Looking for testers for MerVLAN

[jksmurf]

Wireless backhaul is not possible here as the chips in these devices don't support it and strips the tags from the traffic.*

That’s an interesting note. I think @visortgw has VLAN assigned to Ethernet ports on nodes, with a wireless backhaul, so if that is correct, (not being facetious here) Asus must have found some way to make that work at least on 3006 VLAN capable HW. IIRC he posted some screenshots a while back showing the ability to be able to select a port in the node and assign a VLAN to it, over a wireless backhaul AIMesh node, as I quizzed him on this capability at the time.

But as far as I understand you this is probably what you want. A MerVLAN manager that has support for editing only nodes and then let the default Asus VLAN manager pick that up and route it.

I think so yes. I’m ultimately an end user, I’m not an IT person in any way shape or form, so at the moment I’m just spotting huge potential in your work that might overcome some current limitations of 3004 hardware or 3006 hardware that is not VLAN-capable.

 

[penguin22]

I believe that runs contrary to how Guest Network Pro runs in conjunction with AiMesh under the 3006.xx firmware: if both your main router and nodes are on 3006.xx, when you create a VLAN using Guest Network Pro on the main router those VLAN ID tags can be assigned to wireless clients connecting to an AiMesh node and will survive all the way to the main router if you're using the wireless backhaul option. I run wired backhauls so I cannot confirm this personally but I believe we've got people on this forum doing this.

I run wired backhauls and can confirm that VLAN tagging of per network works all the way back to the main router per the SSID the client connects to, as they are associated. Also, tagging an individual wired port on a GNP supporting Mesh node also maintains the proper VLAN (access or trunk as needed).

At one point, I also created an additional network without wireless and was able to wire a device connected to the respective VLAN with no SSID association. Though I did so on the main router and have moved past this using a static DHCP assignment in my primary IoT network instead with IPTables for access (vs full VLAN access), this would presumably extend to a GNP supporting node with no wireless associated.

 

[jksmurf]

tagging an individual wired port on a GNP supporting Mesh node

Just a note on this terminology as whilst the lists are very close (and maybe should even match), the list of “GNP supporting nodes” and “VLAN capable” nodes (my terminology not Asus) are not identical.

Best explained in this post but Asus in their wisdom have two separate lists for each.

Asus Guest Network = Prolly Other Solution

For short we'll just call the guest network title "POS" and move on. Before somebody challenges this, a few things: 1) Base setup was done with only one router that was factory reset and running latest firmware. 2) It's not like configuring it is hard, it's that it doesn't work. A...

www.snbforums.com

Summary copied from that post.

A quick comparison between both lists (see original post for links) suggests (currently):

• Routers that do both GNP and VLAN: Many (most?) of the high-end and newer models (like the GT-BE, RT-AX88U Pro, RT-BE series) support both features.
• GNP only: A few specific models like the GS-BE7200X and RT-BE58 Go, although the recently released RT-BE58 Go e.g., may just be an oversight as its predecessor the RT-AX57 Go is on the VLAN list too.
• VLAN only: Primarily some specific business models (EB-series) and a couple of high-end gaming routers (GT-AX11000 Pro, GT-AXE16000). I am dubious about these missing from the GNP list TBH, might just be Asus failing to update properly, hopefully others can say “model X on the VLAN list actually supports GNP as well”.

 

[r80xcore]

Just a note on this terminology as whilst the lists are very close (and maybe should even match), the list of “GNP supporting nodes” and “VLAN capable” nodes (my terminology not Asus) are not identical.

Best explained in this post but Asus in their wisdom have two separate lists for each.

Asus Guest Network = Prolly Other Solution

For short we'll just call the guest network title "POS" and move on. Before somebody challenges this, a few things: 1) Base setup was done with only one router that was factory reset and running latest firmware. 2) It's not like configuring it is hard, it's that it doesn't work. A...

www.snbforums.com

Summary copied from that post.

A quick comparison between both lists (see original post for links) suggests (currently):

• Routers that do both GNP and VLAN: Many (most?) of the high-end and newer models (like the GT-BE, RT-AX88U Pro, RT-BE series) support both features.
• GNP only: A few specific models like the GS-BE7200X and RT-BE58 Go, although the recently released RT-BE58 Go e.g., may just be an oversight as its predecessor the RT-AX57 Go is on the VLAN list too.
• VLAN only: Primarily some specific business models (EB-series) and a couple of high-end gaming routers (GT-AX11000 Pro, GT-AXE16000). I am dubious about these missing from the GNP list TBH, might just be Asus failing to update properly, hopefully others can say “model X on the VLAN list actually supports GNP as well”.

From what I've read it seems that Asus are tunneling the SSID vlans from the wireless nodes. This would from my understanding effectively strip any 802.1Q tags that was applied before traversing the wireless backhaul. Can anyone confirm this?

 

[jksmurf]

From what I've read it seems that Asus are tunneling the SSID vlans from the wireless nodes. This would from my understanding effectively strip any 802.1Q tags that was applied before traversing the wireless backhaul. Can anyone confirm this?

I don’t have that setup yet (planned when I get to my remote network in a few weeks time), but hopefully @visortgw can advise.

 

[visortgw]

I don’t have that setup yet (planned when I get to my remote network in a few weeks time), but hopefully @visortgw can advise.

Not sure that I understand the question completely. Asus uses the same VLAN (802.1Q) tags as used by wifi guest networks to segregate traffic when configuring VLANs on wired ports.

FYI, I have not configured VLANs for wired ports on a node with wireless backhaul. Only one of my four AiMesh nodes uses wireless backhaul, specifically 6 GHz. I only have wireless clients connected to that node.

 

[jksmurf]

FYI, I have not configured VLANs for wired ports on a node with wireless backhaul. Only one of my four AiMesh nodes uses wireless backhaul, specifically 6 GHz. I only have wireless clients connected to that node.

Hi @visortgw, oh I see, thanks for coming back on that. I knew I’d asked about the wireless part but revisiting it, it was @OzarkEdge that suggested it might work and was not actually you that confirmed it did. Be interesting all the same.

Switch capabilities of AiMesh Nodes?

A recent thread (a very interesting one) started me off thinking about how under-utilized nodes appear to be, for 3006 FW based nodes in particular. I am reasonably sure I know what the answer is, but bear with me while I muse and ramble and throw my toys out of the pram. I’m starting to look...

www.snbforums.com

 

[Seth Harman]

Not sure that I understand the question completely. Asus uses the same VLAN (802.1Q) tags as used by wifi guest networks to segregate traffic when configuring VLANs on wired ports.

FYI, I have not configured VLANs for wired ports on a node with wireless backhaul. Only one of my four AiMesh nodes uses wireless backhaul, specifically 6 GHz. I only have wireless clients connected to that node.

The question is whether running Guest Network Pro using AiMesh nodes that use wireless backhaul works for wireless clients connecting to a VLAN SSID at the AiMesh node and maintains their VLAN tagging across the wireless backhaul.

 

[visortgw]

Hi @visortgw, oh I see, thanks for coming back on that. I knew I’d asked about the wireless part but revisiting it, it was @OzarkEdge that suggested it might work, nit you that confirmed it did. Be interesting all the same.

Switch capabilities of AiMesh Nodes?

A recent thread (a very interesting one) started me off thinking about how under-utilized nodes appear to be, for 3006 FW based nodes in particular. I am reasonably sure I know what the answer is, but bear with me while I muse and ramble and throw my toys out of the pram. I’m starting to look...

www.snbforums.com

So... I just temporarily disconnected wired backhaul from GT-AX6000 AiMesh node — it failed over to 5 GHZ wireless backhaul. VLAN configuration for wired ports remained intact. Wireless backhaul works as well as wired backhaul.

 

[visortgw]

The question is whether running Guest Network Pro using AiMesh nodes that use wireless backhaul works for wireless clients connecting to a VLAN SSID at the AiMesh node and maintains their VLAN tagging across the wireless backhaul.

It appears that it does — everything remained intact when I temporarily failed over to 5 GHz wireless backhaul (i.e., removed Ethernet cable from WAN port of AiMesh node).

 

[jksmurf]

VLAN configuration for wired ports remained intact. Wireless backhaul works as well as wired backhaul.

Wow. Very, very cool. Thanks for testing that, great data point and baseline to go forward .

 

[Seth Harman]

It appears that it does — everything remained intact when I temporarily failed over to 5 GHz wireless backhaul (i.e., removed Ethernet cable from WAN port of AiMesh node).

In your first post you specifically said "VLAN configuration for wired ports remained intact." Can you confirm it's the same for VLAN clients that are connecting to the node wirelessly?

 

[visortgw]

In your first post you specifically said "VLAN configuration for wired ports remained intact." Can you confirm it's the same for VLAN clients that are connecting to the node wirelessly?

In my mind, clients connecting to the node wirelessly were never in question since VLAN assignment is dictated by the Guest Network Pro configuration for the guest network — I have never had any issues with this with either wired or wireless backhaul.

 

[Seth Harman]

In my mind, clients connecting to the node wirelessly were never in question since VLAN assignment is dictated by the Guest Network Pro configuration for the guest network — I have never had any issues with this with either wired or wireless backhaul.

Thanks for confirming. So if I understand everything correctly, @r80xcore is saying at this point he's figured out a way to get non-Pro routers to do LAN port VLAN tagging when they're used as APs, which in itself is obviously useful. The question now is if it's possible to install an add-on on the main router and have it fling any required code out to AiMesh nodes to enable/operate/maintain this in a GNP scenario. I know you can't log into the web UI of AiMesh nodes since you just get redirected to the main router address, but you can certainly SSH directly into nodes so any initial setup that would require the creation of things like shell scripts on the nodes can certainly be done. If this can be done as a main router add-on only, or that plus the addition of some very simple steps after SSH'ing into a node this would be a game-changer for anyone using Guest Network Pro and needs wired clients working in VLANs, and has nodes that are not Pro-series.

 

[jksmurf]

at this point he's figured out a way to get non-Pro routers to do LAN port VLAN tagging when they're used as APs

Yippee!

"... it is designed to work with most newer (officially supported by Merlin/Gnuton) single access point (AP) mode routers and mesh AP systems." and "...VLAN Manager fully supports AiMesh, but only when the nodes are connected via Ethernet backhaul" this means not just APs, also AiMesh nodes presumably, which is great! Limited by Ethernet backhaul only though.

this would be a game-changer for anyone using Guest Network Pro and needs wired clients working in VLANs, and has nodes that are not Pro-series.

Absolutely; like I said above, "huge potential". Wonder whether that next step to wireless backhaul to nodes is a remote possibility ....