OpenWrt Forum Archive

Topic: WAN port as LAN port

The content of this topic has been archived between 26 Apr 2018 and 5 May 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
pegasus
10 Jan 2010, 20:57

Hi is it possible to use the wan port of a rouuterstation pro router as an additional lan switch port? Could someone post / point me to an how-to?
Thanks in advance.

Post #2
jow
10 Jan 2010, 21:03

Hi.

You can't reconfigure the switch but you can attach eth1 to the lan bridge:

  * remove the "config interface wan" section
  * change "option ifname" in the lan section to 

option ifname "eth0 eth1"

~ JoW

Post #3
pegasus
10 Jan 2010, 21:31

unfortunately this does not seem to work. If I connect the cable to the wan port I simply cannot ping anything

Post #4
Dogge
10 Jan 2010, 22:43

Lol.....

Post #5
pegasus
10 Jan 2010, 22:44
Dogge wrote:

Lol.....

is it so funny?

Post #6
cyrus_mc
10 Jan 2010, 22:54
pegasus wrote:

unfortunately this does not seem to work. If I connect the cable to the wan port I simply cannot ping anything

If you correctly configured it (ie: added both eth0 and eth1 to the bridge) and remove the WAN definition in the network file (so that you don't run dhcp on it) it should work.

Post #7
jow
10 Jan 2010, 22:57

... also make sure that "option type bridge" is set in the lan section.

Post #8
pegasus
10 Jan 2010, 23:05

this is my /etc/config/network file


config 'interface' 'loopback'
    option 'ifname' 'lo'
    option 'proto' 'static'
    option 'ipaddr' '127.0.0.1'
    option 'netmask' '255.0.0.0'

config 'interface' 'lan'
    option 'type' 'bridge'
    option 'proto' 'static'
    option 'netmask' '255.255.255.0'
    option 'macaddr' ''
    option 'ipaddr' '192.168.1.20'
    option 'ip6addr' ''
    option 'ip6gw' ''
    option 'gateway' '192.168.1.1'
    option 'dns' ' 192.168.1.1'
    option 'ifname' 'eth0 eth1'

and unfortunately it does not work. Arg!

Post #9
cyrus_mc
10 Jan 2010, 23:18
pegasus wrote:

this is my /etc/config/network file


config 'interface' 'loopback'
    option 'ifname' 'lo'
    option 'proto' 'static'
    option 'ipaddr' '127.0.0.1'
    option 'netmask' '255.0.0.0'

config 'interface' 'lan'
    option 'type' 'bridge'
    option 'proto' 'static'
    option 'netmask' '255.255.255.0'
    option 'macaddr' ''
    option 'ipaddr' '192.168.1.20'
    option 'ip6addr' ''
    option 'ip6gw' ''
    option 'gateway' '192.168.1.1'
    option 'dns' ' 192.168.1.1'
    option 'ifname' 'eth0 eth1'

and unfortunately it does not work. Arg!

You sure your interfaces are eth0 and eth1 not eth0.0 and eth0.1 (if you use vlans, etc). Also, did you remove the wan definition from the network file.

Post #10
pegasus
10 Jan 2010, 23:33

This is the output of ifconfig

root@OpenWrtRSP:~# ifconfig
br-lan    Link encap:Ethernet  HWaddr 00:15:6D:C3:30:BC
          inet addr:192.168.1.20  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:647 errors:0 dropped:0 overruns:0 frame:0
          TX packets:631 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:62512 (61.0 KiB)  TX bytes:279961 (273.3 KiB)

eth0      Link encap:Ethernet  HWaddr 00:15:6D:C3:30:BC
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:65 errors:0 dropped:0 overruns:0 frame:0
          TX packets:85 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:5114 (4.9 KiB)  TX bytes:5548 (5.4 KiB)
          Interrupt:4

eth1      Link encap:Ethernet  HWaddr 00:15:6D:C3:30:BD
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:649 errors:0 dropped:0 overruns:0 frame:0
          TX packets:685 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:72261 (70.5 KiB)  TX bytes:284067 (277.4 KiB)
          Interrupt:5

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:3 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1100 (1.0 KiB)  TX bytes:1100 (1.0 KiB)

The one I posted before was all my /etc/config/network file: so no wan section is present

Post #11
cyrus_mc
11 Jan 2010, 00:14
pegasus wrote:

This is the output of ifconfig

root@OpenWrtRSP:~# ifconfig
br-lan    Link encap:Ethernet  HWaddr 00:15:6D:C3:30:BC
          inet addr:192.168.1.20  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:647 errors:0 dropped:0 overruns:0 frame:0
          TX packets:631 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:62512 (61.0 KiB)  TX bytes:279961 (273.3 KiB)

eth0      Link encap:Ethernet  HWaddr 00:15:6D:C3:30:BC
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:65 errors:0 dropped:0 overruns:0 frame:0
          TX packets:85 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:5114 (4.9 KiB)  TX bytes:5548 (5.4 KiB)
          Interrupt:4

eth1      Link encap:Ethernet  HWaddr 00:15:6D:C3:30:BD
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:649 errors:0 dropped:0 overruns:0 frame:0
          TX packets:685 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:72261 (70.5 KiB)  TX bytes:284067 (277.4 KiB)
          Interrupt:5

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:3 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1100 (1.0 KiB)  TX bytes:1100 (1.0 KiB)

The one I posted before was all my /etc/config/network file: so no wan section is present

Well that looks good. So when you plug into the switch (what you call the WAN port or LAN, doesn't matter since it is one big switch now) do you get an IP address? If you do you should be able to ping others on the switch.

Are you trying to ping the internet? If so that is why the guy laughed at you.

Post #12
pegasus
11 Jan 2010, 07:41

Obviously I'm trying to ping an other computer connected to the switch. And I succeed only if I do from one of the 3 lan ports. If I do from the wan port the ping timeouts. I am really stuck. Why doesn't it work? Arg!

Post #13
pegasus
11 Jan 2010, 12:20

Just a thought. Could this problem be due to the fact that routerstation pro wan port being different by hardware from the switch ports and not having auto-sensing?

(Last edited by pegasus on 11 Jan 2010, 12:21)

Post #14
vidzius
11 Jan 2010, 17:32

I have another question. Is it possible to switch LAN port (1) as WAN and WAN port (0) as LAN?
Because i have situation, that I have openWRT compatible ADSL router and i changed my ISP to cable. Thats I want to use ADSL router as my cable router. But there is only RJ-11 socket and 4x LAN's.  So is it possible to set first LAN port as WAN? I think this simmilar question how to swap WAN an LAN ports. Or this is not possible?

(Last edited by vidzius on 11 Jan 2010, 22:00)

Post #15
cyrus_mc
11 Jan 2010, 21:47
pegasus wrote:

Just a thought. Could this problem be due to the fact that routerstation pro wan port being different by hardware from the switch ports and not having auto-sensing?

Don't think so. When you plug something into the WAN port do you get a 192. ip? Maybe the bridge code isn't working correctly.

Post #16
pegasus
11 Jan 2010, 22:05
cyrus_mc wrote:
pegasus wrote:

Just a thought. Could this problem be due to the fact that routerstation pro wan port being different by hardware from the switch ports and not having auto-sensing?

Don't think so. When you plug something into the WAN port do you get a 192. ip? Maybe the bridge code isn't working correctly.

No I cannot comunicate at all with anything (so even with the router and its dhcp server). Everithing works like a charm if I plug the ethernet cable into one of the three switch ports.
Am I facing a kamikaze trunk bug?

Post #17
cyrus_mc
12 Jan 2010, 00:10
pegasus wrote:
cyrus_mc wrote:
pegasus wrote:

Just a thought. Could this problem be due to the fact that routerstation pro wan port being different by hardware from the switch ports and not having auto-sensing?

Don't think so. When you plug something into the WAN port do you get a 192. ip? Maybe the bridge code isn't working correctly.

No I cannot comunicate at all with anything (so even with the router and its dhcp server). Everithing works like a charm if I plug the ethernet cable into one of the three switch ports.
Am I facing a kamikaze trunk bug?

If you type brctl show what does it return (on the OpenWRT box)

Post #18
pegasus
12 Jan 2010, 07:36
cyrus_mc wrote:

If you type brctl show what does it return (on the OpenWRT box)

No output at all. It runs and terminates immediately with no output.

Post #19
cyrus_mc
12 Jan 2010, 18:36
pegasus wrote:
cyrus_mc wrote:

If you type brctl show what does it return (on the OpenWRT box)

No output at all. It runs and terminates immediately with no output.

Hmm, looks like your bridge isn't setup correctly. Did you compile your own firmware? You have a RouterStation Pro right?

Oh, did you type (with the show option)

   brctl show

Post #20
pegasus
12 Jan 2010, 20:52

Oh sorry I didn't typed the show option. This is the output with the show option on the routerstation pro box:

root@OpenWrtRSP:~# brctl show
bridge name     bridge id               STP enabled     interfaces
br-lan          8000.00156dc330bc       no              eth0
                                                        eth1
root@OpenWrtRSP:~#

Is this what it is supposed to be?

(Last edited by pegasus on 12 Jan 2010, 20:53)

Post #21
cyrus_mc
12 Jan 2010, 22:49
pegasus wrote:

Oh sorry I didn't typed the show option. This is the output with the show option on the routerstation pro box:

root@OpenWrtRSP:~# brctl show
bridge name     bridge id               STP enabled     interfaces
br-lan          8000.00156dc330bc       no              eth0
                                                        eth1
root@OpenWrtRSP:~#

Is this what it is supposed to be?

Yep, that means that they are bridged together.

Post your lan section in the /etc/config/network file and the contents of /etc/config/dhcp again please.

Post #22
mactalla
13 Jan 2010, 01:13

Have you checked your firewall?

With ethernet + wifi bridged, traffic still went through the firewall and I had to edit /etc/config/firewall and add

config 'forwarding'
        option 'src' 'lan'
        option 'dest' 'lan'

to communicate between machines.  Perhaps you're hitting something similar with your WAN/LAN ports?

Post #23
cyrus_mc
13 Jan 2010, 02:02
mactalla wrote:

Have you checked your firewall?

With ethernet + wifi bridged, traffic still went through the firewall and I had to edit /etc/config/firewall and add

config 'forwarding'
        option 'src' 'lan'
        option 'dest' 'lan'

to communicate between machines.  Perhaps you're hitting something similar with your WAN/LAN ports?

I don't think what you have is required or makes any sense. If it is bridged, it is essentially a single switch and it never gets up to the firewall code.

Post #24
cyrus_mc
13 Jan 2010, 05:17
cyrus_mc wrote:
mactalla wrote:

Have you checked your firewall?

With ethernet + wifi bridged, traffic still went through the firewall and I had to edit /etc/config/firewall and add

config 'forwarding'
        option 'src' 'lan'
        option 'dest' 'lan'

to communicate between machines.  Perhaps you're hitting something similar with your WAN/LAN ports?

I don't think what you have is required or makes any sense. If it is bridged, it is essentially a single switch and it never gets up to the firewall code.

I did some experiments to verify what I said was correct. The way to look at it is like this. The firewall is 192.168.1.1. When you are communicating with devices connected via a switch (or bridge) you don't address the packet to the firewall IP, it just goes out on the wire with the IP of the destination host. Therefore, it is never picked up by the firewall for processing. Even if by some miracle it was picked up by the firewall it has no way of denying the traffic since it is not involved in the process of sending to the node.

Post #25
Void Main
13 Jan 2010, 05:47

Are you trying to say that you are unable to block traffic from your router to devices attached to your router with iptables because you certainly can do that. I am sure I am misunderstanding your statement though.