[RFC PATCH v2 0/1] Introduce UCI support for configuring DSA VLAN filter rules

Luiz Angelo Daros de Luca luizluca at gmail.com
Tue Jul 14 17:07:25 EDT 2020

> > config bridge br-lan <- the real bridge device name
> This is invalid uci syntax, dashes are not allowed. It also duplicates "config
> device" with "option type bridge".

Yes, "config device" is better. If used, a wireless definition would
now reference a device
and not an interface.

> >   option type "auto" # use the best way to merge every ports
> What possible ways would there be?

The bridge type to use. It could be a software bridge, DSA,
<del>swconfig</del>, openvswitch.
But with a device section, "option type 'openvswitch'" might already cover it.

> It might be a matter of taste but personally I don't see what is easier about
> it. The main change seems to be that instead by VLAN ID, your proposal groups
> the port memberships by bridge. So instead having a vlan section that attaches
> ports to a bridge, you declare a bridge containing ports with their respective

A bridge is a broader concept than a vlan inside a switch. It might
include ports that
use different vlans (although not very common) or devices outside the switch.
Linux configures DSA using the bridge concept and not vlans. I think using vlan
would simply make it harder to map or limit what you can do with it.

I'm still ignorant about DSA and all I know is only from docs. Would
it be possible
to simply connect any ethernet device to a DSA bridge? Something like:

ip link add name br0 type bridge
ip link set dev lan1 master br0
ip link set dev lan2 master br0
ip link set dev lan3 master br0
ip link set dev usb0 master br0

> > The main points are to split L2 and L3 confs, split port list into
> > individual options and let the system decide the best way to implement
> > the proposed setup.
> Point 1 is already doable, point 2 can be easily added (in fact changing
> "option ports 'lan1 lan2 lan3'" to "list ports lan1; list ports lan2; list
> ports lan3" is possible without changing any code).
> I disagree with point 3. Having a network config that automagically translates
> into different things on different boards makes debugging potential issues
> very hard. The uci network config is too low level for that imho.

You are right. It would not be nice to have too much implicit
configuration. A more complex
setup might use a device that references other devices.


     Luiz Angelo Daros de Luca
            luizluca at gmail.com

More information about the openwrt-devel mailing list