Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#2994 - MT7621 DSA: no VLAN tags on egress... #8741

Closed
openwrt-bot opened this issue Apr 11, 2020 · 4 comments
Closed

FS#2994 - MT7621 DSA: no VLAN tags on egress... #8741

openwrt-bot opened this issue Apr 11, 2020 · 4 comments
Labels

Comments

@openwrt-bot
Copy link

dl3it:

create an interface:

ip link add link lan1 name lan1.117 type vlan id 117
ip link set lan1 up
ip link set lan1.117 up
ip addr add 192.168.117.7/24 dev lan1.117

Sniffing with tcpdump on LAN1, tcpdump -i lan1 -e, it claims that the packets on egress are tagged.
Sniffing with a PC on the network, the packets from the router are untagged. Packets are not forwarded by VLAN activated switch.
Ingress works as expected.
Same behaviour for all interfaces type IFACEx.VID, so also bridges, e.g. br0.117...

Kernel:

[ 0.000000] Linux version 5.4.31 (dl3it-mi3g@mySpace) (gcc version 8.4.0 (Ope
nWrt GCC 8.4.0 r12869-85aef6f627)) #0 SMP Thu Apr 9 07:54:02 2020
[ 0.000000] SoC Type: MediaTek MT7621 ver:1 eco:3
[ 0.000000] printk: bootconsole [early0] enabled
[ 0.000000] CPU0 revision is: 0001992f (MIPS 1004Kc)
[ 0.000000] MIPS: machine is Xiaomi Mi Router 3G v2

@openwrt-bot
Copy link
Author

n8v8R:

The correct method for VLAN management of DSA ports (switch downstream ports) is via the bridge v command [1 | 2]

[1] [[https://www.linux.org/docs/man8/bridge.html]]
[2] [[https://www.kernel.org/doc/html/latest/networking/dsa/configuration.html]]

@openwrt-bot
Copy link
Author

dl3it:

I want to create a trunk port.
SWCONFIG-style:
117: 3t 6t
118: 3t 6t
119: 3t 6t
...
3->lan1, 6->cpu

But let's start for the beginning with a single port.

I followed the examples you linked.

#!/bin/ash

tag traffic on CPU port

ip link add link eth0 name eth0.117 type vlan id 117

The master interface needs to be brought up before the slave ports.

ip link set eth0 up
ip link set eth0.117 up

bring up the slave interfaces

ip link set lan1 up

create bridge

ip link add name br0 type bridge

activate VLAN filtering

ip link set dev br0 type bridge vlan_filtering 1

add ports to bridges

ip link set dev lan1 master br0

tag traffic on ports

bridge vlan add dev lan1 vid 117

configure the VLANs

ip addr add 192.168.117.7/24 dev eth0.117

bring up the bridge devices

ip link set br0 up

result:

root@OpenWrt:/# bridge v s
port vlan ids
lan1 1 PVID Egress Untagged
117

br0 1 PVID Egress Untagged

root@OpenWrt:/#

packets are transmitted now correctly, but ping doesn't work. The answer is seen by lan1, br0 and eth0. eth0.117 sees nothing than the sent packets.
eth0 sees the sent packets tagged, the received packets untagged. So, bad luck for eth0.117

any ideas ?

@openwrt-bot
Copy link
Author

dl3it:

I forgot:
8: eth0.117@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether 50:d2:f5:26:b3:9e brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 0 maxmtu 65535
vlan protocol 802.1Q id 117 <REORDER_HDR> addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
9: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether 50:d2:f5:26:b3:9e brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 68 maxmtu 65535
bridge forward_delay 1500 hello_time 200 max_age 2000 ageing_time 30000 stp_state 0 priority 32768 vlan_filtering 1 vlan_protocol 802.1Q bridge_id 8000.50:D2:F5:26:B3:9E designated_root 8000.50:D2:F5:26:B3:9E root_port 0 root_path_cost 0 topology_change 0 topology_change_detected 0 hello_timer 0.00 tcn_timer 0.00 topology_change_timer 0.00 gc_timer 137.71 vlan_default_pvid 1 vlan_stats_enabled 0 vlan_stats_per_port 0 group_fwd_mask 0 group_address 01:80:c2:00:00:00 mcast_snooping 1 mcast_router 1 mcast_query_use_ifaddr 0 mcast_querier 0 mcast_hash_elasticity 16 mcast_hash_max 4096 mcast_last_member_count 2 mcast_startup_query_count 2 mcast_last_member_interval 100 mcast_membership_interval 26000 mcast_querier_interval 25500 mcast_query_interval 12500 mcast_query_response_interval 1000 mcast_startup_query_interval 3124 mcast_stats_enabled 0 mcast_igmp_version 2 mcast_mld_version 1 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535

@openwrt-bot
Copy link
Author

n8v8R:

Since this being a bug tracker and the initially reported issue seems resolved I am not sure this is the right place for an extended discourse on VLAN management of DSA ports. Perhaps the OpenWrt forum might be a more suitable place (see existing DSA threads there)?

Just briefly thus:

  • not sure whether the virtual interface (e.g. eth0.117) is supposed to be responding to pings (considering how it is constructed from the underlying physical interface)
  • port 6 (my understanding switch port facing the CPU) is not exposed by DSA (by design) and contrary to former switchconf does not require tag management

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant