VLAN doesn't work when interface is attached to a bridge

[Quallenauge]

In the current setup, the driver is attached to eth0.1 (which is attached to the bridge br-lan). When the kernel is shutdown, the driver causes a kernel panic.

[kovz]

What do you think about configuration without vr9_switch at all? I think this is more common solution, that allows "guest wlan" and repeater features. In this case iNIC driver will reside on its own eth port and all wireless interfaces can be added to any bridges separately.
In case when master(eth0.1) interface is a part of bridge, I'm not sure that it's possible to add one virtual interfaces to bridge and it will operates properly. Indeed, iNIC driver in bridge hook looks only for control packets, and all others just pass through. On the other hand, this requires changes to Ethernet driver in lantiq_xrx200.c .

[Quallenauge]

In the vendor firmware the access to the different wlan (normal wlan and guest wlan) is done over specific VLAN-IDs: Normal wlan is set to 66, while guest wlan is set to 71. The control channel doesn't know about vlan. (At least in our current setup). The commands for setting the VLAN are

iwpriv ra01_0 set VLANID=66
iwpriv ra01_1 set VLANID=71

In my tests I created a eth0.66 interface ip link add link eth0 name eth0.66 type vlan id 66

I assigned a ip address via ip addr add 192.168.3.1/24 brd + dev eth0.66. On my wlan client the wlan interface address wher set to 192.168.3.117 (static ip).

Then I modified the switch configuration

swconfig dev switch0 vlan 2 set vid 66
swconfig dev switch0 vlan 2 set ports "5t 6t"

The 5t is needed to add the vlan tag to the output, the iNIC-device uses this information to separate the packets internally. This worked!

But after I added the interface eth0.66 to the br-lan bridge `brctl addif br-lan eth0.66' no dhcp where done to the external dhcp server. Also no packets are driving through the bridge.

---

To conclude ... I would like to use this setup -> no dedicated port in DTS, but special interface with dedicated VLANs. I would like to have changes (for now ;-) ) in the ethernet driver as minimal as possible to reduce maintenance effort. Maybe we can go in these direction?

PS: Is there any traffic other than the control traffic in interfaces wl000 (formerly ra00_0,...) ?

[kovz]

If it works fine, then ok. We can use this solution. My proposal based mainly on fakt, that there are three eth ports(lan, wan, wlan) and we don't need switch functionality for them.

PS: Is there any traffic other than the control traffic in interfaces wl000 (formerly ra00_0,...) ?

If I understand correctly, all traffic we can split in two types - control and all other. Control traffic uses eth protocol 0xFFFF and only this packets will be handled by driver. For which interface every concrete packet is, decides driver. All other traffic just usual ethernet packets. Distinguish between interfaces based on source MAC and VLAN, I guess.

[Quallenauge]

After countless hours ( ;) ) of testing I found out, that the iNIC doesn't cause the errors but the xrx200 lantiq network switch driver. I don't know why I don't find the ticket bridging two VLANs "swallows" IP packets on bridge earlier. Before that I tried tcpdump again and again and don't found a answer why packets are not received by an attached computer.

The current setup is the switch configuration with 2 VLANs and their dedicated interfaces eth0.1 and eth0.66 which are added to the br-lan bridge. The really important thing is to assign a unique fid to each separate VLAN. I don't have a complete understanding about this, but it works.

VLAN 1:
        vid: 1
        fid: 0
        enable: 1
        ports: 0 6t 
VLAN 2:
        vid: 2
        fid: 0
        enable: 1
        ports: 4 6t 
VLAN 3:
        vid: 3
        fid: 3
        enable: 1
        ports: 5 6t 
VLAN 4:
        vid: 66
        fid: 4
        enable: 1
        ports: 5t 6t 
VLAN 5:
        vid: 71
        fid: 5
        enable: 1
        ports: 5t 6t 

root@LEDE:/# brctl show
bridge name     bridge id               STP enabled     interfaces
br-lan          7fff.4c09d416d80e       no              eth0.1
                                                        eth0.66

VLAN2 is used to create a dedicated iNIC ethernet device which is used as mii-master. The result is that the bridge isn't flooded by the communication packets of the iNIC driver with the iNIC hardware (and vice versa: no internet traffic is routed there).

To assign the fid, it is needed to apply the patch from: [OpenWrt-Devel,4/5] lantiq/xrx200-net: add FID (filtering identifier) setting

After that, the briding of the two VLAN-interfaces are working as expected.

I added a init script which adds some network configuration on init process. See the commit for details.

Now it is also possible to create a guest wlan where the packets are comming with an dedicated VLAN tag ( 71 ).

Because of the discussion, I renamed the ticket. The original topic should be moved to a new ticket, which should the kernel panic when rebooting the kernel in case the iNIC driver was loaded.