It worked! Can br1 ip be the same as vlan6 ip (192.168.75.2)? If so, will wireless clients still receive vlan4 (192.168.8.0) ips?
br1 needs to have an address in the same subnet that the attached interfaces are using. If you assigned br1 an address in vlan6's subnet range then you'd have two physical segments both using the same logical subnet and it would all break.
Are two PC's able to communicate across vlan's? _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
- DD-WRT Administration page accessible for all vlans, then if I have to block access for one vlan or so, I will do it from linux box
- Wireless clients to get ips from 192.168.8.0 subnet and dhcp managed by linux box, also have access to DD-WRT Administration page.
What I did:
- Unbridged vlan6 and set ip to 192.168.75.2 in order to have dd-wrt administration page on that ip for all vlans
- Unbridged Wireless and created a new bridge (br1) and assigned eth1 (wireless) and vlan4 to it, in order to clients get 192.168.8.0 subnet ips.
This maybe over my head. It's hard to understand/visualize what's going on if you are not the one doing it. Anyhoo.
One thing I am pretty sure of is that you need to put wireless and vlan4 into a bridge and get the linux DHCP server to assign IPs to the bridge not the interfaces in the bridge.
I guess the main thing that I am confused about is how you get a DHCP server on another box to assign IPs to the vlans and bridge that are on another device. I think I may need to bow out before I possibly cause more confusion. Good luck!
I need to know just how functional your trunk really is before postulating how to fix it. _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
Nice and verbose. It looks like a firewall problem on the dd-wrt box. Make sure that the firewall is off and that the routing mode is set to 'Router'. If that doesn't fix it then check that the linux box can ping each of the dd-wrt IP's. _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
I don't know then. I can't see any reason why it's not working but it isn't. IMO it isn't worth persuing. Just leave an IP assigned to the router for each vlan and if you ever want to block access then remove the IP from the interface or create an iptables rule on the dd-wrt router. _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
I've just realized that dd-wrt router can't ping 192.168.32.1 or 192.168.4.1 and that could be part of the problem. It can ping 192.168.8.1 and 192.168.75.1, but I thought 192.168.8.0 subnet clients would be able to ping 192.168.75.2 (vlan6 ip) and vice-versa..
Sorry phuzi0n, I've tested all the clients and forgot to test dd-wrt router from inside (ssh).
Look at dd-wrt's routing table:
I prefer to put it into this pastebin because pasting here would screw formatation: http://pastebin.org/80713
or.. I don't know either.. can't figure out what's wrong.. perhaps create a bridge with all interfaces?
If you do this then you no longer have virtual LAN's, you have a switch chip that is bridging and wasting cpu cycles. ie. it would put them all on the same LAN again, but with the cpu doing the work instead of the internal switch.
fggs wrote:
I've just realized that dd-wrt router can't ping 192.168.32.1 or 192.168.4.1 and that could be part of the problem. It can ping 192.168.8.1 and 192.168.75.1, but I thought 192.168.8.0 subnet clients would be able to ping 192.168.75.2 (vlan6 ip) and vice-versa..
You don't have routes to either subnet because you didn't assign an IP address to their interfaces, and there's no default route for it to fall back on. This is a different problem than what's happening to vlan4 and vlan6. _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
As I'm asking for help in several places, some people are advising me to try openwrt and it could be doable with it, but I don't want to leave dd-wrt just because a tiny problem..
I've never used openwrt, seems hard..
Anyway, thanks for your help.. if you have any new idea, I will be happy to try..
I've added this line and it solved everything: route add default gw 192.168.75.1 dev vlan5
All vlans can ping 192.168.75.2!
Only thing is: Linux box can't ping 192.168.75.2 if I use source ip from subnet other than 192.168.75.0, but I think this is to be expected. Example: eth0.2 has 192.168.4.1, if I type "ping -I eth0.2 192.168.75.2" it won't respond.. but "ping 192.168.75.2" responds fine.
I just didn't disabled wireless, 802.1x and routing. New vlans are: vlan2, vlan3, vlan4, vlan5.
Minor bugs (build 12548):
1) I couldn't set Wireless to none on VLANs tab because it would stop broadcasting SSID. I had to leave Wireless set to LAN, but created bridge br1 and assigned vlan3 and eth1, it automatically removed eth1 from br0 (dd-wrt's defaults)
2) My LAN MAC shows as 00:00:00:00:00:00 on Status->Sys Info, but it has correct MAC via ifconfig on ssh.
If you guys want me to test anything, just ask, because now I can do my setup within 5 minutes tops!