OpenWrt Forum Archive

Topic: dmz port/vlan

The content of this topic has been archived on 31 Mar 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
centyx
22 Apr 2008, 21:50

I am trying to split the switch into two separate vlans: lan and dmz based on this forum post, http://forum.openwrt.org/viewtopic.php?id=14724.

/etc/config/network:
#### VLAN configuration
config switch eth0     
        option vlan0    "0 1 2 3 5*"
        option vlan1    "4 5"


#### Loopback configuration
config interface loopback 
        option ifname   "lo"
        option proto    static
        option ipaddr   127.0.0.1
        option netmask  255.0.0.0


#### LAN configuration
config interface lan 
        option type     bridge
        option ifname   "eth0.0"
        option proto    static
        option ipaddr   192.168.0.254
        option netmask  255.255.255.0

#### DMZ configuration                     
config interface        dmz               
        option ifname   "eth0.1"           
        option proto    "static"           
        option ipaddr   "10.0.0.58"     
        option netmask  "255.255.255.248" 
                                           
#### WAN configuration                     
config interface        wan               
        option ifname   "eth1"             
        option macaddr  "00:18:f8:70:d9:dd"         
        option proto    pppoe             
        option username "user@domain"
        option password "password"                       
        option keepalive "10"   



/etc/config/dhcp:
config dhcp
        option interface        lan
        option start    100
        option limit     50
        option leasetime        12h

config dhcp
        option interface        wan
        option ignore   1

config dhcp
        option interface        dmz
        option  start   59
        option  end     62
        option leasetime        12h



eth0.0 and eth0.1 are brought up with the appropriate ip configuration, but all 4 switch ports appear to be part of vlan0(eth0.0). I believe this to the be the case because no matter which port I plug into, I am able to draw a dhcp lease from the lan subnet and connect to the router using that address. I have also tried running tcpdump on eth0.1 on the router while manually assigning a 10. address to a client computer and running 'ping 10.0.0.254' and connecting it to each port on the router, including the wan port. Nothing showed up in tcpdump on the router.

Perhaps someone can see something I am doing wrong here?

Thanks!

Post #2
centyx
23 Apr 2008, 18:25

Evidently, 1-4 are really 0-3; and 0 is really eth1. Therefore,

vlan1 3 5

produced the desired results.

Post #3
krbvroc1
25 Apr 2008, 20:44

I ran into a similar problem. You need to be careful because different models of routers order things differently. My WRT54GL was opposite my WRT54G v2. So various forums/wiki postings did not work until I realized this.

The discussion might have continued from here.