[RFC PATCH v2 0/1] Introduce UCI support for configuring DSA VLAN filter rules

Jo-Philipp Wich jo at mein.io
Fri Jul 24 12:44:01 EDT 2020


Hi Felix,

> [...]
> 
> For a simple default config, you could have this:
> 
> # network
> config device
        option type bridge  # I assume this is needed as well
> 	option name switch0
> 	
> config bridge-vlan
> 	option vlan 1
> 	option ports "lan1 lan2 lan3 lan4"
> 
> config interface lan
> 	option ifname switch0.1
> 
> 
> # wireless
> 
> config wifi-iface
> 	option network lan
> 
> 
> In this case, wlan0 would be added to switch0 and set to VLAN 1 untagged
> by default.
> 
> If you want it on VLAN 10 tagged/PVID instead, you could do:
> 	option network-vlan "10:t*"
> 
> 
> What do you think?

I did think about it some more, also in context of a LuCI implementation and
the special role of wifi and I am convinced now that this approach generally
makes sense.

However for the vlan I wonder if we should simply use "option vid 10" since
setting anything besides an egress untagged pvid does not make sense for wifi.

So your second example above would become:

  config wifi-iface
    option network lan
    option vid 10  # instead of inheriting vid 1, use 10 as pvid


Also, just to clarify... assuming a:

  config interface foo
    option ifname somevlanbridge0.456

and an wifi iface without an explicit vid override:

  config wifi-iface
    option network foo

... we would inherit vid 456 and set as pvid, right? Or are we are always
going to default to 1?


Regards,
Jo

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20200724/17608ff2/attachment.sig>


More information about the openwrt-devel mailing list