[<<][pool][>>][..]
Fri Nov 18 09:07:33 EST 2011

Router fred: move printer to untrusted port

I currently have 2 VLANS, one is wireless and other untrusted, the
other is wired (trusted).  I want to put the printer on the untrusted
segment, so I need to tag one of router ports.

Current setup is:

@fred:/etc/rc.d# robocfg show
Switch: enabled
Port 0(W):  DOWN enabled stp: none vlan: 0 mac: 00:00:00:00:00:00
Port 1(4): 100FD enabled stp: none vlan: 0 mac: 00:00:00:00:00:00
Port 2(3):  DOWN enabled stp: none vlan: 0 mac: 00:00:00:00:00:00
Port 3(2): 100FD enabled stp: none vlan: 0 mac: 00:00:00:00:00:00
Port 4(1): 100FD enabled stp: none vlan: 1 mac: 00:00:00:00:00:00
Port 5(C): 100FD enabled stp: none vlan: 0 mac: 00:00:00:00:00:00
VLANs: BCM5325/535x enabled mac_check mac_hash
vlan0: 0 1 2 3 5t
vlan1: 3t 4
vlan11: 3t 5t


vlan11: untrusted + bridged to wireless wl0
vlan0:  trusted
vlan1:  internet

3: zoo, has vlan1 and vlan11 tagged, vlan0 untagged
5: broadcom CPU, has vlan0 and vlan11 tagged


What needs to change is untagging of vlan11 on one of the router
ports.  I plugged the printer into port 2 (Marked as "2" on the back,
note that numbering on the back is not the same!)


robocfg vlan 11 ports "2 3t 5t"    # untag 11 on port 2
robocfg vlan 0  ports "0 1 3 5t"   # don't untag 0 on port 2

This gives:

@fred:/etc/rc.d# robocfg show
Switch: enabled
Port 0(W):  DOWN enabled stp: none vlan: 0 mac: 00:00:00:00:00:00
Port 1(4):  DOWN enabled stp: none vlan: 0 mac: 00:00:00:00:00:00
Port 2(3): 100FD enabled stp: none vlan: 11 mac: 00:00:00:00:00:00
Port 3(2): 100FD enabled stp: none vlan: 0 mac: 00:00:00:00:00:00
Port 4(1): 100FD enabled stp: none vlan: 1 mac: 00:00:00:00:00:00
Port 5(C): 100FD enabled stp: none vlan: 0 mac: 00:00:00:00:00:00
VLANs: BCM5325/535x enabled mac_check mac_hash
vlan0: 0 1 3 5t
vlan1: 3t 4
vlan11: 2 3t 5t




[Reply][About]
[<<][pool][>>][..]