1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

    Dismiss Notice
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

WAN Port VLAN Trunking

Discussion in 'Asuswrt-Merlin' started by danjackson, Sep 11, 2019.

Tags:
  1. danjackson

    danjackson New Around Here

    Joined:
    Aug 1, 2017
    Messages:
    6
    Hi all,

    I have the AC88U with latest Merlin. Currently, I send the WAN and LAN output from the Router into a switch (Microtik) which tags the VLAN's on the ports, sends it along another single port trunked to another switch. At this second switch the WAN and LAN is separated into a modem and more LAN ports respectively.

    Is there a way to do this on ASUSWRT Merlin so that I can send LAN traffic on one VLAN and WAN traffic on another VLAN from the same port (preferably the WAN port but one of the others will also do).

    Obviously this Router isn't designed to do this but given that the firmware gives me pretty much root access via SSH surely there's some way to get this to work even if its non persistent?

    Thanks in advance :)

    EDIT:
    Might also be worth mentioning that I'm using PPPoE on the WAN port. So I'm looking to send PPPoE traffic tagged on VLAN x and LAN traffic tagged on VLAN y from the same port :)
     
    Last edited: Sep 11, 2019
  2. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    10,577
    Location:
    UK
  3. danjackson

    danjackson New Around Here

    Joined:
    Aug 1, 2017
    Messages:
    6
    Actually that might make things easier, because that means that the difference between the LAN and WAN is software based if the WAN and LAN (1-4) ports share the same chip? Surely there's something I can do within like robocfg or iproute2 or something that will allow me to send VLAN x tags to PPPoE interface and VLAN y tags to br0 (I think it's br0 for LAN). Not quite sure how much control I've got over the switch chip but if necessary maybe I could passthrough the tagging on the switch and handle the tagging within Linux?
     
  4. danjackson

    danjackson New Around Here

    Joined:
    Aug 1, 2017
    Messages:
    6
    I figured it out!! Putting the solution up if anyone else wants to know.

    It's really simple and I was over complicating it above.

    It's all done within robocfg.

    My original setup in robocfg was as below:

    Code:
    $ robocfg show
    [...]
       1: vlan1: 0 1 2 3 5 7 8t
       2: vlan2: 4 8u
    I wanted Port 4 (WAN Port) to have LAN and WAN traffic. The vlans are already configured on the switch all I had to do was tag them to trunk it.

    VLAN 2 (The WAN vlan) needs: Port 4 tagged to send tagged egress traffic to the switch which then untags it for the modem and untagged traffic to the CPU:

    Code:
    $ robocfg vlan 2 ports "4t 8u"
    VLAN 1 (The LAN vlan) needs: Port 4 tagged to send tagged egress traffic to the switch which then untags it for the modem and untagged traffic to the CPU & other switch ports:

    Code:
    $ robocfg vlan 1 ports "0 1 2 3 5u 7 4t 8t"
    So I tested the above and it all works as expected!

    Now robocfg looks like so:

    Code:
    $ robocfg show
    [...]
       1: vlan1: 0 1 2 3 4t 5 7 8t
       2: vlan2: 4t 8u
    
    I figured it out after I stumbled upon another post on here whilst looking up something completely different:

    https://www.snbforums.com/threads/vlans-on-merlin-mini-howto.20529/page-2

    Finally I have to make it persistent:

    Code:
    $ vi /jffs/scripts/init-start
    
    #!/bin/sh
    
    #WAN Port VLAN output
    
    robocfg vlan 2 ports "4t 8u"
    robocfg vlan 1 ports "0 1 2 3 5u 7 4t 8t"
    exit 0
    
    $ chmod +x /jffs/scripts/init-start
    
    If I've done anything wrong please let me know :)
     
    L&LD likes this.