What's new
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

robocfg Not Available on Asus GT-AXE11000 (Asuswrt-Merlin 388.8_4)?

garycnew

Senior Member
Head-Scratcher... Why is robocfg and vlans not available on the Asus GT-AXE11000 (Asuswrt-Merlin 388.8_4), but is available on Asus RT-AC66U_B1 (384.19)?

Thanks, again.
 
Completely different architecture.

I see. So... Asus GT-AXE11000 uses Broadcom, which appears to be manageable using brctl, ethctl, ethswctl, and vlanctl?
 
Last edited:
All Merlin supported routers are/were Broadcom models, but all models since the RT-AC86U are based on the HND architecture.

So yes, the WAN and LAN ports appear as individual network interfaces now.
 
@ColinTaylor

In short... VLANs don't exist and are not configurable on Asus HND Routers?

Thanks, again.


Gary
 
Recent thread here for AP mode:

 
Hmm... So, I don't really need to make use of VLANs for my configuration. However, on the Asus RT-AC66U_B1 (384.19) VPN Client 1 was placed into its own VLAN (vlan2).

Reviewing the Asus GT-AXE110000 (388.8_4), it appears that the VPN Client 1 isn't placed into a VLAN, but directly referenced by its interface (tun11).

Code:
# iptables -L OVPNCF -v -n 
Chain OVPNCF (1 references)
 pkts bytes target     prot opt in     out     source               destination         
 471K   44M ACCEPT     all  --  *      tun11   0.0.0.0/0            0.0.0.0/0           
    0     0 DROP       all  --  tun11  *       0.0.0.0/0            0.0.0.0/0

I believe, I need to modify the old iptables rule to directly reference the VPN Client 1 interface (tun11), instead of the former VLAN (vlan2)?

Code:
# Mark Outbound Web Services Packets from WAN to OpenVPN Client 1
#if ! iptables -t mangle -S | grep OUTPUT | grep vlan2 | grep 0x1000; then
if ! iptables -t mangle -S | grep OUTPUT | grep tun11 | grep 0x1000; then
#iptables -t mangle -I OUTPUT -o vlan2 -p tcp -s 192.168.0.2/32 -j MARK --set-mark 0x1000/0x1000
iptables -t mangle -I OUTPUT -o tun11 -p tcp -s 192.168.0.2/32 -j MARK --set-mark 0x1000/0x1000
fi

Thanks, again.
 
Sorry Gary I don't understand what you're doing here, probably because I haven't looked at those old routers for years.

On pre-HND routers the WAN interface was either eth0 or vlan2 depending on whether hardware acceleration was enabled or disabled. The use of vlan1 and vlan2 had nothing really to do with VLANs in the traditional sense. It was required as a way of associating physical network ports with a logical network interface. On the HND routers none of that is required any more because each port is already associated with a network interface, eth0, eth1, eth2, eth3, eth4, etc.
 
Sorry Gary I don't understand what you're doing here, probably because I haven't looked at those old routers for years.

On pre-HND routers the WAN interface was either eth0 or vlan2 depending on whether hardware acceleration was enabled or disabled. The use of vlan1 and vlan2 had nothing really to do with VLANs in the traditional sense. It was required as a way of associating physical network ports with a logical network interface. On the HND routers none of that is required any more because each port is already associated with a network interface, eth0, eth1, eth2, eth3, eth4, etc.

@ColinTaylor

A little background... I had VPN Client 1, DNSMasq, and Nginx Reverse Proxy configured to work together to Nginx Reverse Proxy traffic from 192.168.0.2:443 (DNSMasqed) through the VPN Client 1 Tunnel. However, in order to route the packets correctly, through the VPN Client 1 Tunnel, I had to apply iptables mangled rules based on fwmarks and output interface. On Asus RT-AC66U_B1 (384.19), the output interface was vlan2.

Code:
iptables -t mangle -I OUTPUT -o vlan2 -p tcp -s 192.168.0.2/32 -j MARK --set-mark 0x1000/0x1000

It has been a few years; since, I originially set it up. I may be misremembering the use of vlan2 on Asus RT-AC66U_B1 (384.19).

It sounds like I should bring Asus RT-AC66U_B1 (384.19) back online and reconfirm.

Thank you for the historical summary of how vlan2 was used on pre-HND routers.

Respectfully,


Gary
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Back
Top