openwrt系列－路由交换单元

openwrt系列－路由交换单元

原文出处：http://wiki.openwrt.org/doc/uci/network/switch， 文章最后也附有原文.

本人英语不好，翻译只是为了自己加深理解，很可能有翻译不当之处，建议大家查看原文。

      如果你的设备（路由器）不止1个端口，那么在这些端口之间有个特殊的连接，称之为交换单元。 通常情况下内部构造如下图：

 

如果想改变这些端口之间的连接方式，就需要配置设备的交换单元。

UCI配置，swconfig类型

假设

* 设备在版本2.6或3内核上运行

* 设备使用swconfig类型进行配置

* 交换单元在eth1上（很多是在eth0上的）

* 五口交换单元，其中0号到3号口直接连在一起，4号口没连接，5号口直连CPU的eth1接口（加上没连接的4号口，总共6个口）

* vlan0代表口0，1，2

* vlan1代表口3

* vlan0是默认的vlan，就是说如果某个数据包没有标记，那么会被认为是vlan0的数据包

配置

交换单元（全局设置）

在/etc/config/network文件中配置

config 'switch' 'eth1'

    option 'enable' '1'

    option 'enable_vlan' '1'

    option 'reset' '1'

VLAN交换配置

在/etc/config/network文件中配置

注解: VLAN的个数由vlan选项制定。VLAN的VID(VLAN ID)默认是和VLAN的序号一样的，不过可以用选项pvid制定，比如VLAN 1可以用VID 100.

      在ports选项行，每个数字表示对应的vlan包含该端口。如果数字后面跟上字母“t”，那么在该vlan中从该口出去的数据包会被打上标记，并且从该口收到的数据包会带着这个标记。5一般用来标识CPU或者内部端口，而且通常都是需要标记的。任何其他后缀会被忽略。（特别的，Broadcom kmod-switch类型接口用“*”和“u”来标识PVID和不标记端口，但是这些设计被swconfig忽略。）

      所以，“0 1 2 3 5t”表示该vlan上的数据包离开端口0，1，2，3的时候不打标记，但是离开端口5（一般代表CPU内部端口）的时候打上标记。

      带标记的数据包到达某个端口后，会被重定向到数据包中标记VID标识的VLAN去。未标记数据包收到后会定向到默认端口VLAN（通常称为PVID）。要设置默认端口VLAN的话，需要一个单独的switch_port配置。

      801.2q标准文档中描述：VID值0和4095不代表可用VLAN，并且VID 1经常保留给网络管理使用（比如戴尔2708）。

配置

config 'switch_vlan'
   option 'vlan'       '0'
   option 'device'     'eth1'
   option 'ports'      '0 1 2 5t'

config 'switch_vlan'
   option 'vlan'       '1'
   option 'device'     'eth1'
   option 'ports'      '3 5t'

config 'switch_port'
    option 'port'      '3'
    option 'pvid'      '1'

VLAN接口/网络配置

VLAN接口配置和常规接口配置一样，除了需要用eth1.0,eth1.1等去替换eth1（或者eth0,或者任何其它），其中小数点后面的输在代表VLAN需要。（对于2.6内核；2.4内核不一样）

 

下面是一个两口路由器的配置，eth0是WAN，eth1是五口交换单元（见上面的配置）。配置还是在/etc/config/network里

config 'interface' 'lan'
    option 'ifname' 'eth1.0'
    option 'proto' 'static'
    option 'ipaddr' '192.168.1.1'
    option 'netmask' '255.255.255.0'
    option 'defaultroute' '0'
    option 'peerdns' '0'
    option 'nat'    '1'

config 'interface' 'extranet'
    option 'ifname'  'eth1.1'
    option 'proto'   'dhcp'

config 'interface'  'wan'
   option 'ifname'  'eth0'
   option 'proto'   'dhcp'

当然如果你在eth0接口上只有5个端口，并且没有其它接口，可以指定eth0.1为WAN接口，eth0.0为LAN。

 

下面附上原文：

If you want to change how these ports are connected to each other you need to configure the switch of your device (see also network.interfaces)

UCI config, swconfig style Assumptions

• device is running kernel 2.6 or 3
• device uses an swconfig type switch configuration
• —————————————————
• The switch is on eth1.  (Many are on eth0) [Howto find out:?], and also on chips like rtl8366s
• Five-port switch with 0-3 connected externally, 4 not connected, and 5 connected to the CPU's eth1 interface (which adds up to six ports except that 4 is not counted)
• vlan0 is to be all external ports but the last one
• vlan1 is only the last external port [Howto find out which Port corresponds:]
• vlan0 is the default vlan, meaning if a packet is untagged, it will be treated a vlan0 packet

The configuration The Switch

in /etc/config/network

config 'switch' 'eth1' option 'enable' '1' option 'enable_vlan' '1' option 'reset' '1' VLAN: switch config

in /etc/config/network

Notes

The number of the VLAN is specified on the option vlan line. The VID (VLAN ID) associated with a VLAN is by default the same as the number of the VLAN. This is overridden by using an option pvid line so, for example, that VLAN 1 could use VID 100.

In the option ports line, a number indicates that the specified vlan includes the port with that number. If the number is followed by a "t" then packets transmitted out that port on this VLAN are tagged, and that packets received on that port may be received with this VLAN tag. 5 is generally the CPU or 'internal' port and is generally always tagged. Any other suffix is ignored. (In particular, Broadcom kmod-switch style interfaces use "*" and "u" to indicate PVID and untagged ports, but these designations are ignored by swconfig.)

So, '0 1 2 3 5t' would mean that packets on this VLAN are transmitted untagged when leaving ports 0, 1, 2 and 3, but tagged when leaving port 5 (generally the CPU internal port as described above).

Tagged packets received on a port will be directed to the VLAN indicated by the VID contained in the packet. Untagged packets received on a port will be directed to the default port VLAN (usually called the PVID). A separate config switch_port section is required to set the default port VLAN.

The relevant standards document is 801.2q which says that VID values 0 and 4095 do not indicate valid VLANs, leaving 4094 valid values in between, although VID 1 is often reserved for network management (see Dell 2708 for example).

The config sectionsconfig 'switch_vlan' option 'vlan' '0' option 'device' 'eth1' option 'ports' '0 1 2 5t'config 'switch_vlan' option 'vlan' '1' option 'device' 'eth1' option 'ports' '3 5t'config 'switch_port' option 'port' '3' option 'pvid' '1' VLAN: interface/network config

VLAN interface sections look just like regular interface sections, except that instead of eth1 (or eth0, or whatever), you have eth1.0, eth1.1, etc. where a digit after a . is a VLAN number. (that is, for kernel 2.6; 2.4 kernels do something different).

The following example is for a two-interface router, with eth0 being the WAN and eth1 being the five-port switch configured as above. It goes in /etc/config/network

e.g.

config 'interface' 'lan' option 'ifname' 'eth1.0' option 'proto' 'static' option 'ipaddr' '192.168.1.1' option 'netmask' '255.255.255.0' option 'defaultroute' '0' option 'peerdns' '0' option 'nat' '1'config 'interface' 'extranet' option 'ifname' 'eth1.1' option 'proto' 'dhcp'config 'interface' 'wan' option 'ifname' 'eth0' option 'proto' 'dhcp'

Of course of you only had a five port switch on eth0 (and no other interfaces), you might make the wan interface eth0.1 and and the lan eth0.0 with appropriately matching switch, switch_vlan and switch_port sections.