What's new

WAN Port VLAN Trunking

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

danjackson

New Around Here
Hi all,

I have the AC88U with latest Merlin. Currently, I send the WAN and LAN output from the Router into a switch (Microtik) which tags the VLAN's on the ports, sends it along another single port trunked to another switch. At this second switch the WAN and LAN is separated into a modem and more LAN ports respectively.

Is there a way to do this on ASUSWRT Merlin so that I can send LAN traffic on one VLAN and WAN traffic on another VLAN from the same port (preferably the WAN port but one of the others will also do).

Obviously this Router isn't designed to do this but given that the firmware gives me pretty much root access via SSH surely there's some way to get this to work even if its non persistent?

Thanks in advance :)

EDIT:
Might also be worth mentioning that I'm using PPPoE on the WAN port. So I'm looking to send PPPoE traffic tagged on VLAN x and LAN traffic tagged on VLAN y from the same port :)
 
Last edited:
An additional complication with the RT-AC88U is that 4 of the LAN ports use a different switch chip.

https://www.snbforums.com/threads/odd-rt-ac88u-port-assignments.40744/#post-342299

Actually that might make things easier, because that means that the difference between the LAN and WAN is software based if the WAN and LAN (1-4) ports share the same chip? Surely there's something I can do within like robocfg or iproute2 or something that will allow me to send VLAN x tags to PPPoE interface and VLAN y tags to br0 (I think it's br0 for LAN). Not quite sure how much control I've got over the switch chip but if necessary maybe I could passthrough the tagging on the switch and handle the tagging within Linux?
 
I figured it out!! Putting the solution up if anyone else wants to know.

It's really simple and I was over complicating it above.

It's all done within robocfg.

My original setup in robocfg was as below:

Code:
$ robocfg show
[...]
   1: vlan1: 0 1 2 3 5 7 8t
   2: vlan2: 4 8u

I wanted Port 4 (WAN Port) to have LAN and WAN traffic. The vlans are already configured on the switch all I had to do was tag them to trunk it.

VLAN 2 (The WAN vlan) needs: Port 4 tagged to send tagged egress traffic to the switch which then untags it for the modem and untagged traffic to the CPU:

Code:
$ robocfg vlan 2 ports "4t 8u"

VLAN 1 (The LAN vlan) needs: Port 4 tagged to send tagged egress traffic to the switch which then untags it for the modem and untagged traffic to the CPU & other switch ports:

Code:
$ robocfg vlan 1 ports "0 1 2 3 5u 7 4t 8t"

So I tested the above and it all works as expected!

Now robocfg looks like so:

Code:
$ robocfg show
[...]
   1: vlan1: 0 1 2 3 4t 5 7 8t
   2: vlan2: 4t 8u

I figured it out after I stumbled upon another post on here whilst looking up something completely different:

https://www.snbforums.com/threads/vlans-on-merlin-mini-howto.20529/page-2

Finally I have to make it persistent:

Code:
$ vi /jffs/scripts/init-start

#!/bin/sh

#WAN Port VLAN output

robocfg vlan 2 ports "4t 8u"
robocfg vlan 1 ports "0 1 2 3 5u 7 4t 8t"
exit 0

$ chmod +x /jffs/scripts/init-start

If I've done anything wrong please let me know :)
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top