I currently have (after struggling a few hours, thanks for the safe button) bridge vlan working. I am sure if you look at this config, you will say: it all wrong. And I am sure you right, even after watching a few video / tutorial I am not sure how to properly do vlan.
My goal was to manage traffic of my d-link switch, making sure all traffic goes through the router and by what I am seeing and with my test I was successful.
I can now use the firewall of the hAP AC2 to block traffic that happen in my dlink.
This is what I have done, nothing else;
Code: Select all
added vlan-filtering=yes to my bridge
added use-ip-firewall-for-vlan=yes to my bridge settings
/interface vlan
add interface=LAN4 name=vlan1 vlan-id=20
add interface=LAN4 name=vlan2 vlan-id=30
add interface=LAN4 name=vlan3 vlan-id=40
and
/interface bridge port
add bridge=LAN interface=vlan1
add bridge=LAN interface=vlan2
add bridge=LAN interface=vlan3
The issue that I was not aware of is that using bridge vlan also disable hardware offloading of the whole bridge and while reading about this issue I saw that switch vlan should let me re-enable it on some interface on my bridge, if I read it right, right? (if not just let me know)
After looking at switch vlan, it look like way more complicated and I would like to ask: seeing what I have done, how would you move this config from bridge vlan to switch vlan?