VLan configuration

Hi,

I have configured my Omnia with three VLan’s.

The DMZ Vlan runs on eth2 and no DHCP
The Lan Vlan runs on eth0 and with DHCP - it is working as expected.
The Appliances Vlan is working on one of the WiFi radios as expected.

All interfaces is untagged because I do not, yet, have any swicth capable of handling tagged traffic.

But I would like to attach a wired appliance to the Appliance VLan. I just can’t figure out how to configure it if it is possible.

Any hints to how to have for instance eth0.2 and eth0.3 to serve the Appliance VLan?
My network file looks like this:

config interface 'loopback’
option ifname 'lo’
option proto 'static’
option ipaddr '127.0.0.1’
option netmask ‘255.0.0.0’

config globals 'globals’
option ula_prefix ‘fdd6:4bd1:6eb1::/48’

config interface 'lan’
option force_link '1’
option type 'bridge’
option proto 'static’
option netmask '255.255.255.0’
option ip6assign '60’
option ipaddr '192.168.10.1’
option _orig_ifname 'eth0 eth2 wlan0 wlan1’
option _orig_bridge 'true’
option ifname ‘eth0’

config interface 'wan’
option ifname 'eth1’
option proto 'dhcp’
option macaddr ‘00:19:CB:17:44:DB’

config interface 'wan6’
option ifname '@wan
option proto ‘none’

config switch
option name 'switch0’
option reset '1’
option enable_vlan ‘1’

config switch_vlan
option device 'switch0’
option vlan '1’
option ports '0 1 5’
option vid ‘1’

config switch_vlan
option device 'switch0’
option vlan '2’
option ports '4 6’
option vid ‘2’

config switch_vlan
option device 'switch0’
option vlan '3’
option vid '3’
option ports ‘2 3’

config interface 'DMZ’
option proto 'static’
option ifname 'eth2’
option ipaddr '192.168.20.1’
option netmask ‘255.255.255.0’

config interface 'Appliances’
option type 'bridge’
option proto 'static’
option ipaddr '192.168.30.1’
option netmask '255.255.255.0’
option _orig_ifname 'eth0.2 eth0.3’
option _orig_bridge 'true’
option ifname ‘eth0.2 eth0.3’

config route

config interface 'vpn_turris’
option ifname 'tun_turris’
option proto 'none’
option auto ‘1’

What exactly are you trying to do? Configure ports 2 and 3 to be untagged members of the appliance vlan?

You’ll need to configure the CPU port of the switch to be tagged on two different vlans (one for LAN, one for appliance), then assign the external switch ports to be untagged members of such. e.g. if you want port 3 to be on appliances, assign it to be untagged on the appliances vlan, but then put the rest on LAN (or DMZ if they were already there).

At the same time, you have to configure your network interfaces to use eth0.x names. If your LAN vlan is 1 and your appliances vlan is 5, then the LAN interface should bridge eth0.1 and any relevant WiFi interfaces, while the appliances interface is eth0.5 and the appliance WiFi. If done wrong, you may not be able to connect back to the router and you’ll have to roll back to a snapshot.