Turris logo

User Tools

Site Tools

This documentation is no longer maintained by the Turris team (although it can be used by the community to share content). The current official documentation is at docs.turris.cz.
You are here: Project: Turris » Archive and community documentation » Official documentation for Turris OS 3.x » Configuring internal VLANs - Omnia

Table of Contents

This documentation applies only Turris OS 3.x that is no longer present in newly sold routers. The new documentation is located at https://docs.turris.cz/.

Configuring internal VLANs - Omnia

This manual is only valid for Turris Omnia on Turris OS 3.x.
In Turris OS 4.x, the WAN is connected to eth2 interface and for LAN, there are interfaces eth0 and eth1.

When setting VLAN on Turris Omnia, it is good to first have an understanding of the hardware setup and the interconnection of individual components. See the following schema:

The processor of the router Turris Omnia (SoC, Armada 385) has 3 network interfaces. In the system they are eth0, eth1 and eth2. Interface eth1 is connected directly to WAN on the back side of the router, the interfaces eth0 and eth2 are connected to the switch-chip, specifically to ports 5 and 6, and their assignment to the connectors LAN0LAN4 can be configured.

Default configuration

The router is by default configured so that the LAN4 connector is assigned to the eth2 interface. The rest of the connectors (LAN0LAN3) are connected via the interface eth0. See the following file:

/etc/config/network
config interface 'loopback'
      option ifname 'lo'
      option proto 'static'
      option ipaddr '127.0.0.1'
      option netmask '255.0.0.0'
 
config globals 'globals'
      option ula_prefix 'auto'
 
config interface 'lan'
      option ifname 'eth0 eth2'
      option type 'bridge'
      option proto 'static'
      option ipaddr '192.168.1.1'
      option netmask '255.255.255.0'
      option ip6assign '60'
 
config interface 'wan'
      option ifname 'eth1'
      option proto 'dhcp'
 
config interface 'wan6'
      option ifname '@wan'
      option proto 'dhcpv6'
 
config switch
      option name 'switch0'
      option reset '1'
      option enable_vlan '1'
 
config switch_vlan
      option device 'switch0'
      option vlan '1'
      option ports '0 1 2 3 5'
 
config switch_vlan
      option device 'switch0'
      option vlan '2'
      option ports '4 6'

From looking at the last two blocks of config switch_vlan, it should be clear that two VLANs are set up. In the first block VLAN1 is defined as the connection of ports 0 1 2 3 5 to the switch-chip. Port5, as can be seen in the schema above, goes with interface eth0, ports 0 to 3 go with the corresponding physical connectors LAN0LAN3. So, if an ethernet cable is connected to any connector LAN0 to LAN3, the given data flow can be seen on the interface eth0. The same goes for the interface br-lan, because eth0 are eth2 connected via bridge - see block config interface 'lan' .

Analogous to that is the system in the next block config switch_vlan: VLAN2 goes with port6 (and so also the interface eth2) and port4, which is physically connected to LAN4.

VLAN

It should be visible from the previous section that eth2 and eth0 represent VLANs with the names VLAN1 and VLAN2. It is also possible to add more VLANs, see the following example (mentioned are only blocks for config switch_vlan):

/etc/config/network
config switch_vlan
      option device 'switch0'
      option vlan '1'
      option ports '5t 0 1'
 
config switch_vlan
      option device 'switch0'
      option vlan '2'
      option ports '4 6'
 
config switch_vlan
      option device 'switch0'
      option vlan '3'
      option ports '5t 2 3'

VLAN2 stayed the same as in the previous example (it connects the interface eth2 with the connector LAN4. VLAN1 now contains port5 (interface eth0), port0 (and so connector LAN0) and port1 (corresponds with connectors LAN1). Notice that port5 is tagged (5t), which is necessary, because port5 (interface eth0) is used as a link between the switch-chip and the processor for VLAN1 and also forVLAN3. The last block is to be understood analogously.

For managing the correct functioning of the set-up VLANs, it is necessary to change the block config interface 'lan' . For example like this:

/etc/config/network
config interface 'lan'
    option ifname 'eth0.1 eth2'
    option type 'bridge'
    option proto 'static'
    option ipaddr '192.168.1.1'
    option netmask '255.255.255.0'
    option ip6assign '60'
 
config interface 'lan-2'
    option ifname 'eth0.3'
    option type 'bridge'
    option proto 'static'
    option ipaddr '10.0.0.1'
    option netmask '255.255.255.0'

Notice that in block 'lan' we changed eth0 to eth0.1, which signifies VLAN1 on interface eth0. We also created a new network 'lan-2' with static allocation to which we connected VLAN3 and so also the physical connectors LAN2 and LAN3 (see previous VLAN setting and the above schema).

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International