Friday, 06 October 2017 03:15

OpenWRT and Cisco Trunking

Rate this item
(1 Vote)

How to create a trunk port on an OpenWRT or Gargoyle Router to use with a Cisco switch or other ‘trunking’ device


This may be self explanatory to many people, but I could not find straightforward information on this topic. It may be around and, if so, this post will be for me the next time I need this information.

For example, if you have a Cisco switch configured with multiple vlans and a trunk port running to another trunk port on a Cisco Router, you can remove the Cisco router and use the OpenWRT/Gargoyle Router. If you don’t know why you would want to use the cheaper router, it’s ok. This post is for those that do.

To get this done, you’ll need to edit the following three files:
‘/etc/config/network’
‘/etc/config/dhcp’
‘/etc/config/firewall’

 

First: ‘/etc/config/network’
Create the VLAN IDS that match the same VLAN IDS of the Cisco Switch. You’ll only need to configure the interface as a bridge if you plan on attaching it to a wifi interface.

config interface 'lan'
option ifname 'eth1.5'
option type 'bridge'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '192.168.5.1'
option dns '192.168.5.1'

config interface 'vlan6'
option ifname 'eth1.6'
option proto 'static'
option ipaddr '192.168.6.1'
option netmask '255.255.255.0'
option dns '192.168.6.1'

config interface 'vlan7'
option ifname 'eth1.7'
option proto 'static'
option ipaddr '192.168.7.1'
option netmask '255.255.255.0'
option dns '192.168.7.1'

 

Second: ‘/etc/config/dhcp’
Create the DHCP server pool for each VLAN

config dhcp 'vlan5'
option interface 'vlan5'
option start '100'
option limit '50'
option leasetime '8h'

config dhcp 'vlan6'
option interface 'vlan6'
option start '150'
option limit '10'
option leasetime '8h'

config dhcp 'vlan7'
option interface 'vlan7'
option start '160'
option limit '40'
option leasetime '8h'

 

Third: ‘/etc/config/firewall’
Create the Firewall entries for each VLAN

config zone
option name 'vlan5'
list network 'vlan5'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'

config zone
option name 'vlan6'
list network 'vlan6'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'

config zone
option name 'vlan7'
list network 'vlan7'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'


config forwarding
option src 'vlan5'
option dest 'wan'

config forwarding
option src 'vlan6'
option dest 'wan'

config forwarding
option src 'vlan7'
option dest 'wan'

 

After these are configured, head back to ‘/etc/config/network’ to configure the switch ports for the VLANS. There should already be the first section ‘config switch’ below. Look at the ‘name’ of the switch (option name). In the example below, it is switch0, but it could differ. Use it in the ‘option device’ line of the vlans. Additionally, the switch port and port lines below don’t always match up, so test each one and use a sharpie to mark the port number on the router itself. For example, Port 1 on the router may be port 3 in the ‘option ports’ line below.

If I want to make vlan5 on port 3, vlan6, on port 2, vlan7 on port 1, and have a trunk port on port 4, I'll use the following configuration:

config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'

config switch_vlan
option device 'switch0'
option vlan '5'
option ports '0t 3 4t'

config switch_vlan
option device 'switch0'
option vlan '6'
option ports '0t 2 4t'

config switch_vlan
option device 'switch0'
option vlan '7'
option ports '0t 1 4t'


## If, for some reason, you need a Native VLAN added, you can add the following section.
## If VLAN 1 is the Native VLAN ID
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0t 4t'

Once you plug in the Cisco switch’s trunk port, you’ll see the logs bring up the vlans and ports. Plug a device into the Cisco switch port and it will grab the appropriate IP address from the OpenWRT/Gargoyle Router

Enjoy…

Read 171 times Last modified on Friday, 06 October 2017 14:01

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.