Table of Contents
This documentation applies only Turris OS 3.x that is no longer present in newly sold routers. The new documentation is located at https://docs.turris.cz/.
Configuring internal VLANs - Omnia
This manual is only valid for Turris Omnia on Turris OS 3.x.
In Turris OS 4.x, the WAN is connected to eth2 interface and for LAN, there are interfaces eth0 and eth1.
When setting VLAN on Turris Omnia, it is good to first have an understanding of the hardware setup and the interconnection of individual components. See the following schema:
The processor of the router Turris Omnia (SoC, Armada 385) has 3 network interfaces. In the system they are eth0, eth1 and eth2. Interface eth1 is connected directly to WAN on the back side of the router, the interfaces eth0 and eth2 are connected to the switch-chip, specifically to ports 5 and 6, and their assignment to the connectors LAN0 – LAN4 can be configured.
Default configuration
The router is by default configured so that the LAN4 connector is assigned to the eth2 interface. The rest of the connectors (LAN0 – LAN3) are connected via the interface eth0. See the following file:
- /etc/config/network
config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config globals 'globals' option ula_prefix 'auto' config interface 'lan' option ifname 'eth0 eth2' option type 'bridge' option proto 'static' option ipaddr '192.168.1.1' option netmask '255.255.255.0' option ip6assign '60' config interface 'wan' option ifname 'eth1' option proto 'dhcp' config interface 'wan6' option ifname '@wan' option proto 'dhcpv6' config switch option name 'switch0' option reset '1' option enable_vlan '1' config switch_vlan option device 'switch0' option vlan '1' option ports '0 1 2 3 5' config switch_vlan option device 'switch0' option vlan '2' option ports '4 6'
From looking at the last two blocks of config switch_vlan, it should be clear that two VLANs are set up. In the first block VLAN1 is defined as the connection of ports 0 1 2 3 5 to the switch-chip. Port5, as can be seen in the schema above, goes with interface eth0, ports 0 to 3 go with the corresponding physical connectors LAN0 – LAN3. So, if an ethernet cable is connected to any connector LAN0 to LAN3, the given data flow can be seen on the interface eth0. The same goes for the interface br-lan, because eth0 are eth2 connected via bridge - see block config interface 'lan' .
Analogous to that is the system in the next block config switch_vlan: VLAN2 goes with port6 (and so also the interface eth2) and port4, which is physically connected to LAN4.
VLAN
It should be visible from the previous section that eth2 and eth0 represent VLANs with the names VLAN1 and VLAN2. It is also possible to add more VLANs, see the following example (mentioned are only blocks for config switch_vlan):
- /etc/config/network
config switch_vlan option device 'switch0' option vlan '1' option ports '5t 0 1' config switch_vlan option device 'switch0' option vlan '2' option ports '4 6' config switch_vlan option device 'switch0' option vlan '3' option ports '5t 2 3'
VLAN2 stayed the same as in the previous example (it connects the interface eth2 with the connector LAN4. VLAN1 now contains port5 (interface eth0), port0 (and so connector LAN0) and port1 (corresponds with connectors LAN1). Notice that port5 is tagged (5t), which is necessary, because port5 (interface eth0) is used as a link between the switch-chip and the processor for VLAN1 and also forVLAN3. The last block is to be understood analogously.
For managing the correct functioning of the set-up VLANs, it is necessary to change the block config interface 'lan' . For example like this:
- /etc/config/network
config interface 'lan' option ifname 'eth0.1 eth2' option type 'bridge' option proto 'static' option ipaddr '192.168.1.1' option netmask '255.255.255.0' option ip6assign '60' config interface 'lan-2' option ifname 'eth0.3' option type 'bridge' option proto 'static' option ipaddr '10.0.0.1' option netmask '255.255.255.0'
Notice that in block 'lan' we changed eth0 to eth0.1, which signifies VLAN1 on interface eth0. We also created a new network 'lan-2' with static allocation to which we connected VLAN3 and so also the physical connectors LAN2 and LAN3 (see previous VLAN setting and the above schema).
