mirror/iopsys-feed
1
0
Fork 0
mirror of https://dev.iopsys.eu/feed/iopsys.git synced 2026-02-06 12:00:43 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
iopsys-feed/netmode/docs/ADVANCED_MODE_GUIDE.md

26 KiB
Raw Permalink Blame History

Advanced Mode - Complete Configuration Guide

Table of Contents

  1. Overview
  2. Interface Types
  3. Configuration Examples
  4. Use Case Scenarios
  5. TR-069/USP Configuration
  6. Troubleshooting

Overview

The advanced mode is a unified, flexible network configuration mode for OpenWrt/iopsys routers. It provides a single, powerful interface for configuring:

  • Bridge interfaces with VLAN/QinQ support (traditional VLAN devices)
  • Bridge VLAN filtering (modern kernel bridge features - recommended)
  • Routed interfaces with VLAN/MACVLAN support
  • Standalone interfaces (direct VLAN without bridge)
  • Mixed scenarios (combine bridges and routed interfaces)

Key Features

  • Unified configuration syntax
  • Multiple interface types in one configuration
  • VLAN (802.1Q) and QinQ (802.1ad) support
  • Modern bridge VLAN filtering for better performance
  • MACVLAN support for multi-service routing
  • Per-interface port assignment
  • Flexible protocol configuration (DHCP, none, static)
  • UCI device name resolution (LAN1 → eth1)
  • Automatic reconfiguration on parameter changes

Configuration Parameters

Parameter Description Example
interface_names Comma-separated interface names wan,iptv,mgmt
interface_types Comma-separated interface types bridge:transparent,brvlan:wan-tagged:1499,route:vlan:100,direct:200
ports Comma-separated port assignments ALL,LAN1-LAN2-WAN,WAN
macaddrs Comma-separated MAC addresses (optional) BaseMACAddress,BaseMACAddressP1,AA:BB:CC:DD:EE:FF

How It Works

When you change any configuration parameter and restart netmode:

  1. The system detects the configuration change automatically
  2. Old network configuration is cleaned up (interfaces, bridges, VLANs)
  3. System configuration is preserved (loopback, physical devices)
  4. New configuration is applied based on your parameters
  5. No manual intervention needed!

Interface Types

Bridge Types (Traditional VLAN Devices)

Bridge types create L2 bridge interfaces using traditional VLAN devices (eth0.100, etc.).

Type Syntax Description
Transparent bridge:transparent No VLAN tagging on any port
Tagged bridge:tagged:VID All ports tagged with same VLAN ID
WAN-Tagged bridge:wan-tagged:VID Only WAN port tagged, LAN ports untagged
Transparent QinQ bridge:transparent-qinq:SVID LAN untagged, WAN single S-tag (802.1ad)
Transparent QinQ (Double) bridge:transparent-qinq:CVID:SVID LAN untagged, WAN double-tagged (C+S)
Tagged QinQ bridge:tagged-qinq:CVID:SVID LAN C-tagged, WAN double-tagged (C+S)
QinQ (All ports) bridge:qinq:CVID:SVID All ports double-tagged

Bridge VLAN Filtering Types (Modern Approach)

Bridge VLAN filtering uses kernel bridge VLAN filtering instead of creating VLAN devices. Recommended for new deployments.

Type Syntax Description
Tagged brvlan:tagged:VID All ports tagged with VLAN ID (uses bridge-vlan)
WAN-Tagged brvlan:wan-tagged:VID WAN tagged, LAN untagged (uses bridge-vlan)
Mixed brvlan:mixed:VID Custom tagged/untagged configuration

See BRIDGE_VLAN_FILTERING.md for detailed documentation.

Routed Types

Routed types create L3 routed interfaces (with NAT/firewall).

Type Syntax Description
VLAN Routing route:vlan:VID Routed interface on VLAN
MACVLAN Routing route:macvlan:MAC MACVLAN device with custom MAC (supports macros)
VLAN + MAC Routing route:vlan:VID:MAC Routed interface on VLAN with custom MAC
Transparent Routing route:transparent Routed interface on base device (no VLAN)

Standalone Types

Standalone types create VLAN interfaces without bridges or routing (proto=none by default).

Type Syntax Description
Direct VLAN direct:VID Standalone VLAN interface, proto=none

Device Reference Types

Device reference types allow multiple interfaces to share the same underlying device.

Type Syntax Description
Device Reference device-ref:INTERFACE References the device from another interface

Use Case: Create separate IPv4 and IPv6 interfaces (wan and wan6) that share the same bridge or VLAN device.

Example:

# wan creates bridge on VLAN 2501 with DHCP
# wan6 shares the same br-wan device with DHCPv6
interface_names='wan,wan6'
interface_types='bridge:tagged:2501,device-ref:wan-dhcpv6'
ports='WAN,WAN'

Result:

  • wan: Creates br-wan bridge device on VLAN 2501, proto=dhcp
  • wan6: Uses same br-wan device, proto=dhcpv6

Note: The referenced interface must be defined before the device-ref interface in the interface_names list.

Modifiers

Modifiers can be appended to any interface type:

Modifier Effect Example
-pppoe Set proto=pppoe (PPPoE authentication) route:vlan:101-pppoe
-dhcpv6 Set proto=dhcpv6 (DHCPv6 client) bridge:tagged:2501-dhcpv6
-dhcp Set proto=dhcp (DHCP client - explicit) bridge:transparent-dhcp
-static Set proto=static (static IP) bridge:transparent-static
-none, -n Set proto=none (no IP configuration) bridge:tagged:100-none or bridge:tagged:100-n
-iptv Signify that this is an iptv interface (affects firewall and mcast) route:vlan:200-iptv
-inet Signify that this is an internet interface (affects firewall) route:vlan:200-inet
-mgmt Signify that this is a management interface (affects firewall) route:vlan:200-mgmt
-disabled, -d Create but mark as disabled route:vlan:200-disabled or route:vlan:200-d

Notes

  • The -none and -n modifiers are equivalent, as are -disabled and -d.
  • If no protocol modifier is specified, interfaces default to proto=dhcp.
  • Protocols and disabled can be clubbed together, and disabled should be in the last, for example: transparent-qinq:2-n-d will set proto as none and disable the interface, similarly other protocols can be used.
  • iptv, inet and mgmt modifier can only be used with route interfaces, and they can be clubbed with disabled modifier, but disable should be in the last.

Static IP Auto-Configuration

When using the -static modifier with an interface named lan, the system automatically configures:

Network Configuration:

  • IP Address: 192.168.1.1
  • Netmask: 255.255.255.0
  • IPv6 Prefix: /60

DHCP Server Configuration:

  • Start: 192.168.1.100
  • Limit: 150 addresses (100-250)
  • Lease time: 1 hour
  • DHCPv4: server
  • DHCPv6: server
  • Router Advertisement: server
  • SLAAC: enabled
  • RA flags: managed-config, other-config

Example:

interface_names='lan,wan'
interface_types='bridge:transparent-static,bridge:tagged:2501'
ports='ALL_LAN,WAN'

For non-LAN interfaces with -static, only proto=static is set without additional configuration.

Note: Direct interfaces default to proto=none, so -n is implicit.

MAC Address Assignment

You can assign custom MAC addresses to interfaces using the macaddrs parameter. This is useful when ISPs require specific MAC addresses per service or for multi-service configurations.

Supported Formats:

Format Description Example
Explicit MAC Direct MAC address assignment AA:BB:CC:DD:EE:FF
BaseMACAddress Use base MAC from fw_printenv -n ethaddr BaseMACAddress
BaseMACAddressP1 Base MAC + 1 BaseMACAddressP1
BaseMACAddressPN Base MAC + N (any number) BaseMACAddressP5

Example:

# If base MAC is 94:3F:0C:D5:76:00
uci set netmode.@supported_args[3].value='BaseMACAddress,BaseMACAddressP1,AA:BB:CC:DD:EE:FF'
# Results in:
# Interface 1: 94:3F:0C:D5:76:00
# Interface 2: 94:3F:0C:D5:76:01
# Interface 3: AA:BB:CC:DD:EE:FF

Note: MAC addresses are assigned to interfaces in order. If you have 3 interfaces but only specify 2 MAC addresses, the 3rd interface will use the system default.

Configuration Examples

Example 1: Simple Transparent Bridge

Scenario: All ports bridged together, no VLANs

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='wan'                    # interface_names
uci set netmode.@supported_args[13].value='bridge:transparent'     # interface_types
uci set netmode.@supported_args[14].value='ALL'                    # ports
uci commit netmode
service netmode restart

Result: Creates br-wan bridge with all LAN+WAN ports, proto=dhcp

Example 2: LAN-Only Bridge with Routed WAN

Scenario: Bridge all LAN ports together, WAN as separate routed interface

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='lan,wan'
uci set netmode.@supported_args[13].value='bridge:transparent,route:transparent'
uci set netmode.@supported_args[14].value='ALL_LAN,WAN'
uci commit netmode
service netmode restart

Result: Creates br-lan bridge with all LAN ports only, WAN routed separately

Example 3: VLAN-Tagged Bridge (Managed Network)

Scenario: All ports tagged with VLAN 100

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='mgmt'
uci set netmode.@supported_args[13].value='bridge:tagged:100'
uci set netmode.@supported_args[14].value='ALL'
uci commit netmode
service netmode restart

Result: Creates br-mgmt with all ports tagged as .100

Example 4: Multiple Service Bridges (VLAN Segregation)

Scenario: Separate bridges for Internet (VLAN 100), IPTV (VLAN 200), Management (VLAN 300)

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='inet,iptv,mgmt'
uci set netmode.@supported_args[13].value='bridge:tagged:100-n,bridge:tagged:200-n,bridge:tagged:300'
uci set netmode.@supported_args[14].value='LAN1-LAN2-WAN,LAN3-LAN4-WAN,WAN'
uci commit netmode
service netmode restart

Result:

  • br-inet: LAN1.100 + LAN2.100 + WAN.100, proto=none
  • br-iptv: LAN3.200 + LAN4.200 + WAN.200, proto=none
  • br-mgmt: WAN.300, proto=dhcp

Example 5: QinQ Configuration (Wholesale Provider)

Scenario: Customer A on C-tag 10 S-tag 100, Customer B on C-tag 20 S-tag 100

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='customer_a,customer_b'
uci set netmode.@supported_args[13].value='bridge:qinq:10:100-n,bridge:qinq:20:100-n'
uci set netmode.@supported_args[14].value='LAN1-LAN2-WAN,LAN3-LAN4-WAN'
uci commit netmode
service netmode restart

Result:

  • br-customer_a: All ports double-tagged (100.10)
  • br-customer_b: All ports double-tagged (100.20)

Example 6: Routed Multi-Service with Custom MAC Addresses

Scenario: ISP requires different MAC addresses for Internet and IPTV services

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='mgmt_wan,wan,iptv_wan,lan'
uci set netmode.@supported_args[13].value='route:macvlan:BaseMACAddressP2-mgmt,route:macvlan:BaseMACAddressP3-inet,route:macvlan:BaseMACAddressP4-iptv,bridge:transparent-static'
uci set netmode.@supported_args[14].value='WAN,WAN,WAN,ALL_LAN'
uci commit netmode
service netmode restart

Result:

  • mgmt_wan: Routed interface on WAN with base MAC + 2(58:00:32:C0:0E:42)
  • wan: Routed interface on WAN with base MAC + 3 (58:00:32:C0:0E:43)
  • iptv_wan: Routed interface on WAN with base MAC + 4 (58:00:32:C0:0E:44)
  • lan: bridged interface on ALL LAN ports with base MAC (58:00:32:C0:0E:40)

Example 7: Routed Multi-Service (VLAN-based)

Scenario: Internet on VLAN 100, IPTV on VLAN 200, Management on VLAN 300, all routed

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='mgmt_wan,wan,iptv_wan,lan'
uci set netmode.@supported_args[13].value='route:vlan:300-mgmt,route:vlan:100-inet,route:vlan:200-iptv,bridge:transparent-static'
uci set netmode.@supported_args[14].value='WAN,WAN,WAN,ALL_LAN'
uci commit netmode
service netmode restart

Result:

  • wan: Routed on WAN.100, proto=dhcp
  • iptv: Routed on WAN.200, proto=dhcp
  • mgmt: Routed on WAN.300, proto=dhcp

Example 8: Routed Multi-Service (MACVLAN with Macros)

Scenario: Internet and IPTV using MACVLAN devices with MAC address macros

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='wan,iptv'
uci set netmode.@supported_args[13].value='route:transparent,route:macvlan:BaseMACAddressP1'
uci set netmode.@supported_args[14].value='WAN,WAN'
uci commit netmode
service netmode restart

Result:

  • wan: Routed on WAN with default MAC (94:3F:0C:D5:76:00)
  • iptv: MACVLAN device on WAN with base MAC + 1 (94:3F:0C:D5:76:01)

Alternative with explicit MAC:

uci set netmode.@supported_args[13].value='route:transparent,route:macvlan:AA:BB:CC:DD:EE:FF'

Example 9: Routed Multi-Service (VLAN + MACVLAN)

Scenario: Internet on VLAN 100, IPTV on VLAN 200 with custom MAC

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='wan,iptv'
uci set netmode.@supported_args[13].value='route:vlan:100,route:vlan:200:AA:BB:CC:DD:EE:FF'
uci set netmode.@supported_args[14].value='WAN,WAN'
uci commit netmode
service netmode restart

Result:

  • wan: Routed on WAN.100 (default MAC), proto=dhcp
  • iptv: Routed on WAN.200 with custom MAC, proto=dhcp

Example 10: Standalone VLAN Interface (Direct)

Scenario: WAN as standalone VLAN 2501 interface (no bridge, no routing)

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='wan'
uci set netmode.@supported_args[13].value='direct:2501'
uci set netmode.@supported_args[14].value='WAN'
uci commit netmode
service netmode restart

Result: Creates WAN.2501 interface, proto=none (no DHCP)

Example 11: Mixed Bridge and Routed Interfaces

Scenario: IPTV bridged on VLAN 200, Internet routed on VLAN 100

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='wan,iptv'
uci set netmode.@supported_args[13].value='route:vlan:100,bridge:tagged:200-n'
uci set netmode.@supported_args[14].value='WAN,LAN1-LAN2-WAN'
uci commit netmode
service netmode restart

Result:

  • wan: Routed on WAN.100, proto=dhcp (firewall enabled)
  • br-iptv: Bridge on LAN1.200 + LAN2.200 + WAN.200, proto=none

Use Case Scenarios

Scenario 1: ISP Triple-Play Service (Routed)

Requirement: Internet on VLAN 100, IPTV on VLAN 200, VoIP on VLAN 300, all routed

Configuration:

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='wan,iptv,voip'
uci set netmode.@supported_args[13].value='route:vlan:100,route:vlan:200,route:vlan:300'
uci set netmode.@supported_args[14].value='WAN,WAN,WAN'
uci commit netmode
service netmode restart

Network Topology:

WAN (ae_wan)
  ├── wan (VLAN 100) - Internet - Routed
  ├── iptv (VLAN 200) - IPTV - Routed
  └── voip (VLAN 300) - VoIP - Routed

Scenario 2: ISP Triple-Play with MACVLAN

Requirement: Internet normal MAC, IPTV with custom MAC, VoIP with custom MAC

Configuration:

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='wan,iptv,voip'
uci set netmode.@supported_args[13].value='route:transparent,route:macvlan:AA:BB:CC:DD:EE:01,route:macvlan:AA:BB:CC:DD:EE:02'
uci set netmode.@supported_args[14].value='WAN,WAN,WAN'
uci commit netmode
service netmode restart

Scenario 3: Enterprise VLAN Segregation (Bridged)

Requirement: Guest WiFi on VLAN 100, Corporate on VLAN 200, Management on VLAN 300, all bridged

Configuration:

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='guest,corporate,mgmt'
uci set netmode.@supported_args[13].value='bridge:tagged:100-n,bridge:tagged:200-n,bridge:tagged:300'
uci set netmode.@supported_args[14].value='LAN1-WAN,LAN2-LAN3-WAN,WAN'
uci commit netmode
service netmode restart

Network Topology:

LAN1.100 ──┬── WAN.100 ──[ br-guest ] (proto=none)
LAN2.200 ──┬── WAN.200 ──[ br-corporate ] (proto=none)
LAN3.200 ──┘
WAN.300 ────[ br-mgmt ] (proto=dhcp)

Scenario 4: Wholesale QinQ Provider

Requirement: Multiple customers on single fiber, S-tag 100, different C-tags

Configuration:

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='cust_a,cust_b,cust_c'
uci set netmode.@supported_args[13].value='bridge:qinq:10:100-n,bridge:qinq:20:100-n,bridge:qinq:30:100-n'
uci set netmode.@supported_args[14].value='LAN1-LAN2-WAN,LAN3-LAN4-WAN,LAN5-LAN6-WAN'
uci commit netmode
service netmode restart

Scenario 5: Hybrid Bridge + Routed

Requirement: Internet routed, IPTV bridged to STBs

Configuration:

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='wan,iptv'
uci set netmode.@supported_args[13].value='route:vlan:100,bridge:tagged:200-n'
uci set netmode.@supported_args[14].value='WAN,LAN1-LAN2-LAN3-WAN'
uci commit netmode
service netmode restart

Network Topology:

WAN.100 ─── [ wan - routed ] (NAT, firewall enabled)

LAN1.200 ──┐
LAN2.200 ──┼─ WAN.200 ──[ br-iptv ] (transparent bridge, proto=none)
LAN3.200 ──┘

Port List Specifications

Port List Syntax

  • ALL: All LAN ports + WAN port + EXT port (resolved from UCI or board.json)
  • ALL_LAN: All LAN ports only (no WAN, no EXT) - useful for LAN-only bridges
  • LAN: Single LAN port (for devices with one LAN port)
  • WAN: Only WAN port
  • EXT: Only EXT port
  • LAN-WAN: Single LAN port and WAN
  • LAN1-LAN2-WAN: LAN1, LAN2, and WAN
  • LAN1-LAN3-EXT: LAN1, LAN3, and EXT
  • WAN-EXT: WAN and EXT ports

Note: For devices with a single LAN port, use LAN. For devices with multiple LAN ports, use LAN1-8. The ALL and ALL_LAN macros automatically detect which configuration is present.

Individual untagged port

  • Suppose we have a bridge:tagged type interface, so all the ports are going to be tagged in this case. To mark any of the ports untagged individually, ":u" modifier can be used with the port, for example, to make LAN3 untagged (transparent) here: "LAN2-LAN3:u-LAN4-WAN".

Device Name Resolution

Port macros (LAN, LAN1-LAN8, WAN, EXT) are automatically resolved to actual device names:

  • LANuci get network.LAN.name → e.g., eth1 (single LAN port devices)
  • LAN1uci get network.LAN1.name → e.g., eth1 (multi-port devices)
  • WANuci get network.WAN.name → e.g., ae_wan
  • EXTuci get network.EXT.name → e.g., eth5

If UCI device section doesn't exist, the system falls back to board.json.

TR-069/USP Configuration

TR-181 Data Model Mapping

The advanced mode uses three arguments in TR-181:

  1. SupportedArguments.1 = interface_names
  2. SupportedArguments.2 = interface_types
  3. SupportedArguments.3 = ports

Example 1: Transparent Bridge via TR-069

<SetParameterValues>
  <ParameterList>
    <ParameterValueStruct>
      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
      <Value>advanced</Value>
    </ParameterValueStruct>
    <ParameterValueStruct>
      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
      <Value>wan</Value>
    </ParameterValueStruct>
    <ParameterValueStruct>
      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
      <Value>bridge:transparent</Value>
    </ParameterValueStruct>
    <ParameterValueStruct>
      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
      <Value>ALL</Value>
    </ParameterValueStruct>
  </ParameterList>
</SetParameterValues>

Example 2: Routed Multi-Service via TR-069

<SetParameterValues>
  <ParameterList>
    <ParameterValueStruct>
      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
      <Value>advanced</Value>
    </ParameterValueStruct>
    <ParameterValueStruct>
      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
      <Value>wan,iptv,mgmt</Value>
    </ParameterValueStruct>
    <ParameterValueStruct>
      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
      <Value>route:vlan:100,route:vlan:200,route:vlan:300</Value>
    </ParameterValueStruct>
    <ParameterValueStruct>
      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
      <Value>WAN,WAN,WAN</Value>
    </ParameterValueStruct>
  </ParameterList>
</SetParameterValues>

Example 3: QinQ Bridge via TR-069

<SetParameterValues>
  <ParameterList>
    <ParameterValueStruct>
      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
      <Value>advanced</Value>
    </ParameterValueStruct>
    <ParameterValueStruct>
      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
      <Value>customer_a,customer_b</Value>
    </ParameterValueStruct>
    <ParameterValueStruct>
      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
      <Value>bridge:qinq:10:100-n,bridge:qinq:20:100-n</Value>
    </ParameterValueStruct>
    <ParameterValueStruct>
      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
      <Value>LAN1-LAN2-WAN,LAN3-LAN4-WAN</Value>
    </ParameterValueStruct>
  </ParameterList>
</SetParameterValues>

Troubleshooting

Issue: VLANs Not Working

Diagnosis:

# Check VLAN devices created
uci show network | grep 8021q

# Check interface status
ip link show
ip addr show

# Verify VLAN traffic
tcpdump -i eth4 -e -n vlan

Solution:

# Ensure kernel module loaded
modprobe 8021q
lsmod | grep 8021

# Check switch configuration (if applicable)
swconfig dev switch0 show

Issue: QinQ Not Working

Diagnosis:

# Check for 8021ad devices
uci show network | grep 8021ad

# Verify kernel support
modprobe 8021q
lsmod | grep 8021

Solution:

# Install QinQ support
opkg install kmod-8021q

# Verify S-tag ethertype (0x88a8)
tcpdump -i eth4 -e -n -xx vlan

Issue: MACVLAN Interface Not Getting IP

Diagnosis:

# Check MACVLAN device
ip link show | grep macvlan

# Check MAC address
ip link show <interface>_macvlan | grep ether

# Test DHCP
udhcpc -i <interface>_macvlan -n

Solution:

# Verify passthru mode
uci show network | grep -A5 macvlan

# Ensure MAC is unique
# Some ISPs require specific MAC format

Issue: Mixed Bridge/Route Not Working

Diagnosis:

# Check firewall status
uci show firewall.globals.enabled

# Verify interfaces
ip addr show

# Check routing table
ip route show

Solution: Firewall is always enabled. For debugging:

# Temporarily disable firewall
uci set firewall.globals.enabled='0'
uci commit firewall
/etc/init.d/firewall restart

Issue: Port Not Added to Bridge

Diagnosis:

# Check UCI device resolution
uci get network.LAN1.name

# Check bridge ports
brctl show

# Check UCI bridge configuration
uci show network | grep -A10 "type='bridge'"

Solution:

# Verify device sections exist
uci show network | grep "device="

# Check board.json for defaults
cat /etc/board.json | grep -A20 network

Verification Commands

Check Configuration

# View current mode
cat /etc/netmodes/.last_mode

# View netmode configuration
uci show netmode

# View network configuration
uci show network

# View environment variables (during mode switch)
logread | grep "Interface names:"

Check Interface Status

# All interfaces
ip addr show

# Bridges
brctl show
bridge link show

# VLAN devices
ip -d link show type vlan

# MACVLAN devices
ip -d link show type macvlan

Check Connectivity

# DHCP on interface
udhcpc -i wan -n

# Ping gateway
ping -c 3 $(ip route | grep default | awk '{print $3}')

# DNS resolution
nslookup google.com

# VLAN traffic capture
tcpdump -i eth4 -e -n vlan

Check Logs

# Netmode logs
logread | grep netmode-advanced

# Network logs
logread | grep network

# Live monitoring
logread -f | grep -E "(netmode|network)"

Migration from Old Modes

From bridged Mode

Old Configuration:

uci set netmode.global.mode='bridged'
uci set netmode.@supported_args[0].value='wan'
uci set netmode.@supported_args[1].value='transparent'
uci set netmode.@supported_args[2].value='ALL'

New Configuration:

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='wan'
uci set netmode.@supported_args[13].value='bridge:transparent'
uci set netmode.@supported_args[14].value='ALL'

Change: Add bridge: prefix to interface type.

From routed-multi-service Mode

Old Configuration:

uci set netmode.global.mode='routed-multi-service'
uci set netmode.@supported_args[0].value='100'  # inet_vlanid
uci set netmode.@supported_args[2].value='200'  # iptv_vlanid
uci set netmode.@supported_args[4].value='300'  # mgmt_vlanid

New Configuration:

uci set netmode.global.mode='advanced'
uci set netmode.@supported_args[12].value='wan,iptv,mgmt'
uci set netmode.@supported_args[13].value='route:vlan:100,route:vlan:200,route:vlan:300'
uci set netmode.@supported_args[14].value='WAN,WAN,WAN'

Change: Explicit interface names and unified syntax.

Best Practices

  1. VLAN Planning: Document all VLAN IDs before deployment
  2. Port Assignment: Create clear mapping of ports to services
  3. Testing: Test on lab environment before production
  4. Monitoring: Use tcpdump to verify VLAN tags
  5. Firewall: Be aware that routed interfaces enable firewall
  6. Naming: Use descriptive interface names (iptv, mgmt, voip)
  7. Documentation: Keep ISP-specific requirements documented
  8. Backup: Always backup configuration before major changes

Document Version: 1.0 Package Version: 1.1.11+ Last Updated: 2024-12-12 Mode Status: Production Ready