Menu
What's new
By:
Filters Better Search

Help setting up VLAN on ASUS RT-AC68U

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Here is the output...

Code: 
admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh 20 status verbose

        ***ERROR Cannot display status; VLAN 20 (or Bridge br20) not found

admins@RT-AC87U-6798:/jffs/scripts#

Any further tests I can try?
 
bmb said:
Here is the output...

Code: 
admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh 20 status verbose

        ***ERROR Cannot display status; VLAN 20 (or Bridge br20) not found

admins@RT-AC87U-6798:/jffs/scripts#

Any further tests I can try?
Click to expand...

Well you could try the following again
Code: 
./vlanswitch.sh   20   2   autodnsmasq

./vlanswitch.sh   20   status   verbose

robocfg   show
 
I've had a chance to run those commands, though without a VLAN device connected. I think I need to reconfigure the switch first as the main router I'm using has the main subnet and VLAN through one port, the RT87 splits them So I'll come back to testing with devices connected another time when I can free up a port on the switch, though looking at the output below seems like RT87 is properly configured

Code: 
admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh   20   2   autodnsmasq

(vlanswitch.sh): 8891 v1.24 non-Public Beta © 2016-2018 Martineau. VLAN configuration utility.



        (vlanswitch.sh): 8891 VLAN 'vlan20' alias 'None20' (192.168.20.0/24) via Switch Port 2 created for downstream VLAN switch(s)


admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh   20   status   verbose

        v1.24 non-Public Beta VLAN Switch Port 2 Configuration Status:


        'None20' vlan20 Robocfg Status
        ==============================
   1: vlan1: 1 2t 3 5t 8t
  20: vlan20: 2t 8t


        'None20' vlan20 Bridge Status
        =============================



        'None20' vlan20 Status
        ======================
vlan20    Link encap:Ethernet  HWaddr xx:xx:xx:xx:xx:xx
          inet addr:192.168.20.1  Bcast:192.168.20.255  Mask:255.255.255.0
          inet6 addr: fe80::fa32:e4ff:fe77:6798/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:27 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:3822 (3.7 KiB)

          alias None20


        'None20' vlan20 Statistics
        ==========================
vlan20  VID: 20  REORDER_HDR: 1  dev->priv_flags: 1
         total frames received            0
          total bytes received            0
      Broadcast/Multicast Rcvd            0

      total frames transmitted           27
       total bytes transmitted         3822
            total headroom inc            0
           total encap on xmit           27
Device: eth0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings:

                Firewall rules
                ==============
Chain MyInput (1 references)
num   pkts bytes target     prot opt in     out     source               destination
1        0     0 ACCEPT     udp  --  vlan+  *       0.0.0.0/0            0.0.0.0/0            multiport dports 53,67
2        0     0 ACCEPT     tcp  --  vlan+  *       0.0.0.0/0            0.0.0.0/0            tcp dpt:53
3       13  1598 DROP       all  --  vlan+  *       0.0.0.0/0            0.0.0.0/0            state NEW

Chain MyVLANs (1 references)
num   pkts bytes target     prot opt in     out     source               destination
3        0     0 DROP       all  --  br0    vlan+   0.0.0.0/0            0.0.0.0/0            state NEW
4        0     0 DROP       all  --  vlan+  br0     0.0.0.0/0            0.0.0.0/0            state NEW
5        0     0 ACCEPT     all  --  vlan+  *       0.0.0.0/0            0.0.0.0/0            state NEW

                DNS VPN rules
                =============


        'None20' vlan20 ACTIVE devices (ARP only accurate within 60secs?)
        =================================================================

admins@RT-AC87U-6798:/jffs/scripts# robocfg   show
Switch: enabled
Port 0:   DOWN enabled stp: none vlan: 2 jumbo: off mac: 00:00:00:00:00:00
Port 1:   DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 2:   DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 3:   DOWN enabled stp: none vlan: 1 jumbo: off mac: c8:xx:00:xx:fx:xx
Port 4:   DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 5: 1000FD enabled stp: none vlan: 1 jumbo: off mac: c8:xx:00:xx:xx:xx
Port 7: 1000FD enabled stp: none vlan: 1 jumbo: off mac: f8:32:e4:77:67:98
Port 8: 1000FD enabled stp: none vlan: 1 jumbo: off mac: f8:32:e4:77:67:98
VLANs: BCM5301x enabled mac_check mac_hash
   1: vlan1: 1 2t 3 5t 8t
  20: vlan20: 2t 8t
1045: vlan1045: 1t 2 7t
1046: vlan1046: 0t 2 3 5
1047: vlan1047: 1t 2 4t 5 8u
1099: vlan1099: 1t 2t 5 7 8u
1100: vlan1100: 2t 3 8t
1101: vlan1101: 1 4 5 7 8u
1102: vlan1102: 0t 4 5
1103: vlan1103: 1t 2t 3 7t 8u
admins@RT-AC87U-6798:/jffs/scripts#
 
bmb said:
I've had a chance to run those commands, though without a VLAN device connected. I think I need to reconfigure the switch first as the main router I'm using has the main subnet and VLAN through one port, the RT87 splits them So I'll come back to testing with devices connected another time when I can free up a port on the switch, though looking at the output below seems like RT87 is properly configured
Click to expand...

OK, just to clarify, your post #81 was a PEBCAK moment? :D

Can you confirm
Code: 
nvram get wan0_ifname
I have updated the script as it may get the WAN interface name incorrect?
 
I'm not sure if its me or not, it could well be, though when I run that command again now I get this:

Code: 
admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh 20 status verbose

        ***ERROR Cannot display status; VLAN 20 (or Bridge br20) not found

admins@RT-AC87U-6798:/jffs/scripts#

No changes made, router has been powered up since last night, and if I now repeat your codes from post 82 I get the same results again as I did in post 83.

Output of nvram get wan0_ifname:

Code: 
admins@RT-AC87U-6798:/tmp/home/root# nvram get wan0_ifname
usb0
 
bmb said:
Output of nvram get wan0_ifname:

Code: 
admins@RT-AC87U-6798:/tmp/home/root# nvram get wan0_ifname
usb0
Click to expand...

OK as I suspected you must download v1.25 as WAN interface 'usb0' will be ignored.

bmb said:
I'm not sure if its me or not, it could well be, though when I run that command again now I get this:
Click to expand...
bmb said:
***ERROR Cannot display status; VLAN 20 (or Bridge br20) not found

No changes made, router has been powered up since last night, and if I now repeat your codes from post 82 I get the same results again as I did in post 83.
Click to expand...

No it is probably the script :oops:, but no idea why is has worked but now it doesn't.:confused::confused:

I suggest you try
Code: 
./vlanswitch.sh 20 del
then download v1.25 then retry
Code: 
./vlanswitch.sh 20 2

./vlanswitch.sh 20 status verbose
 
I update to script v1.25 ran these commands and the router crashed and rebooted

Code: 
admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh   20   2   autodnsmasq

(vlanswitch.sh): 2473 v1.25 non-Public Beta ? 2016-2018 Martineau. VLAN configuration                                       utility.



        (vlanswitch.sh): 2473 VLAN 'vlan20' alias 'None20' (192.168.20.0/24) via Switc                                      h Port 2 created for downstream VLAN switch(s)


admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh   20   status   verbose

        VLAN Switch Port 2 Configuration Status:


        'None20' vlan20 Robocfg Status
        ==============================
   1: vlan1: 1 2t 3 5t 8t
  20: vlan20: 2t 8t


        'None20' vlan20 Bridge Status
        =============================



        'None20' vlan20 Status
        ======================
vlan20    Link encap:Ethernet  HWaddr F8:32:E4:77:67:98
          inet addr:192.168.20.1  Bcast:192.168.20.255  Mask:255.255.255.0
          inet6 addr: fe80::fa32:e4ff:fe77:6798/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:3896 (3.8 KiB)

          alias None20


        'None20' vlan20 Statistics
        ==========================
vlan20  VID: 20  REORDER_HDR: 1  dev->priv_flags: 1
         total frames received            0
          total bytes received            0
      Broadcast/Multicast Rcvd            0

      total frames transmitted           28
       total bytes transmitted         3896
            total headroom inc            0
           total encap on xmit           28
Device: eth0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings:

                Firewall rules
                ==============
Chain MyInput (1 references)
num   pkts bytes target     prot opt in     out     source               destination                                       
1        0     0 ACCEPT     udp  --  vlan+  *       0.0.0.0/0            0.0.0.0/0                                                  multiport dports 53,67
2        0     0 ACCEPT     tcp  --  vlan+  *       0.0.0.0/0            0.0.0.0/0                                                  tcp dpt:53
3        0     0 DROP       all  --  vlan+  *       0.0.0.0/0            0.0.0.0/0                                                  state NEW

Chain MyVLANs (1 references)
num   pkts bytes target     prot opt in     out     source               destination                                       
3        0     0 DROP       all  --  br0    vlan+   0.0.0.0/0            0.0.0.0/0                                                  state NEW
4        0     0 DROP       all  --  vlan+  br0     0.0.0.0/0            0.0.0.0/0                                                  state NEW
5        0     0 ACCEPT     all  --  vlan+  *       0.0.0.0/0            0.0.0.0/0                                                  state NEW

                DNS VPN rules
                =============


        'None20' vlan20 ACTIVE devices (ARP only accurate within 60secs?)
        =================================================================

admins@RT-AC87U-6798:/jffs/scripts#
 
I had already replaced the script with v1.25, (do I need to go back back to v.24 first?), so then ran these codes and it crashed and rebooted again.

Code: 
admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh 20 del

(vlanswitch.sh): 24132 v1.25 non-Public Beta ? 2016-2018 Martineau. VLAN configuration utility.

        ***ERROR - Cannot delete; VLAN 20 (or Bridge br20) not found

admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh 20 2

(vlanswitch.sh): 31458 v1.25 non-Public Beta ? 2016-2018 Martineau. VLAN configuration utility.



        (vlanswitch.sh): 31458 VLAN 'vlan20' alias 'None20' (192.168.20.0/24) via Switch Port 2 created for downstream VLAN switch(s)


admins@RT-AC87U-6798:/jffs/scripts# ./vlanswitch.sh 20 status verbose

        VLAN Switch Port 2 Configuration Status:


        'None20' vlan20 Robocfg Status
        ==============================
   1: vlan1: 1 2t 3 5t 8t
  20: vlan20: 2t 8t


        'None20' vlan20 Bridge Status
        =============================



        'None20' vlan20 Status
        ======================
vlan20    Link encap:Ethernet  HWaddr 7E:A3:D4:FB:75:9D
          inet addr:192.168.20.1  Bcast:192.168.20.255  Mask:255.255.255.0
          inet6 addr: fe80::7ca3:d4ff:fefb:759d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:27 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:3822 (3.7 KiB)

          alias None20


        'None20' vlan20 Statistics
        ==========================
vlan20  VID: 20  REORDER_HDR: 1  dev->priv_flags: 1
         total frames received            0
          total bytes received            0
      Broadcast/Multicast Rcvd            0

      total frames transmitted           27
       total bytes transmitted         3822
            total headroom inc            0
           total encap on xmit           27
Device: usb0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings:

                Firewall rules
                ==============
Chain MyInput (1 references)
num   pkts bytes target     prot opt in     out     source               destination
1        0     0 ACCEPT     udp  --  vlan+  *       0.0.0.0/0            0.0.0.0/0            multiport dports 53,67
2        0     0 ACCEPT     tcp  --  vlan+  *       0.0.0.0/0            0.0.0.0/0            tcp dpt:53
3       12  1351 DROP       all  --  vlan+  *       0.0.0.0/0            0.0.0.0/0            state NEW

Chain MyVLANs (1 references)
num   pkts bytes target     prot opt in     out     source               destination
3        0     0 DROP       all  --  br0    vlan+   0.0.0.0/0            0.0.0.0/0            state NEW
4        0     0 DROP       all  --  vlan+  br0     0.0.0.0/0            0.0.0.0/0            state NEW
5        0     0 ACCEPT     all  --  vlan+  *       0.0.0.0/0            0.0.0.0/0            state NEW

                DNS VPN rules
                =============


        'None20' vlan20 ACTIVE devices (ARP only accurate within 60secs?)
        =================================================================

admins@RT-AC87U-6798:/jffs/scripts#
 
I think the first crash may have been with v1.24 but wasn't so obvious because I'm simply running this router as a test for USB WAN. So before making any more changes let me do a factory reset and start again
 
Following the factory reset, initialize, running v1.25 crashes the router almost straight away. Then after reboot I ran v1.24 and thought all was well, but after several mins (about 5mins), crashed again. I didn't know it was crashing before due to the longish delay after running the script.

In view of this do you want to carry on testing?
 
bmb said:
Following the factory reset, initialize, running v1.25 crashes the router almost straight away. Then after reboot I ran v1.24 and thought all was well, but after several mins (about 5mins), crashed again. I didn't know it was crashing before due to the longish delay after running the script.

In view of this do you want to carry on testing?
Click to expand...

Sorry for the inconvenience.:oops::oops:

At least the one positive is that this explains the mysterious 'disappearing' VLAN :rolleyes:

Furthermore this may also explain why there was no feedback from the previous RT-87U user given the apparent catastrophic impact on the router, which fortunately in this instance you are able to test on a spare unit.

It is up to you to decide if it is worth attempting to continue.

Without additional info i.e. is there anything meaningful in Syslog?, I'm not sure if there is anything that could help diagnose the crash.

Both v1.24 and v1.25 attempt to create the tagged VLAN port based on the 'robocfg' output. So this would probably be the area where I would start to investigate.

i.e. You would issue
Code: 
robocfg show
immediately after a clean reboot, then again after running v1.24 (not v.125) as this would give you time to enter the second command!

So, usually the script would expect the WAN to be 'eth0/vlan2' but as your WAN is 'usb0' then this would be the second area I would suspect.

So if you were to run the script without configuring the WAN as 'usb0' but leaving it to its default, it would be interesting to see if either/both scripts still crash the router?
 
Its OK, no real inconvenience to me, I didn't wish to take up any more of your time for what may be little gain to the community.

Over the weekend I'll do as you suggest and see if you can spot anything of interest.
 
Hi.

I would like to get a copy of those scripts for enabling vlans on my Asus RT-AC68U router with the latest Merlin firmware on it (384.8_2).

Many thanks in advance!!

Joel
 
I'm interested as well. Looking to do some network re-mapping/organization and this seems like just the thing I might want to use.
 
Toddimus said:
I'm interested as well. Looking to do some network re-mapping/organization and this seems like just the thing I might want to use.
Click to expand...

Unfortunately the script will not work in your environment RT-AC86U Incompatibility

Also the script cannot run in AP mode, however, forum member @bmb attempted to see if he could adapt/use the script on his RT-AC87U but seemingly failed i.e. RT-AC87U Crash and apparently gave up?
 
Hello,
I would like to try running the scripts on an ASUS RT-AC5300 running Merlin 384.8_2.
Let me know.
Thanks in advance.
Bobby
 
I apologize but Im not sure if its proper to start a convo or to request it in the forum for the is my first time to ask anything but Id really appreciate it if I could receive your a copy of your vlan beta script? I have the the same scenerio twice, one on the RT- AC68U with a unmanaged switch with vlan tagging and a RT-AC66U_B1 with a unmanaged switch that does not support vlan tagging. I would like to try it on both because i want find the best one to run my vpn on with a couple of clients with Division and Entware installed one to host all iot and run just Entware, both have Merlin F/W 384.8_2. not sure which ones better at each job. It looks to be what i've been looking for myself. Any advice/tips would be greatly appreciated as well.:confused:
 
Can you send me your script?

Thanks in advance

Martineau said:
I'm not sure what issues you faced with the various other scripts/commands posted on the forum, but if have the time and want to beta-test my script I can send you a link?

Code: 
#======================================================================================= © 2016-2018 Martineau 'Router-on-a-stick' v1.18
#
# Configure RT-AC68U LAN Port X as VLAN Trunk for tagged VLAN nnn to downstream switch(s) on separate subnet using '/etc/dnsmasq.conf' or simply assign Port X to a separate subnet.
#
#
# Usage:    VLANSwitch  ['help'|''-h''] | [ [''vlan_id''] [switch_port] ]
#                                       [ ['status' ['verbose'] ['diag'] ['del'['nvram']] ['vpn'[n]] ['vlanfw'] ['nodnsmasq'] ['autodnsmasq'] ['alias='vlan_alias] ['debug'] ['bridge'] ['tcqdisc']
#
#           VLANSwitch  200
#                       Switch port 4 will have vlan200 tagged to it
#           VLANSwitch  200 del
#                       Switch port 4 will have vlan200 removed
#           VLANSwitch  50 status
#                       Show the connected VLAN devices (or Bridge if VLAN is enslaved to one)
#           VLANSwitch  50 status verbose
#                       Show the vlan configuration and statistics etc.
#           VLANSwitch  20 3 vpn2
#                       Switch port 3 will have vlan20 tagged to it and will be forced via the VPN Client 2 (on bridge br2)
#                       and the alias will be taken from the VPN Client GUI 'description' if it exists (Firmware >v380.xx)
#                       or will be taken from '/etc/iproute2/rt_tables' e.g. 'ovpnc2'
#           VLANSwitch  30 vpn1 vlanfw
#                       Switch port 4 will have vlan30 tagged to it and will be forced via the VPN Client 1 (on bridge br1)
#                       Firewall rules will explicitly use vlan30 rather than vlan+
#           VLANSwitch  130 nodnsmasq
#                       Switch port 4 will have vlan130 tagged to it, and vlan130 does not need to exist in /etc/dnsmasq.conf
#           VLANSwitch  150 autodnsmasq
#                       Switch port 4 will have vlan150 tagged to it, and /jffs/configs/dnsmasq.conf.add will be modified
#                       NOTE: dnsmasq will be auto-restarted.
#           VLANSwitch  10 1 bridge notag
#                       Switch port 1 will ONLY be vlan10 (not a tagged port), and bridge br10 using vlan111 will be created.
#                       This method is for environments without additional downstream VLAN capable switches
#           VLANSwitch  10 1 bridge notag del
#                       Switch port 1 will have vlan10 removed, and bridge br10 will be deleted
#           VLANSwitch  10 1 bridge notag tcqdisc
#                       Switch port 1 will ONLY be vlan10 (not a tagged port), and bridge br10 using vlan111 will be created and 'tc qdisc' will be added
Click to expand...
 
You must log in or register to reply here.

Similar threads

R
Solved Help finding workarounds for a WiFi bridge repeater that doesn't support VLANs
Replies
3
Views
472
robca
R
S
Inter VLAN routing on GT-AX11000 Pro?
Replies
0
Views
203
ssm1234
S
P
Custom DNS for Guest Network Possible?
Replies
15
Views
1K
Rhialto
R
G
RT-AC86U VLAN-like modifications to guest network
Replies
19
Views
2K
pjd50
P
R
mDNS repeater with guest network/vlan
Replies
3
Views
1K
robca
R
Similar threads
Thread starter Title Forum Replies Date
A Solved Need help setting up DDNS for cloudflare Asuswrt-Merlin 4
C Solved Need help with nat-start scripts Asuswrt-Merlin 3
G Need help with VPN Asuswrt-Merlin 2
P Help with traffic filtering Asuswrt-Merlin 0
C Need some help with a DHCP problem Asuswrt-Merlin 9
S Help Required AC68U (TM-AC1900) troubleshooting after power outage Asuswrt-Merlin 3
C Need help with GT-AXE11000 and DNS Director Asuswrt-Merlin 0
Spydawg need help with network loop. Asuswrt-Merlin 9
J Help - duckdns has started returning an IPv6 IP address Asuswrt-Merlin 1
A Help Required Upgrading AC68U from Stock FW to Merlin Please? Asuswrt-Merlin 15

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 994 (members: 24, guests: 970)
Top