I had a need to run my home router as a router-on-a-stick, i.e. multiple VLANs on a single interface. This requires a switch with VLAN support. I already have a Cisco E4200 as a 5Ghz WAP with 1Gb switches which I would like to use. Using the DD-WRT firmware, it supports VLAN tagging. The rest of this post is my experience getting VLAN tagging to work.
Objective
The objective was to use all 5 ports as switch ports (the 4 LAN ports and the “Internet” port). With the following configuration
- VLAN 1 should be for LAN traffic
- VLAN 9 should be for WAN traffic
- The Internet port should be an access port on VLAN 9
- Ports 2-4 should be access ports on VLAN 1
- Port 1 should be a trunk port, allowing VLAN 9 and native VLAN 1
Implementation
The best source of information is the Switched Ports wiki page on the DD-WRT wiki.
The most important part is Do not use the web interface for configuring VLANs. It doesn’t show the correct information, can break your config and doesn’t support 802.1q trunks.
You can see the current configuration of the ports will the following commands::
| |
Details on the Switched Ports page describe these options well and I won’t duplicate that information here. The missing information is how the port numbers on the CLI relate to the physical ports.
| CLI Port | Physical Port |
|---|---|
| 0 | LAN 4 |
| 1 | LAN 3 |
| 2 | LAN 2 |
| 3 | LAN 1 |
| 4 | WAN / Internet |
My final configuration is as follows:
| |
Happy VLAN tagging!