NOTE: I’ve labelled the tagged VLANs as eth0.0 and eth0.1 on the following diagram which is a standard way of representing VLANs as subinterfaces on eth0 in routing BUT this is not the way that dd-wrt documentation represents them. The person from the above community post actually created another diagram to ease the above explanation:ĭon’t get hung up on the eth0.x VLAN representations, from the same article:
Lastly, the wireless port eth1 (because it is not part of the switch) is bridged (using br0) to VLAN0 and is treated the same as any other port of the switch. Traffic between the two VLANs is controlled by the router using iptables and ip route commands. In order for the trunk to identify which VLAN the data belongs to, the data frame is tagged with the VLAN number. A trunk is a connection that allows multiple VLAN traffic to pass through. The connection between the switch (port 5) and the router (eth0) is called a trunk. VLAN0 is LAN traffic (ports 0-3) and VLAN1 is WAN traffic (port 4). To separate the WAN traffic from the LAN traffic, the switch is divided into virtual LANs called VLANs. The switch’s ports are divided into port 0-3 (physical LAN ports are numbered differently) for the local LAN and Port 4 for the WAN. There is actually a good community post on simplifying the above article, here are the important excerpts: However, DD-WRT by default does not use routing logic per se to move traffic between vlan0, and eth1 rather, it employs a bridge device - who’s interface is called br0 - that logically combines vlan0, and eth1 into a single interface. This interface, which is not part of the switch, is available to routing logic just as eth0 and the vlans are. The wireless device is on a separate interface called eth1. Vlan1, is the one on which the WAN socket resides.Īnd here is more information regarding the wireless device: Vlan0, is the one on which all of the numbered (1-4) RJ45 sockets on the back belong to. Within the switch entity there are defined two VLANs - vlan0 and vlan1. You will notice the vlans don’t match but those are just representations. There is an excellent description of how networking is setup on the DD-WRT router here, here is a picture from that article: #DDWRT 3 FIREWALL BUILDER FULL#
When we SSH over to a DD-WRT router we are actually not seeing the full picture. Both vlan1 and vlan2 are going through eth0: So we have two physical interface: eth0 and eth1. Link/ether 82:60:9c:xx:xx:xx brd ff:ff:ff:ff:ff:ff
Link/ether 98:fc:11:xx:xx:xx brd ff:ff:ff:ff:ff:ffħ: : mtu 1500 qdisc noqueueĨ: : mtu 1500 qdisc noqueue DD-WRT Network InterfacesĬhecking out all the interfaces I see the following: We can see that vlan2 is used as our public facing interface and br0 is used as the internal interface. There are a lot after that, but they are just empty chains. Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
0 kommentar(er)
