Differences

This shows you the differences between two versions of the page.

--- doc:appunti:hardware:gl_ar750 [2021/05/07 15:52] – [Configuring the switch from the command line] niccolo
+++ doc:appunti:hardware:gl_ar750 [2023/09/11 09:37] (current) – niccolo
@@ Line 1: / Line 1: @@
 ====== GL-iNet GL-AR750 Travel AC Router ======
+{{gl-inet-gl-ar750.jpg?direct&260|GL-AR750}}
 === Default IP address and password ===
@@ Line 18: / Line 21: @@
 ===== Configuring the switch from the command line =====
-The GL-AR750 contains a switch capable of VLAN: two ports are exposed to the to the outside as the **LAN 1** and **LAN 2** ports, the same switch has a port internally connected with the **CPU eth1**.
+The GL-AR750 contains a switch with 5 ports (numbered from #0 to #4) capable of VLANs: two ports are exposed to the to the outside as the **LAN 1** and **LAN 2** ports, the same switch has the port #0 internally connected with the **CPU eth1**.
+^ Port  ^ Connection  ^
+|  0    | Connected to **CPU eth0** at 1Gbit full-duplex.  |
+|  1    | Connected to **LAN 1** external port (toward the power socket).  |
+|  2    | Connected to **LAN 2** external port.  |
+|  3    | Not connected.  |
+|  4    | Not connected.  |
 The switch can be configured through the LuCI interface **Network** => **Switch** or using the **swconfig** tool from the command line. See the **[[https://openwrt.org/docs/techref/swconfig|OpenWRT documentation about swconfig]]**.
@@ Line 35: / Line 45: @@
 </code>
-To view only VLAN #1 settings:
+To view only **PORT #1** settings:
+<code>
+swconfig dev switch0 port 1 show
+Port 1:
+        enable_mirror_rx: 0
+        enable_mirror_tx: 0
+        pvid: 1
+        link: port:1 link:up speed:100baseT full-duplex auto
+</code>
+Notice the **pvid** parameter: when an untagged packet arrives to that port, it gets the VLAN #1 tag attacched.
+To view only **VLAN #1** settings:
 <code>
 swconfig dev switch0 vlan 1 show
+VLAN 1:
+        vid: 1
+        ports: 0t 1 2
 </code>
+In the example above, you can see that VLAN #1 is connected to port **#0 tagged**, to port **#1 untagged** and port **#2 untagged**.
 To change the port tagged/untagged/off state for VLAN #1:
@@ Line 46: / Line 74: @@
 swconfig dev switch0 vlan 1 set ports "0t 1"
 swconfig dev switch0 set apply
+</code>
+===== VLAN limitations =====
+There is a limit to **16 VLANs**, numbered from #0 to #15. Default configuration uses **VLAN #1** for **eth1.1** which is connected to bridge **br-lan**. This limitation is not visible from the LuCI web interface: any number greater than 15 will be silently accepted, but it will be not functional.
+You can view the actual switch configuration using:
+<code>
+swconfig dev switch0 show
+</code>
+You can check the limit issuing the following command (notice the error message):
+<code>
+swconfig dev switch0 vlan 16 set vid 16
+Failed to set attribute: Invalid input data or parameter
+</code>
+You cannot mix tagged and untagged VLAN on the same switch port.
+  * Only one port is allowed to carry untagged traffic for a specific VLAN.
+  * You cannot mix tagged and untagged VLAN on the same port. E.g. if a port carries untagged VLAN#10, the same port cannot carries tagged VLAN#11 (depending upon the order of the commands, the settings will be changed to carry buth as tagged).
+Limitation example #1: the **untagged VLAN#10** is **removed** from port **#1** and **#2**:
+<code>
+swconfig dev switch0 vlan 10 set ports "0t 1 2"
+swconfig dev switch0 vlan 11 set ports "0t 1 2"
+swconfig dev switch0 show
+...
+VLAN 10:
+        vid: 10
+        ports: 0t
+VLAN 11:
+        vid: 11
+        ports: 0t 1 2
+</code>
+Limitation example #2: the **untagged VLAN#10** is **changed to tagged** on **port #1** and it is removed from port **#2**:
+<code>
+swconfig dev switch0 vlan 10 set ports "0t 1 2"
+swconfig dev switch0 vlan 11 set ports "0t 1t 2"
+VLAN 10:
+        vid: 10
+        ports: 0t 1t
+VLAN 11:
+        vid: 11
+        ports: 0t 1t 2
+</code>
+===== Configuring a DMZ =====
+We used VLAN to configure a DMZ ... FIXME
+===== Configuration =====
+=== Change SSH Port ===
+From the LuCI interface:
+  * System => Administration => SSH Access
+    * Port:
+=== Install the tcpdump package ===
+From the command line:
+<code>
+opkg update
+# tcpdump-mini requires ??? kb:
+opkg install tcpdump-mini
+# coreutils-base64 requires 28 kb:
+opkg install coreutils-base64
+</code>
+=== Crontabs ===
+<code>
+crontab -e
+/etc/init.d/cron enable
+/etc/init.d/cron start
+ps | grep crond
 </code>
@@ Line 52: / Line 164: @@
   * **[[https://docs.gl-inet.com/en/3/setup/travel_ac_router/first-time_setup/|Getting Started with GL.iNet Travel AC Router]]**
   * **[[https://docs.gl-inet.com/en/2/troubleshooting/reset/|How to Repair / Reset]]**
+  * **[[https://openwrt.org/docs/guide-user/network/vlan/switch_configuration|OpenWRT VLAN]]**
+  * **[[https://openwrt.org/docs/techref/swconfig|OpenWRT swconfig]]**
+  * **[[https://forum.openwrt.org/t/loss-of-connection-when-changing-vlan-id/|Loss of connection when changing VLAN ID]]**