Joined: 16 Nov 2015 Posts: 6447 Location: UK, London, just across the river..
Posted: Tue Dec 26, 2017 18:52 Post subject:
i had a believe m multiport is stripped of or it has very limited use as it does not work with different ports
than 443,53,80... try with one rule per port spelled,
yep i know many rules needed... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Actually my major issue now is I'm having DNS issues on all my wired devices.
I have port 1 on the R7000 going to a netgear 16 port unmanaged switch, everything is plugged into the switch so ports 2,3,4 are unused on the R7000.
As soon as I check the tagged box and then tag port 1 to vlan1 and vlan3 I start having DNS issues.
All wired/wireless devices are getting the proper vlan1 subnet as is all wireless devices on vlan3, when on wifi both vlan1 and vlan3 devices have no issues with DNS. It's only wired devices that have DNS issues.
What makes this weirder my APs are plugged into the 16 port switch so wireless should also have DNS issues but they do not.
Joined: 13 Mar 2014 Posts: 856 Location: Montreal, QC
Posted: Wed Dec 27, 2017 7:29 Post subject:
you most certainly can tag a port connected to an unmanaged switch. tag will pass through to all ports.
it's a technique some use here to split iptv & internet served on separate vlans to different routers. yes a managed switch is a better solution for many reasons but that does not invalidate the use of vlans and unmanaged switches
well I bought a managed switch which i'd rather return if I can get away without it. As I'm struggling to understand how to set it up correctly with DDWRT. Most tutorials use the same brand router, switch and AP but with DDWRT it a bit challenging without proper documentation.
Anyways how am I suppose to tag vlan3 but not tag vlan1 on port 1 or any other port for that matter?
A bit more in dept explanation of my setup, note I do not have any managed switches on the network.
Bold is the items in the basement
Modem > R7000 > switch > Ground floor > Switch > AP and other devices
Modem > R7000 > switch > 2nd floor > Room 1 > AP
Modem > R7000 > switch > 2nd floor > Room 2 > Switch > AP and other devices.
using ports 2,3,4 will not help in this case (unless I'm missing the obvious?) as I want all my devices on the main lan, but want the APs to use Vlan1 for my main wifi and VLAN3 as my guest wifi. The APs work without issues on both VLANs its all other wired devices that start to have DNS issue yet get the proper subnet for VLAN1, I'm able to ping and do other things but all report DNS errors for whatever reason.
Now I'm even more confused after adding the managed switch. Prior I was able to get the proper subnet on all devices including the guest wifi but now even that is not working, everything is routed to vlan1.
Most of my devices are still on port 1 on the R7000 and using the 16 dumb switch.
R7000 port 2 is set too tagged and I checked marked vlan1 and vlan3, port 2 is plugged into port 1 on the managed switch.
Now on the managed switch, ports 2,3,4 are my APs. Vlan1 is untagged (default) for all ports, on vlan3 I set port 1 as untagged and ports 2,3,4 as tagged. Does port 1 need to be set as tagged as well?
From CLI i see the below, so I guess it hasn't tagged the ports even though tagged is selected in webui. Also I was able to get the managed switch to work by setting ports 1,2,3,4 as tagged ports.
vlan2ports=0 5u
vlan1ports=1 2 3 4 5*
So do I use the below to tag port 1 to vlan1 and vlan3?
nvram set vlan1.ports="1t 2 3 4 5"
nvram set vlan3.ports="1t 2 3 4 5"
well i give up getting ddwrt to work for both vlan1 and vlan3 on port 1. I either get no ip address or everything is on the proper vlan with working wifi including my guest wifi but none of my other wired devices can get online.
I guess i stick with a managed switch plus tagging the vlans on the webui in ddwrt, at least this works properly.
Now last thing i need to figure out is how make vlan1 invisible to vlan3.