rigacci.org

User Tools

Site Tools

Trace:
doc:appunti:hardware:gl_ar750

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
doc:appunti:hardware:gl_ar750 [2021/05/07 13:43] – [Configuring the switch from the command line] niccolodoc:appunti:hardware:gl_ar750 [2021/05/11 08:25] – [VLAN limitations] niccolo
Line 18: Line 18:
 ===== Configuring the switch from the command line ===== ===== Configuring the switch from the command line =====
  
-The GL-AR750 contains a switch capable of VLAN: two ports are exposed to the to the outside as the **LAN 1** and **LAN 2** ports, the same switch has port internally connected with the **CPU eth1**.+The GL-AR750 contains a switch with 5 ports (numbered from #0 to #4) capable of VLANs: two ports are exposed to the to the outside as the **LAN 1** and **LAN 2** ports, the same switch has the port #0 internally connected with the **CPU eth1**. 
 + 
 +^ Port  ^ Connection 
 +|  0    | Connected to **CPU eth0** at 1Gbit full-duplex. 
 +|  1    | Connected to **LAN 1** external port (toward the power socket). 
 +|  2    | Connected to **LAN 2** external port.  | 
 +|  3    | Not connected. 
 +|  4    | Not connected.  |
  
 The switch can be configured through the LuCI interface **Network** => **Switch** or using the **swconfig** tool from the command line. See the **[[https://openwrt.org/docs/techref/swconfig|OpenWRT documentation about swconfig]]**. The switch can be configured through the LuCI interface **Network** => **Switch** or using the **swconfig** tool from the command line. See the **[[https://openwrt.org/docs/techref/swconfig|OpenWRT documentation about swconfig]]**.
  
 +View the existing switches:
  
 +<code>
 +swconfig list
 +Found: switch0 - eth1
 +</code>
 +
 +To view the full configuration use the command:
 +
 +<code>
 +swconfig dev switch0 show
 +</code>
 +
 +To view only **PORT #1** settings:
 +
 +<code>
 +swconfig dev switch0 port 1 show
 +Port 1:
 +        enable_mirror_rx: 0
 +        enable_mirror_tx: 0
 +        pvid: 1
 +        link: port:1 link:up speed:100baseT full-duplex auto
 +</code>
 +
 +Notice the **pvid** parameter: when an untagged packet arrives to that port, it gets the VLAN #1 tag attacched.
 +
 +To view only **VLAN #1** settings:
 +
 +<code>
 +swconfig dev switch0 vlan 1 show
 +VLAN 1:
 +        vid: 1
 +        ports: 0t 1 2 
 +</code>
 +
 +In the example above, you can see that VLAN #1 is connected to port **#0 tagged**, to port **#1 untagged** and port **#2 untagged**.
 +
 +To change the port tagged/untagged/off state for VLAN #1:
 +
 +<code>
 +swconfig dev switch0 vlan 1 set ports "0t 1"
 +swconfig dev switch0 set apply
 +</code>
 +
 +===== VLAN limitations =====
 +
 +There is a limit to **16 VLANs**, numbered from #0 to #15. Default configuration uses **VLAN #1** for **eth1.1** which is connected to bridge **br-lan**. This limitation is not visible from the LuCI web interface: any number greater than 15 will be silently accepted, but it will be not functional.
 +
 +You can view the actual switch configuration using:
 +
 +<code>
 +swconfig dev switch0 show
 +</code>
 +
 +You can check the limit issuing the following command (notice the error message):
 +
 +<code>
 +swconfig dev switch0 vlan 16 set vid 16
 +Failed to set attribute: Invalid input data or parameter
 +</code>
 +
 +You cannot mix tagged and untagged VLAN on the same switch port.
 +
 +  * Only one port is allowed to carry untagged traffic for a specific VLAN.
 +  * You cannot mix tagged and untagged VLAN on the same port. E.g. if a port carries untagged VLAN#10, the same port cannot carries tagged VLAN#11 (depending upon the order of the commands, the settings will be changed to carry buth as tagged).
 +
 +Limitation example #1: the **untagged VLAN#10** is **removed** from port **#1** and **#2**:
 +
 +<code>
 +swconfig dev switch0 vlan 10 set ports "0t 1 2"
 +swconfig dev switch0 vlan 11 set ports "0t 1 2"
 +swconfig dev switch0 show
 +...
 +VLAN 10:
 +        vid: 10
 +        ports: 0t 
 +VLAN 11:
 +        vid: 11
 +        ports: 0t 1 2 
 +</code>
 +
 +Limitation example #2: the **untagged VLAN#10** is **changed to tagged** on **port #1** and it is removed from port **#2**:
 +
 +<code>
 +swconfig dev switch0 vlan 10 set ports "0t 1 2"
 +swconfig dev switch0 vlan 11 set ports "0t 1t 2"
 +VLAN 10:
 +        vid: 10
 +        ports: 0t 1t 
 +VLAN 11:
 +        vid: 11
 +        ports: 0t 1t 2 
 +</code>
 +
 +===== Configuring a DMZ =====
 +
 +We used VLAN to configure a DMZ ... FIXME
 +
 +===== Configuration =====
 +
 +=== Change SSH Port ===
 +
 +From the LuCI interface:
 +
 +  * System => Administration => SSH Access
 +    * Port: 
 +
 +=== Install the tcpdump package ===
 +
 +From the command line:
 +
 +<code>
 +opkg update
 +# tcpdump-mini requires ??? kb:
 +opkg install tcpdump-mini
 +# coreutils-base64 requires 28 kb:
 +opkg install coreutils-base64
 +</code>
 +
 +=== Crontabs ===
 +
 +<code>
 +crontab -e
 +/etc/init.d/cron enable
 +/etc/init.d/cron start
 +ps | grep crond
 +</code>
  
 ===== Web References ===== ===== Web References =====
Line 28: Line 161:
   * **[[https://docs.gl-inet.com/en/3/setup/travel_ac_router/first-time_setup/|Getting Started with GL.iNet Travel AC Router]]**   * **[[https://docs.gl-inet.com/en/3/setup/travel_ac_router/first-time_setup/|Getting Started with GL.iNet Travel AC Router]]**
   * **[[https://docs.gl-inet.com/en/2/troubleshooting/reset/|How to Repair / Reset]]**   * **[[https://docs.gl-inet.com/en/2/troubleshooting/reset/|How to Repair / Reset]]**
 +
 +  * **[[https://openwrt.org/docs/guide-user/network/vlan/switch_configuration|OpenWRT VLAN]]**
 +  * **[[https://openwrt.org/docs/techref/swconfig|OpenWRT swconfig]]**
 +  * **[[https://forum.openwrt.org/t/loss-of-connection-when-changing-vlan-id/|Loss of connection when changing VLAN ID]]**
  
doc/appunti/hardware/gl_ar750.txt · Last modified: 2023/09/11 07:37 by niccolo