Replying to my own email. I love it when I can solve my own issue. There default configuration for this router (and about 20 others) does not lend itself to multiple VLANs - you have to modify the bridge interface first. Really simple problem in hindsight.
Submitted a ticket with a patch that should work: https://dev.openwrt.org/ticket/12377 Thanks to mperez on the forums who first came across this: https://forum.openwrt.org/viewtopic.php?pid=155341#p155341 Cheers, Patrick On Oct 22, 2012, at 23:44, Patrick van Staveren wrote: > Hello, > > Has anyone used multiple VLANs on this device? > > I've worked on two other similar Buffalo routers (G300NH2, G450H) which both > have the same AR8316 switch in them, and I've used standard UCI configs to > create a separate VLAN. > With the AG300H the default switch_vlan config worries me that port 0 (the > CPU) is set to untagged which I've never seen on these devices before. Of > course if I want a second VLAN, I have to set the CPU port to tagged for both > of them. Once I set the CPU port 0 to tagged (even without creating a second > VLAN) the CPU stops receiving packets. The switch is still operational - I > tested it by creating a second VLAN on two ports to see if traffic passes > through, and it does. But it does not reach the CPU. > > With this device, it can be tested rather easily because the WAN/uplink port > is a separate physical interface eth1. > > Looking in target/linux/ar71xx/base-files/etc/uci-defaults/network I see that > a lot of switches use this config where the CPU port is not tagged by > default. Am I missing something obvious? Perhaps there's some kernel code > that needs to be patched for this device to expect tagged frames to the CPU? > > For reference, the stock config is: > config switch_vlan > option device 'eth0' > option vlan '1' > option ports '0 1 2 3 4' > > To make the switch inaccessible, just start tagging on port 0: > config switch_vlan > option device 'eth0' > option vlan '1' > option ports '0t 1 2 3 4' > > Or the configuration I was hoping to achieve: > config switch_vlan > option device 'eth0' > option vlan '1' > option vid '1' > option ports '0t 1 2 3 4' > config switch_vlan > option device 'eth0' > option vlan '2' > option vid '2' > option ports '0t 1t' > > One final note - clearly someone else noticed this, as in the case where the > default network config was added, the submitter's patch was modified to use > untagged on port 0. See: https://dev.openwrt.org/ticket/9607 > > Thanks in advance! > > Patrick van Staveren > > _______________________________________________ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
