on LAN4 port, you don’t need to fiddle with VLANs at all. LAN4 is directly switched to eth2 interface in default VLAN config. So the only thing you have to do is to withdraw the eth2 interface from the lan logical interface and place it in a new logical interface you are going to create for DMZ.
…and if nothing of the above two posts helped, I can guide you - because I have a setup with three VLANs, one on eth2 (LAN4) for untrustworthy devices (Playstation and TV). But Ondrej’s solution surely is the simplest.
@Ondrej_Caletka, @jhuebner
I made the changes you gave me and it works perfectly! Thank you so much!
The next step is a virtual server with ubuntu. I get the network connection running with br-lan but not with dmz or eth2. I thought that should be possible to configure the container on luci but that seems not to be so easy.
When i start the container i get this error message:
lxc-start: conf.c: instantiate_veth: 2796 failed to attach ‘vethPIJ9Q8’ to the bridge ‘eth2’: Operation not permitted
Container Config:
# Distribution configuration
lxc.arch = armv7l
A little out of topic, but need to mention it for all. Internal switch has probably limitation for maximum usable vlan id of 63. Vlans with higher vlan id are not configured. This can be seen when checked by swconfig dev switch0 show Took me long time when integrating Turris Omnia with my home lan … And specification from internal switch are hard to find (need to sign up NDA?)
May you can guide me through VLAN configuration. My system is configured as a Switch behind a Pfsense firewall, managing all DNS, DHCP etc.
What I would like to do is to setup 2 addional VLANs for a guest-wifi and one open tunneled through Tor which all works on my current setup, but DHCP configured on Turris.
Hi
sorry i have no idea about configuring from web interface… i made all changes in configuration file by hand over ssh…
But just quick look… you probably need between pfsense and turris omnia one shared port, where all vlan are tagged. so probably this port between pfsense and TO must be switched to tagged for all vlans.
I’m wondering how to do the VLAN step at the end. I think on the ‘Switch’ section of the Turris I just have to put in 201 where the default 1 or 2 is, and then change all of the ports to ‘tagged’ for that line. Is that right or can someone please instruct me otherwise? Thanks.
As the WAN port does not use the switch there is no need to tinker with the switch settings. Add a VLAN 201 to your WAN eth port (eth1?).
I don’t have a router with LuCI so i can’t give a complete description using LuCI.
A short overview of the commands for SSH: uci get network.wan.ifname will show if wan is eth1 or something else. uci set network.wan.ifname eth1.201 and then uci commit and reboot will set your eth1 to use VLAN 201.
I ran the commands and they seemed to go through but I don’t know how to check. All I know is that it didn’t work. I didn’t lose internet after running them like the blog post I posted said I most likely would once the VLAN was set. I then unplugged the link between the existing and new routers and plugged the cable going into the WAN on the existing router directly into the WAN of the Turris. This didn’t provide any internet though.
Any ideas?
Also, if I want to revert that command, how do I do it?
Any idea why this didn’t work based on what I was trying to do with that blog I linked to?
Also I need to look into this more but it seems like ever since I ran the command, I’ll get random disconnects from online games from a brief moment of lost connectivity. My ping never jumps though.
Took me long time when integrating Turris Omnia with my home lan … 