The content of this topic has been archived on 21 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
Currently, I start learning OpenWrt VLAN, however, I still don't understand the relation between VLAN ports and Physical ports. Does the number of VLAN ports and physical port (both WAN+LAN) must be equal? And one physical port connect to only one single VLAN or it can connect to multiple VLAN?
Could anyone help me please?
Thank you very much because pay the attention.
VLAN is not specific feature of OpenWRT. No, you enable vlan in switch configuration for specific ports. Of course, you can connect single port to multiple VLANs, but only one of them could be untagged.
The principle is rather simple: one port get tagged and untagged traffic. Tagged is separated by tag, untagged couldn't be separated, so only one VLAN could be untagged on given port.
(Last edited by ulmwind on 30 Aug 2017, 08:27)
Imagine a row/column table, where physical ports are columns, and VLANs are rows. Each VLAN can connect several ports, and each port can be on several VLANs. Ports not connected through the same VLAN are isolated, and VLANs are always isolated from each other.
Traffic that enters and exists the switch can be tagged with an ID (that, for the sake of simplicity, will be the VLAN ID), or can be untagged. Devices that are configured to expect untagged traffic will not see tagged traffic, and viceversa (and the same for different IDs). And the switch can also tag or untagg traffic as it enters or exists.
A port can be configured for untagged traffic, or tagged traffic (several IDs are allowed), but not for both at the same time. In ports that connect to the CPU, untagged traffic goes to a "ethx" interface, and tagged traffic goes to "ethx.y".
Though in theory you should be able to have one untagged VLAN mixed with others tagged on the same port, that doesn't always work on consumer-grade hardware. Avoid mixing tagged and untagged on the same port.
The "Switch" page in LuCI shows the situation rather clearly. The main thing to look out for is that the wiring between logical port numbers and physical ports on the router often does not coincide. Identify the physical ports by plugging in a live cable to one at a time and watch which logical port shows a connection on the LuCI page.
The discussion might have continued from here.