OpenWrt DSA Mini-Tutorial

John Thomson lists at johnthomson.fastmail.com.au
Mon Jul 19 00:08:03 PDT 2021


On Sun, 18 Jul 2021, at 20:45, Rich Brown wrote:
> I have updated the DSA Mini-tutorial in the playground: 
> https://openwrt.org/playground/richb/dsa-mini-tutorial
> 
> I finished the first section ("Bridging all LAN ports"), and I am going 
> to stop editing now, because:
> 
> 1) I need someone else to look at the overall format of the document
> 2) I made some bold assertions and simplifications of the language in 
> the document. But because I don't really understand DSA, I may be 
> totally wrong...
> 3) If it's not right, we won't have to patch up the remainder, that is 
> substantially unchanged from the Forum post.
> 
> Please check it out and either change it, or let me know what needs to 
> be fixed. Thanks.

Hi Rich,

Thank you for putting this together.
I had a skim through it, and was rather confused when I got to bridge-vlan,
but ended up learning more.
Could we please introduce bridge-vlan in the guide,
and also document it in throughout the wiki:
https://openwrt.org/docs/guide-user/network/ucicheatsheet
https://openwrt.org/docs/guide-user/base-system/basic-networking?s[]=bridge-vlan#switch_configuration_dsabridge-vlan

I found good resources in an early cover letter, and a RedHat blog:
https://lwn.net/Articles/532128/
https://developers.redhat.com/blog/2017/09/14/vlan-filter-support-on-bridge#with_vlan_filtering

Guessing if I wanted to display or modify the bridge vlan configuration
at the linux level I would need to install additional packages?
Maybe: ip-bridge ip-full

My situation:
I have mt7621 devices. They use DSA; there is a linux network device for
each port of the device switch in `ls /sys/class/net` or `ip link show`,
but they don't use bridge-vlan (or vlan_filtering) in the default config.
Without having seen bridge-vlan, I was using the OpenWrt configuration
of multiple bridge devices (and interfaces) to isolate networks,
and using device bridge `list ports 'portname.vlan'` to force VLAN tags for ports.
It looks like bridge-vlan allows finer control and many more options.


Cheers,
-- 
  John



More information about the openwrt-devel mailing list