After upgrading the routers in my home network to the latest openwrt-22.03
version, one of my routers, the avm 7360sl, moved to the new
distributed switch architecture (DSA).
In my home network I currently run two separate networks each with their own
VLANs and an additional access point (archer c7) to extend the wifi
range. The access point and the avm router are connected via tagged ports
transferring tagged ethernet packets (VLAN trunk).
In the figure below the network setup is shown.
Since the avm box moved from swconfig to DSA I had to migrate my
current VLAN setup on the avm box.
The description below documents this setup, and may be of help to anybody :^)
AVM 7360SL
With DSA the switch ports appear as own devices, here the lanX devices.
VLANs are directly configured on the bridge devices and appear as sub-devices
of the bridge. See above, the br-lan.10 and br-lan.20 which correspond to
the VLANs 10 and 20.
The Local setting of the VLAN controls if the corresponding sub-device is
created or not.
The lan1 port is configured as tagged (T) for our VLANs. This means for outgoing packets the VLAN tag is not removed and incoming packets should be tagged. Additionally, we configured that incoming packets that are untagged should be tagged with VLAN 99 primary VLAN (U|*). This port is used as VLAN trunk to connect the access point.
For the configuration nothing has changed, besides using the new bridge sub-devices.
Archer C7
For completeness of the setup, the following shows the configuration of the access point.
The access point defines two networks lan and guest similar to the networks
defined on the router above. The interfaces bridge the following devices
together:
- br-lan: eth0.10 + home wifi
- br-guest: eth0.20 + guest wifi
NOTE: The
guestinterface is setup asunmanagedbecause it does not need an IP address, since nobody connected to the guest network should be able to connect to the access point. The access point also does not define any firewall rules, as all firewall rules are centrally defined on the avm box.
The switch is configured as shown below. The two interesting configurations are that the CPU (eth0) interface is tagged for all VLANs and that the LAN1 port is tagged as well.
Similar to the avm setup above, the LAN1 port is tagged for our VLANs and hence used as VLAN trunk to connect to the avm router.
The eth0 port is tagged, such that we get sub-devices eth0.10 and eth0.20 for use in our different networks.
