Comment by wtallis

1 day ago

More precisely: the manufacturer's software on your consumer grade routers refuses to expose that functionality to the end user. They're almost always relying on VLANs behind the scenes to separate the WAN and LAN ports.

3 comments

wtallis

Reply
simoncion  1 day ago

> They're almost always relying on VLANs behind the scenes to separate the WAN and LAN ports.

I don't believe this is true. I expect that what's going on there is the WAN and LAN ports on the switch [0] are in separate bridges.

Why do you believe that they're using VLANs behind the scenes? It seems silly to add and remove a whole-ass VLAN tag to traffic based on what port it comes in on. Do you have switch chip or other relevant documentation that indicates that this is what's going on?

[0] or WAN and LAN interfaces, if the ports are actually separate, entirely-independent interfaces, rather than bound up in a switch

  • wtallis  1 day ago

    It's trivial to look up the switch port configuration of a consumer router once you put OpenWRT on it. The most common topology is the CPU has two RGMII/XGMII or similar links to an 8-port switch chip, five more ports of the switch are connected PHYs for external ports and configured for the LAN VLAN, and the last port is connected to a PHY for an external port and configured for the WAN VLAN. This does not result in any VLAN tags being emitted over the wire, but from the perspective of the switch silicon it's just one of many possible VLAN configurations. Changing which physical port is the WAN port is as simple as assigning a different switch port to that VLAN. If you did want VLAN tags emitted on a particular port, it's a single checkbox or single-character config file change.

  • devilbunny  1 day ago

    "Use WAN as LAN" is a pretty common option in aftermarket firmwares like DD-WRT or OpenWRT. I know that OpenWRT displays them as VLANs.

    That said, this is in no way my area of expertise.