On my Archer C7 the br-lan does not have multiple lan ports bridged. Instead it only shows a "Switch VLAN" named eth0.1. I still have the Network->Switch menu item but no checkbox to "bridge interfaces" from the old guide. Here is what worked for me: In Network->Switch select "Add VLAN", then make sure it is tagged on the CPU(eth0). This will create another "Switch VLAN" under Network->Interfaces->Devices. Create a new Interface with a static adress and select eth0.3 (or whatever "Switch VLAN" was created). Select IP range, firewall, etc. and don't forget to enable DHCP. From there it seems identical to OpenWRT 19.
Thanks for your hint! I've got an TP-Link Archer A7 which is very similar to the Archer C7 and I also don't have the possibility to configure multiple LAN ports in bridges (only eth0.1 by default). But in my case it was not enough to just assign the eth0.x switch VLANs to the interfaces. I first needed to create a bridge device for each VLAN with the corresponding eth0.x ports and then assign the bridge devices to the interfaces. Otherwise I had no connection via wifi. But now it works flawlessly - great stuff!
As it turns out DSA is not supported in IPQ806X SoC based devices yet. However, devices tab still shows up, only without the ability to configure anything in Netgear R7500 and R7800. I had read up on DSA and found it the most reasonable way to configure VLANs. However, I'm unable to use it as the feature is not yet available for my devices. I'm continuing to use the old way via switch menu, which I always found a bit confusing, but am getting used to it now by force. I'm only referring to LuCI as I don't go command line unless I absolutely have to.
Yes to all the tutorials please (RaspberryPi, Proxmox, VirtualBox). Also would love to see detailed explaination of networking concepts using VirtualBox as I don't have access to physical hardware to play with.
Your way of explaining things is the perfect match for my way of understanding things. Thank you so much for having this channel. I'm learning so much about home networking.
With DSA, having wan + lan1-4 might seem convenient, but there's a catch. They are virtual and all go through the same phy, so the bandwidth is split. There's also more CPU overhead. If a device has multiple physical ethernet interfaces connected to the switch, only the first phy is used, the rest are disabled. WRT3200 is a good example. It actually has 3 ethernet interfaces. eth2 is disabled at compile time, because it does not have a MAC address in ROM. With swconfig, by default eth0 was connected to LAN ports, while eth1 connected to WAN. With DSA, eth1 is disabled, wan + lan1-4 are virtual and go through eth0. So Marc, in case you were wondering why I maintain a patch called Revert DSA, now you know. Regarding TP-Link Archer C7 and 1043ND, I heard their switch is not compatible with DSA, so they are not likely to get support. They have only one ethernet interface, hence LAN and WAN are accomplished using VLANs eth0.1 and eth0.2.
I have two TP-Link WDR4310 as a dumb APs which as well not supported by DSA and as you mentioned a patch called "Revert DSA", can you reveal where that can be found? I am kinda stuck with my multi VLAN configuration on them.
Wow!! This is really an amazing video. You do such a great job explaning it. You have great visual aids, the pacing is good too, and you answer almost every question I have all whilst highlighting difference between popular versions of OpenWRT. You condensed down what could have taken hours or days to piece together into a 30 minute video.
Hi Peter, many thanks. Yeah, the challenge is always to put the information together. I mean, the info is there - one just needs to find it ;-) Kind of a needle in the haystack challenge really ;-) I am glad that you liked the video - thanks for the feedback.
I learn something new every time I watch this video. Just an average user with 4G internet trying to figure out how to set up vlan's on a network with 4G router and an 8 port switch and a few wireless access points! Appreciate you taking the time to try and simplify basic knowledge of how the internet works in your home and how to protect yourself from doing something that may not help your internet security which is important today to know that there is a lot more going on behind the screen than most understand and could be more harmful than you know!
I bought a couple new routers to do your BATMAN setup and I was left wondering where my old and trusted "switch" section went. Didn't had any idea on DSA, so, I'll have to watch and re-watch this video until it sticks. Really, thanks a LOT for doing all of this.
The moment then noob (me ofc) trying o understand bunch of information very fast (for me ofc). Many thanks for going into logic of your actions instead of "click like me" - that helps to understand what actually going on. At least now i know a little about vlan building possibilities/reason of tagging/etc. Many thanks, i like your way of teaching (its hard one, but really working way).
Danke Marc, your explanations are really great. Yes, I am strongly encouraging you to make Raspberry Pi based OpenWrt tutorials, especially with the topic VLAN. Vielen Dank für deine wertvolle Zeit und viele Grüße aus NRW.
Thank you for your thorough treatment on the OpenWrt subject(s). Getting my head around OpenWrt is much easier now that I know what and why I'm performing desired tasks.👍 I would very much like to learn more about VLAN on an additional managed switch.
Tip: "watch" A unix command that runs the command after it once, by default, every 2 seconds. EG: watch date will print the date every 2 seconds, with a refresh. If you want to do watch something | grep something You need to surround in quotes. watch "something | grep something"
This video is great. ❤ After trying for 2 days and failing, I finally found your video and fully understood what to to. Afterwards it took me 20 minutes to configure after a full reset and it worked smoothly. 🎉
Many thanks. Now I get it why I was always losing connecting with the router and revert back when I was trying to create vlans at the device page. This episode is so awesome.
Thanks for making this update. It was a little trickier to wrap my head around than your ususal fare, but I think I got it in the end ;-) When the switch option disappeared on OpenWRT 21.02 I was a little disappointed at first. I could have read up on it, but I thought I'd just wait for the movie. Well, here it is! The new GUI actually seems to be structured a little more clearly than the previous one, unless there's some fundamental misunderstanding on my part. I hope this is an accurate observation: The Network/Interfaces/Interfaces section configures OSI layer 3. The Network/Interfaces/Devices section configures (all) layer 2/ layer 1 interaction.
Hi Herald, first off - many thanks for the feedback and sharing !!!! Yes, I also had to do a bit of reading and getting my head around this - I actually liked the switch portion in OpenWrt19 - but as you rightly say, the way things are now are a bit more structured really.
It requires a deep understanding of how 802.1q works, before you can understand the content of this video. I've been using both OpenWrt 19.07 and 21.04 for a long time for complicated VLAN configuration, but I was asking myself what the asterisk (*) means in the context of, for example "lan2:u*" (in 19.07 it was simply either "2t" or "2"). After the video, now I understand it means the LAN2 port has the VLAN which is being configured as its PVID. I almost never use LuCI. Thanks a lot.
Many thanks for your feedback ! Yes - I admit that I had trouble understanding PVID vs. egress untagged for a (long) while - thought it was redundant really until I understood the egress/ingress part - VLAN is a huge learning curve in my opinion ;-)
Wow. This is an amazing video and the way you deliver it is very helpful to understanding the new concepts and differences. I was about to revert back to v19 because learning all this stuff from the documentation seemed to complex to put into action, with all my kids and house mates pressing me to get the network back up.
Thank you very much for such a simple and understandable explanation about VLAN! Special thanks for your contribution to the distribution of OpenWRT. I subscribed a month ago and now I watch all your videos. And by the way, it was after this video that I was finally able to set up VLAN. I wish the grow of the channel and look forward to new videos. Such work and material is really worth supporting from the community through patreon or something else!
Your videos are awesome! Thank you for making these. Similar content across the web are no where close to your level. I am new to networking and your videos have my home network up and running with multiple vlans with openwrt all of which is new to me.
Super video! Thanks to you I now managed to get my perfect home setup running: - main router (WRT-3200, wifi off due to buggy drivers, vlan filtering) - dumb AP1 (Ubiquiti UniFi 6 LR: 2.4G/5G internal-wlan/guest-wlan, vlan filtering, fast roaming) - dumb AP2/switch (WRT-1900 ACS: 2.4G/5G internal-wlan/guest-wlan, vlan filtering, fast roaming)
Awesome. I actually got mine working already by leveraging off your previous video. I took many different paths than yours though to get mine set up. I guess there are different roads to get to the same place, but I have to admit, I did get locked out many times during my experimentation before I nailed it. And it only took me 2 weeks ;) . Next I’ll try following your ‘paths’ here instead. And thanks for explaining the ‘LOCAL’ setting. I really wondered what that was for. And I am now going back to re-number my VLANs, which are currently 1,2 and 3. So many good tips! As for your next video, none of the one’s you mention. My request is ‘The Best OpenWrt Router for 2022’. I got the D-link Dir-2660 from your 2021 router video and this was a real good choice. Especially the recovery option it has. Thumbs up! Thanks man!
One thing I wish you would show us is how to use the firewall log to see if our cameras are trying to phone home. I've been struggling with this and just can't seem to get anywhere.
Hi, many thanks for this awesome feedback! I am actually already planning the OpenWrt 2022 episode, especially in the lights of Wi-fi 6. Your idea w/r to firewall logging sounds great as well! Many thanks!
@@OneMarcFifty The speed was very suitable, there is nothing to complain about :) . We had to go through sentence by sentence - despite good prior knowledge. But that is simply the nature of learning things. First we watched the video informatively in its entirety, then we worked through it piece by piece. What is a bit irritating is the synchronisation of your sentences with the picture shown. Sometimes we weren't sure if the picture still showed what you were saying or if you were referring to something that had already been "clicked". But that becomes clear when you really get into it and is not really that significant. From there: Just keep it up, it was super helpful for us and I was able to apply the knowledge I learned from you several times in the meantime :)
Thanks so much Marc for the OpenWRT Videos. I have just got started in this world of using old hardware. I have three Netgear WAC 104 access points running ver 22 and followed your video on fast roaming, what a difference in my wifi cheers. The call to action, yes Proxmox container with a lan to cover containers into a vpn would be amazing too see.
Marc, great video as always; you are a natural professor. A suggestion for a future video; I see you have a MGNT interface, so how about a video on how to setup a secure server management network/environment.
Hi Andrew, many thanks. I had been thinking about this - just not sure how many people would really want to see this - but I think I'll cover it in the lights of the reverse proxy videos that I am planning (as I put an additional TOTP authentication using NGINX between the networks)
I was a fool to think that I had managed to configure 21.03 with DSA by myself: 21.03 on FB4020 does still have a "switch" menu: I didn't realize that it's not a real DSA thing. Now I got EdgeRouter X and was shocked to find out that I'm clueless! Thank you so much for your great video! Now I can start!
Perfekt! Danke sehr! This is as complete a VLAN tutorial as one can expect - great work and keep putting out such like-worthy content. BTW; I like your T-Shirt color too!!
Call to action, yes please! Raspberry Pi as WireGuard VPN gateway has been on my mind for some time now. I have 2 of my VLANs go via the VPN provider and have one neutral VLAN (not via VPN but via ISP). Have that working now with luci-app-vpn-policy-routing, which also allows me to specify some remote ip addresses which should never be routed through the VPN, and VPN running on the router. But not sure how to do policy routing when using the Pi as WireGuard VPN gateway... Also very interested to learn how to properly configure Raspberry Pi as 'router on a stick' (with a VLAN aware switch). This channel is the best resource on OpenWRT! Thanks a lot :) Bought my first OpenWRT routers (Belkin RT RT3200) encouraged by your videos. Probably wouldn't have tried it otherwise...
Thank you very much for great explanation and interesting topics! I'm just in the middle of rebuiling my home network and this video helped me very much! Keep up the good work!
Hi. I just wish to complement your contribution to society and to what it means to share skills and knowledge. Furthermore, cudos to your skill and way how you deliver information to people! I hope you continue. I can’t thank you enough!
Thanks so much Marc! This video helped immensely! I echo the many other comments: YES! Would love to see a video on RPi 4 + Smart Managed Switch + VLANs! I've used a couple of your videos now to build this type of setup with a RPi 4, Ethernet USB 3.0 dongle, and Netgear L2+ switch. But would really enjoy being able to "check my work" against yours!
Thank you for making this video! I was clicking around the LuCI web interface for quite a bit without finding where to configure VLANs. Also, the official documentation does not seem to be very updated around configuring VLANs in newer versions of OpenWRT. Thanks again!
Hello and thank you for this video. I recently found your channel and you helped me understand a lot of things about OpenWRT. I have few TPLink 1043ND v5 that i don't want to throw them out and they are not yet (or never) compatible with DSA. I have managed to assign wireless ssid's to vlans on 21.02.x without DSA like this: 1. Declare/make vlans on the switch menu, Network -> Switch 2. add this vlans to bridges on Network -> Interfaces -> Devices tab including the management vlan (management vlan and other vlans declared on switch that you don't want to assign to wireless networks can be added directly to Interfaces but i noticed that LLDPD package will not work without a interface based on a bridge) 3. create interfaces on Network -> Interfaces -> Interfaces tab using these newly created bridges 4. assign wireless networks to the newly created interfaces.
yes... yes... and yes.... :) as said before me - yes to all of them. Starting with OpenWRT with Orange Pi and then the others would be great!!! Thank you.
You answered what I was wanting with my previous comment, Thanks, you do an amazing job. I know this is an older video but OpenWRT on a Raspberry Pi would be awesome.
Hi Mark, thank you again for your description of OpenWrt 21.02 news. I made an attempt some weeks ago to configure my dumb access point with such new version but I gave up because I missed this lesson. So at present I'm working with two devices both running OWrt 19.x. Maybe in a near future I'll upgrade at least the access point to 21.02, unless some inconcistencies arise. I've too many constraint on the main supplied by the internet provider.
Hi Andrea, many thanks for your feedback! Just be aware that the upgrade process can not convert your VAN config from 19 to 21, so you will have to do it by hand ;-)
great, now how do we setup & properly run fully OpenWrt 21 host +pihole & pikvm clients in QEMU/KVM running on arm pi 4 hardware? im not sure any QEMU/KVM can properly virtualise pikvm vmouse/vkeyboard +vlan usage though. i like 'Van Tech Corner' practical OpenWrt use cases but always advocate your channel for pure teaching practical clarity ,thanks to you iv learned a Lot. a OneMarcFifty/Van Tech Corner collaboration could be fun.
Might do it with Docker. Yes - Van Tech corner and I sometimes kind of „turn around each other“ ;-) sometimes he picks a subject first, sometimes I do. I‘ve had MWAN3 and wireless mesh on my list for so long, but he made videos first ;-) I‘ll give him credit when I do mine.
I've ran OpenWRT on a Pi with WAN and LAN on eth0 using VLAN's and a managed switch. So a video explaining to people how this is done would be useful. The full duplex bit would be good to explain as well. People like to jump to well you'll get less then half your download speed if you only use one NIC.
dear OneMarcFifty in my router , wdr4300 running openwrt 21 there is switch menu on network tab, should i use 21 DSA metod or 19 openwrt version methode?
Thanks. FYI this video still be referenced in 2024 on openWRT 23.05 🙂 One comment I would make in case someone else has this issue. If your connection is on WiFi, even though there is no change to WiFi needed, the connection on WiFi does not reestablish. I think this was fixed with a restart of the WiFi SSID. I did this by making a change and changing it back but I think a simple re-start will do.
Yes please configure PI with managed switch with VLAN to WAN zone and VLAN to untagged VLAN to LAN zone then configure a few tagged VLAN’s to the switch ports on the LAN just so we can see how it works. How do we use firewall rules in addition to VLAN’s to segment and secure our network? Separating the router and switch functions to different boxes (as in a raspberry pi config) could be a helpful learning tool. Also as a bonus could you do a performance comparison test by testing latency differences between the native Ethernet NIC and a popular USB 3.0 to Ethernet adapter. If you do that please test with multiple flows so we can see exactly what the performance degradation looks like using such an adapter during load and whether the adapter (USB 3.0 Ethernet) is better suited for the WAN zone or the LAN zone. This would help us decide if the loss of bi directional throughput (Full gigabit) on the PI router is worth the reduction in latency. Please tell us your thoughts on both the USB 3.0 adapter NIC and using a managed switch. Many thanks! Love your channel!
Thanks a lot for these amazing videos on OpenWrt.. Please keep them coming :) If possible, please do one on virtualizing OpenWrt in Proxmox. Looking forward to RPi tutorials as well.
Mark: Love your unique style to make concepts clear. Why not make all ports in one switch bridge wan1,lan1,lan2,lan3,lan4 and then assign to specific vlans. We can keep untagged for wan port so that a non-vlan aware telco modem can still be used there. In essence instead of call them wan1,lan1,lan2,lan3,l and an4 --- they are actually port 0, 1, 2, 3, and 4.
Hi Anil, while your suggestion would work - I wouldn't do it that way - I would not bridge WAN and LAN on the same bridge. That would create security concerns. I'd rather have them separated as soon as possible in the flow. Unless of course you are talking about the setup on the Access point (which is not connected to the internet) - then yes - that would work !
Thank you for your great video ! I wish you already had this video made, as I was struggling with OpenWRT 21.02 on Fritzbox 4020 in October. I did make it through, but your video helped me to understand it a bit better. Now, just some info from my side, in case it might be useful.... I have OpenWRT 21.02 on Raspberry pi 4 set up last year around June (a trial version): it was quite easy because I just ignored DSA thing. (had no idea back then) It was fine, because I wasn't counting on being able to use wifi on Raspi 4 itself, and it doesn't have any switch. I didn't make any bridge interface, just created eth0.xy and used them everywhere. I used the only Ethernet port for LAN and WAN, where WAN side was connected with speedport entry2 in pure modem mode through a managed switch TP Link SG108PE. Then, something weird happened: when the modem gets power-cycled for some reason, the WAN interface of raspi didn't connect anymore on its own. I had to restart the raspi, too, in order to reconnect it. Restarting wan-interface alone didn't work. The jack of the power adapter of the modem is a bit loose, so it was a problem. In December, I decided to use USB-Ethernet adapter TP Link UE-300, then this problem went away. Moreover, it got noticeably faster. So, I think, WAN on a dedicated USB adapter is better. I was also powering the Raspi with PoE, but it also caused some subtle but serious problem, so now I have a power adapter. Another thing is, I have SG108PE managed, and a few dumb switches from TP Link. The ability to negotiate the speed on dumb switches seems better than on SG108PE. SG108PE wants to drop the speed, even though higher speed can go without an issue. So I guess cheap managed switches are not good. That's another reason why it might be better to use USB-Adapter. So it's just my experience, still a noob (but get a lot of help and learning:)
I had OpenWRT up and running on a Raspberry Pi 4 some months back. I used a usb3 gigabit network adapter to get 2 wired network interfaces, and it was running fine like that for me. It was my first proper attempt to use OpenWRT, so I needed to do lots of trials and failures before it all worked okay for me. I was disappointed with the Pi 4's built in wireless capability though. It wasn't sufficiently fast for me, and there were issues using more than 1 SSID (e.g. 5GHz and 2.4GHz ones) at a time. So, I already owned a Archer C7, and flashed that and prefer that for my OpenWRT router. The wifi capability is good, and it frees up the Pi 4 for other projects. I do like the "horsepower" of the Pi 4 though. Great for running VPN services or extra features, e.g. traffic analysis. I'm interested in all of your suggested video topics. One area I have problems with is trying to get 4G LTE usb modems working with OpenWRT. (I like the idea of cellular broadband as the main internet system, as well as cellular broadband acting as a fail-over.)
Many thanks for these excellent videos. If you are still thinking about future topics for videos, support for the Redmi AX6000 was recently merged. This device looks promising. 802.11ax and potentially better range than the Belkin RT3200 thanks to its external antenna array. SoC is more powerful as well. A video on OW installation and comparison to the RT3200 would be a great one IMO.
Hi Brandon - definitely. The AX6000 seems to be a good pick. Juuuust - I have become a bit reluctant to hardware-specific videos as the vendor can change the hardware at any time, still use the same brand and model (but V2 instead of V1) - but with totally different hardware, rendering the video unusable for many...
Marc, your latest videos on OpenWRT are gold. I want to add a word of warning to this kind of VLAN setup. In my narrow experience (just tried tp-link archer C6U) when moving packets even on the same VLAN the device main CPU is used, not the switch's. So, the TL; DR; idea: you may not get the same throughput with this setup as when your leave the switch as factory config.
@@OneMarcFifty I was wondering about this. I was interested in making a wrt3200 into a managed switch but was afraid of the hit to throughput. I have seen instructions on the smart microtik switches where they setup commands to only use the switch chip and not route through the CPU. I don't think this is possible with inter-VLAN setup (which is what I want to setup). Is it possible to force routes through the switch chip on OPENWRT? PS: your videos have helped me immensely!
Hi,nice videos..very good explanations;clear and easy.Thank to your video I got set up my Pi4 Router + Usb-Gigabit Ethernet adapter and Openwrt 22.02.Raspberry Pi4 no have Switch and new OpenWrt 22.02 is different.A new update video is needed:OpenWrt 22.02 Rasberry Pi4 OnVlan confuguration on Rapsberry Pi4.Thank you.
Thank you for this video Marc! I tried following along but I only wanted to create a VLAN over one port, so where you configured both ports 1 & 2 I did nothing with port 2, etc... and when selected to tag or untag, I left all other ports as "Do not participate", I then lost connection after clicking save & apply. Do I need to segment the bridge to isolate port 1 from the other ports or is there something I missed or that you did not cover in this video which I am missing?
Great Video and as always very clear! Thanks Marc for your efforts and the very useful content! Concerning further topics, it would be great to see a setup with an Orange pi, orange pi zero (1 or 2) as super fast access point. Or Orange pi R1 setup as a powerful router with multiple vlan's, openvpn, ad blocking, etc. Regarding Proxmox, I personally have troubles to clearly setup a dedicated Lan voor my VMs and containers so if you have solutions that would be great!
With those videos, I have redrawn all my home networks! Thank you for all the helpful and clear information you provide with your channel! Really thank you! One question about the VLAN (99) used for the management: here and on the other video you suggest leaving the DHCP to provide the IP for the mng interface (LAN) and in this video you suggest setting unmanaged all the others... but in the bad case you lose the upstream with the router the second AP will be totally unreachable... Do you have any concerns/comments to setting the interface with static IP outside the DHCP range provided by the upstream router to have a fallback way to enter the AP?
Hi, you are right. You may lose the device if you lose upstream. You can of course use static addresses. Just assign them outside of the dhcp server‘s range.
Awesome explanation. Thank you! I saw you have a separate device for multimedia. Do you have a separate vlan for it? Could you explain, please, how you have managed it?
I would absolutely 100% be interested in seeing a video from you about vlans on the raspberry pi and also vlans on proxmox. I know the videos you're talking about. Have watched them more times than I'd like to admit, and spent many hours trying to get it to work on my RPI4, but was still never successful in doing so. I've burned myself out on the idea, to be honest, and have recently shelved the project. Would love to get a fresh take from your perspective.
Please do more videos on docker. Ie. run openwrt as docker container and try to configure PPPoE connection on WAN side with tagged VLAN (expand macvlan tutorials). I try to do this on Synology DSM, but my knowledge of linux networking is not enough. Still trying to learn but there is little or no resources on the web. You mentioned some advanced topics in docker networks part 2. Ie. home lab on docker containers. Router on a stick (raspberry pi as a router) or VMs with VLANS is not a big challenge. There are tons of tutorials on the net. Maybe unless you try to bridge WiFi do VM where you need to manipulate mac addresses with ebtables etc.
In your video "how to extend wifi to a second access point" I cannot find the section that you say it should not have a firewall. Did you disable it? if so , can you kindly show us?
What would the br-lan Bridge VLAN filtering table settings look like for a router with 4 ports: VLAN 99 for the LAN zone includes ports 1-2-3, VLAN 3 for the IoT zone includes port 4 (I have an unmanaged switch plugged in here for IoT wired devices), and VLAN 4 for the GUEST zone?
You would add lan1,2,3,4 to the bridge, Tick VLAN Filtering, add VLANs 3,4,99, Tick the "Local" box on all of them and set lan1,2,3 to "U*" on 99 and lan4 to "U*" on VLAN3.
Openwrt in vm with hardware passthrough will be interesting. E.g. how to get a native lan to lan throughput in guest os, virtually separate router that connect ISP, and use vm for dedicated remote management machine, etc
When no VLAN filtering is active on a bridge device, all ports part of the bridge are trunks, i.e. all untagged and tagged packages are passed along. On the bridge an interface (a subnet denoted by an UCI network.interface) can be created on the bridge as well as (software) 802.1q devices, either explicitly or implictily as custom device for an interface. For a reason that I do not fully understand one cannot succesfully connect a WLAN device to the latter software 802.1q device; but can connect though a WLAN to a bridge device over one or more of such software 802.1q devices. Any idea why ?
Hi Paul. The Wi-fi itself has also a device attached to it (the radiox) - when you connect a wi-fi to any other device then it is effectively bridged to that other device. This process does not per se create a bridge but is rather expecting to be added to an existing bridge. Therefore you can only add wifi to a bridge really. Solution: create a new empty bridge, add the 802.1q to that bridge and then connect the wi-fi to it. You are then bridging the vlan with the wifi
Hi Marc, Could you tell me if I used VLAN on my router, would it have a significant performance impact on routing capabilities or affect it's performance by any means?
Hi Varun, difficult to say. From what I have observed on my devices it does not have a real measurable impact on the performance. I think the "big" things that hit performance are crypto (i.e. Wifi security, VPN and the like) as well as SQM.
On my Archer A6 I had issues setting up the VLANs. I'd click save and it wouldn't take them. I found that if you Enable and save before you configure the VLANs, you'll be able to set them up and save when done
Good video, Not a fun of "the new way" to be really honest. Following the video, I was connected to "first VLAN" (the one we add to the interface before first save and apply). Does not like it!. I had to connect to an untagged switch port (before and after), Sav there and re-apply the interface the wifi SSID was bound to. Not a really a problem on 19. Just curious what are the 8921Q VLAN devices all about? This looks like LINUX sub interface with a VLAN tag, so you can add the VLAN tag on a port by port basis, an alternative way of doing what is done in this video? If so, what are the pros and cons of both approaches. I originally set my VLANs requirements up using these devices, did not take wifi down (other than a reconnect after the interface is reset, always needed in OpenWRT). I bridged these sub-interfaces. As I only had 2 LAN ports not the end of the world. I am guessing using the method in this video gives us hardware switching, but bridging sub-interfaces would give us software switching (i.e from eth1.2 to CPU to eth2.2 etc.). Simon
You can still do it the "old way", i.e. create 802.1Q devices for each VLAN (e.g. eth0.11, eth1.23 and the like) and then add them to a bridge. In a nutshell you would have a bridge for guest, another one for lan and so on.
I have a question. Can the "2ND ACCESS POINT" be a managed switch? Thanks a lot for your video. I was really confused about this topic before watching it
I have a 3370 with OpenWRT and did an upgrade this week from the old "Switch based VLAN" to the new DSA. I see a performance impact when i used bridged vlan filtering. Currently i'm trying to find out how to implement the old vlan method on the new version.
Go to Network- Interfaces- Devices and add a new bridge for every VLAN you have, then add the tagged Ethernet device (e.g. eth0.55) to the bridge. Then create an interface and attach it to that bridge
I'd love to see a Raspberryi video on VLANs with a managed switched. I did it once with an extra USB interface but one day it stopped working because of SD corruption, never really got to the bottom of it. So I'm using OpenWRT on a Netgear AP with a managed switch and VLAN tagging.
I’m starting to wonder if it was over heating on the Pi4. Seems unlikely. Though I have heat sinks on the chips but no fan. I noticed it behaving slower (probably throttling) when I used PiMiga for a few minutes.
