On 3 August 2017 at 18:03, Rafał Miłecki <zaj...@gmail.com> wrote: > I have router with internal switch with 6 ports. The default config is: > 0: LAN1 > 1: LAN2 > 2: LAN3 > 3: LAN4 > 4: WAN > 5: CPU > > I want to use port 3 (LAN4) for something different. Another network, > mwan, whatever. For that purpose I edited /etc/config/network and > replaced > option ports '0 1 2 3 5t' > with > option ports '0 1 2 5t' > for my VLAN 1 (lan interface). > > The problem is during preinit my /etc/config/network gets obviously > ignored and 10_indicate_preinit does something like this: > swconfig dev switch0 set reset 1 > swconfig dev switch0 set enable_vlan 1 > swconfig dev switch0 vlan 1 set ports 0 1 2 3 5t > swconfig dev switch0 set apply > > It means all machines connected to ports 0 1 and 2 gain access to the > network connected to the switch port 3. This happens for the whole > preinit phase. This is undesired situation of course. > > Can you see any way of solving this?
Changing the preinit switch/vlan setup to not create a single vlan, but by creating a vlan per port, bridge them, then enable port isolation on the bridge (we have a local patch for that) should do the trick. Regards Jonas _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
