Working with NIC Teaming in Windows Server 2012

Of the many networking features introduced in Hyper-V 3.0 on Windows Server 2012, several were added to enhance the overall capability for networking virtual machines (VMs). One of the features introduced in Hyper-V 3.0 is a collection of components for configuring NIC teaming on virtual machines and the Windows operating system.

Originally designed for Windows Server 2012, NIC Teaming can also be used to configure teamed adapters for Hyper-V virtual machines. Since our primary focus in this article is to provide an overview of NIC Teaming in Windows Server 2012 and later versions, we will not cover in detail the steps needed to configure NIC Teaming for operating systems and virtual machines.

In earlier versions of Hyper-V (version 1.0 and version 2.0), the Windows operating system did not provide any utility to configure NIC Teaming for physical network adapters, and it was not possible to configure NIC teaming for virtual machines. A Windows administrator could configure NIC teaming on Windows by using third-party utilities but with the following disadvantages:

• Support was provided by the vendor and not by Microsoft.
• You could only configure NIC Teaming between physical network adapters of the same manufacturer.
• There are also separate management UIs for managing each third-party network teaming if you have configured more than one teaming.
• Most of the third-party teaming solutions do not have options for configuring teaming options remotely.

Starting with Hyper-V version 3.0 on Windows Server 2012, you can easily configure NIC Teaming for Virtual Machines.

This article expounds on the following topics:

• NIC Teaming Requirements for Virtual Machines
• NIC Teaming Facts and Considerations
• How NIC Teaming works

NIC Teaming Requirements for Virtual Machines

Before you can configure NIC Teaming for virtual machines, ensure the following requirements are in place:

• Make sure you are running minimum Windows Server 2012 version as the guest operating system in Virtual Machine.
• Available physical network adapters that will participate in the NIC Teaming.
• Identify the VLAN number if the NIC team will need to be configured with a VLAN number.

NIC Teaming Facts and Considerations

It is necessary to follow several guidelines while configuring NIC Teaming, and there are also some facts you should keep in mind that are highlighted in bullet points below:

• Microsoft implements a protocol called "Microsoft Network Adapter Multiplexor" (explained shortly) that helps in building the NIC Teaming without the use of any third-party utilities.
• Microsoft's teaming protocol can be used to team network adapters of different vendors.
• It is recommended to always use the same physical network adapter with the same configuration, including configuration speed, drivers, and other network functionality, when setting up NIC Teaming between two physical network adapters.
• NIC teaming is a feature of Windows Server, so it can be used for any network traffic, including virtual machine networking traffic.
• NIC teaming is set up at the hardware level (physical NIC).
• By default, a Windows Server can team up to 32 physical network adapters.
• Only two physical network adapters in teaming can be assigned to a virtual machine. In other words, a network teamed adapter cannot be attached to a virtual machine if it contains more than two physical network adapters.
• NIC Teaming can only be configured if there are two or more 1 GB or two or more 10 GB physical network adapters.
• Teamed network adapters will appear in the "External Network" configuration page of Virtual Machine settings.
• NIC Teaming can also be referred to as NIC bonding, load balancing and failover or LBFO.

How Does NIC Teaming Work?

Microsoft developers have designed a new protocol for NIC Teaming specifically. The new protocol, known as Microsoft Network Adapter Multiplexor, assists in routing packets from physical network adapters to NIC teaming adapters and vice versa. This protocol is responsible for diverting the traffic from a teamed adapter to the physical NIC. The protocol is installed by default as part of the physical network adapter initialization for the first time.

The Microsoft Network Adapter Multiplexor protocol is checked in the teamed network adapter and unchecked in the physical network adapters that are part of the NIC Teaming. For example, if there are two physical network adapters in a team, the Microsoft Network Adapter Multiplexor protocol will be disabled for these two physical network adapters and checked in the teamed adapter as shown in the below screenshot:

As shown in the above screenshot, the Microsoft Network Adapter Multiplexor protocol is unchecked in the properties section of the Physical Network Adapter named "PNIC5," and the Microsoft Network Adapter Multiplexor protocol is checked in the property of "Hyper-VTeaming" teamed network adapter. "Hyper-VTeaming" is a teamed network adapter.

Any network traffic generated from the teamed adapter will be received by one of the physical NICs participating in the Teaming. The teamed adapter talks to the Microsoft Network Adapter Multiplexor protocol bound in the physical NIC.

If this protocol is unchecked in one of the physical network adapters, then the Teamed adapter will not be able to communicate with the physical network adapters participating in the Teaming. Third-party teaming utilities might have a different protocol designed for this, but the one offered by Microsoft can be used with any vendor network card — so this protocol is vendor- and network adapter-independent.

Read More

LMMC header on DLink router file, decoding the zlib zpipe Plaintext password

Tested on a DLink DSL-G604T

Downloading the config file dumps a config.bin file. The first line of the file has a LMMC which indicates a zlib header

Convert the file to a .Z file
dd if=config.bin of=test.config.bin.z bs=20 skip=1

download the zlib source and extract it. http://zlib.net/zlib-1.2.7.tar.gz
go to the examples folder
compile zpipe.c using the command
gcc -o zipe zpipe.c -lz
now you will have something called zpipe

copy the zpipe command where the config files are and execute the command
./zpipe -d < test.config.bin.z > config.txt

now open config.txt and view it plaintext!

Read More

LMCC and Router Configs

I contacted ACA and TT (through their website forms) about the Internet Filtering plan that the Australian Government is pushing through.

I’ve been really vocal about this previously, but now I think it’s time to start committing myself into writing and helping others get their letters written and sent to the people both responsible and the people letting this happen.

Click on the article to see the full text I submitted.
Read the rest of this entry »

Tags: censorship, filtering, Internet Filtering
Posted in Internet Filtering | No Comments »
LMCC and Router Configs
October 22nd, 2008

Source code attached, see end of article.

I had to pull the password for the internet connection out of a router at work recently and stumbled upon a problem that didn’t seem to have much of a solution, the router allows you to save a binary copy of the config, but it didn’t appear to be a known format.

kosh@aerith ~ $ file config.bin
config.bin: data

So after a little digging I found a Zlib header in the file and found a resource on the internet that had a windows only decoder (which failed for me :( ) so I proceeded to figure it out for myself.

kosh@aerith ~ $ hexdump -C config.bin | head -n 2
00000000 4c 4d 4d 43 00 03 00 00 c9 1a 00 00 8d 0e 8d cb |LMMC............|
00000010 e0 a2 00 00 78 9c ed 3d 6b 73 db 38 92 9f ef 7e |....x..=ks.8...~|

You can see the Zlib style magic at the 20-byte mark (0x14, “78 9c”). I tested my theory by grabbing zpipe.c from the zlib website and using dd to decode it.

kosh@aerith ~ $ dd if=config.bin of=test.bin.Z bs=20 skip=1
342+1 records in
342+1 records out
6857 bytes (6.9 kB) copied, 0.0165227 s, 415 kB/s
kosh@aerith ~ $ ./zpipe -d < test.bin.Z
....

But considering I was 5 minutes from a simple working setup, I hacked zpipe.c down and made zlmcc.c from it. I've made zlmcc.c available for anyone else that wants to deflate these files quickly.

Usual guarantee applies, if it blows up the world, not my fault. I only tested it on my system and with my single config file, using the above steps you should be able to figure it out if they change the format by a little (offset, etc)

via Kosh's

Read More

Firefox 20 : Open new windows in a new tab instead

Just recently my Firefox v20 "Open new windows in a new tab instead" were working properly but after installing some addons it always give me a new windows which hate it so much. Googling around the net didn't give me a good result as I want it the normal opening "new tad instead a new windows".

I don't want to go back with my old Firefox v11 which I have used it for a long period of time without any issue. According to this link the Tab preferences and settings which I have followed that give me no different result by unchecking the Open new windows in a new tab instead.

I still can not figure it out where I did something wrong since only five addons only I have installed, uninstalling one by one was my trial and error to see it it works. After undoing all my Firefox v20 addons and open up my browser the Open new windows in a new tab instead works as it is normal.

Installing again the addons one by one and see if the Open new windows in a new tab instead still working? Then, only I knew it that the SEO Toolbar 1.3.5.1 that gives me the error that prevents from opening my new tab instead a new windows. Adding a new SEO Toolbar or uninstalling it that solve my issue. Enjoy reading!

Read More

ZyXEL P-663H-51 ADSL2+ 4-port Bonding Gateway Review

ZyXEL's New P-663H-51 ADSL 2/2+ modem / router supports speeds of up to 48mbps downstream and 4mbps upstream, and includes four 10/100 Ethernet LAN ports. It also provides TR069 protocol for remote management, SPI firewall and DOS protection for security, and advanced QoS and multicasting features for triple play services.

Features at a Glance

• ADSL2/2+, Annex L and Annex M
• 2 ADSL2+ port bonding
• Stateful Packet Inspection
• Anti Denial-of-Service attack and port scanning
• IGMP proxy/snooping for IP multicast
• Port-based VLAN to support triple-play services

ZyXEL's P-663H-51 is an all-in-one ADSL2+ gateway for Home, SOHO and SMB applications. Featuring two ADSL2+ WAN ports and four 10/100Mbps Ethernet LAN ports, the P663H-51 provides SPI (Stateful Packet Inspection), anti-DOS (Denial of Service) and many Firewall security features to protect against network intrusion and attacks.

In addition, advanced features such as IP multicasting, IGMP proxy/snooping, fast leave and IP QoS fulfill the need of triple-play services, while the G.bond-based port bonding feature groups the 2 ADSL2+ physical ports into a logical link. The link not only provides VDSL-equivalent bandwidth with much longer loop length, its load-balance feature between the two ports also makes P-663H-51 the best choice for business and high-end market applications.

ZyXEL P-663H-51 Features

Higher-speed Broadband Access

The ZyXEL P-663H-51 has two ADSL2/2+ WAN ports. With the ATM-based multi-paired bonding feature, the two ports can be grouped into a logical link boasting the bandwidth twice as fast as a single ADSL2/2+ port, and the bit rates of each individual port can be freely and independently changed by their respective PHY layer. If one of the member ports fails, the conveyed traffic will be moved to the other port. When the failed port recovers, it will seamlessly return to the logical link and share the transmission/reception of the upper-layer traffic.

Compliant all standard ADSL2/ADSL2+ features

In addition to delivering increased data rates over greater distance than the basic ADSL2/ADSL2+, the P663H-51 also supports traditional ADSL2+ standards, such as Annex L, Annex M, DELT, SRA and dying gasp functions.

Robust, State-of-the-Art IP Security

The ZyXEL Prestige 663H-51 provides state-of-the-art standard Firewall features including, Stateful Packet Inspection, anti-DoS (Denial of Service) and IP/MAC address spoofing protection for basic defense against hackers, network intruders and other hazardous threats.

Sophisticated QoS for Triple-Play Services

The P-663H-51 comes with complete integrated ATM and Ethernet QoS mechanisms, as well as various IP QoS features (Packet classification/Rate Limitation/Queue Scheduling). The seamless QoS-mapping not only allows consistent and appropriate traffic treatment of packets, but also enables fulfillment of triple-play services. The IGMP proxy/snooping and fast leave (v1, v2) features also supports IP multicasting services.

ADSL Layer Features

• ADSL2/2+, Annex L and Annex M
• Support DELT (dual ended loop test)
• Seamless Rate adaptation (SRA)
• Dying Gasp

ATM Layer Features

• Multiple PVC support
• RFC1483/2684 multiple protocol over AAL5

RFC2516 PPPoE

• VC and LLC Multiplexing
• Traffic Shaping UBR, CBR, VBR-nrt
• OAM F4/F5 end-to-end loopback
• ATM-based Multi-Pair Bonding (G.998.1) support

Security Features

• Three level management login
• WAN & LAN Service access control
• Service access control based on source IP address
• Anti-Denial of Service, SYNC flooding, IP Smurfing, Ping of Death, Fraggle,Teardrop, LandAnti-port scanning

TCP/IP/port/Interface filtering rules, Protect against IP and MAC address spoofing

• Stateful Packet Inspection

Logging Features

• User selectable levels
• Local display and/or send to remote syslog server
• ADSL up/down, PPP up/down
• Intrusion alert
• Primary DNS server status monitor
• XML config file failures

Network Protocols

• IP routing

TCP, UDP, ICMP, ARP

• VPN (IPSec, PPTP, L2TP) pass-through *
• DHCP Server/Relay/Client
• RADIUS client
• DNS rely/proxy
• Dynamic DNS
• RIP/RIP v2 routing functions
• NAT/PAT/NAPT
• IGMP Proxy/snooping and fast leave (v1, v2 and v3)
• IP QoS
• UPnP IGD 1.0

Ethernet L2 Features

• Default Bridging for user traffic
• ARP
• 802.1Q Tag-Based VLAN
• 802.1P CoS with priority queuing

Hardware Specifications

• Power input & Power consumption

12VDC (1.5A), 15 watt

• Power Adaptor Input 100~ 240VAC, 0.5A, 50~60Hz, 40~60VA, Output 12VDC, 1.5A, 18W
• LAN 4-Port RJ-45 connectors for 10/100Mbps with Auto MDI/MDIX. Support both Half and Full Duplex
• ADSL one RJ-11 connector for 2 ADSL2+ ports

Physical Specifications

• Dimension

205(W)x 145(D)x 32(H)mm

Environmental Specification

• Temperature Operating 0 ~ 40, Storage -30 ~ 60
• Humidity Operating 20 ~ 85% (non-condensing), Storage 10 ~ 95% (non-condensing)

Certification

• RoHS & WEEE
• Safety

- UL1950 - CSA C22.2 No. 950

• EMC - FCC Part 15 & Part 68Class B

The ZyXEL P-663H-51 ADSL2+ 4-port Bonding Gateway review can be read on this forum.

Read More

How-To Configure WISP on TP-Link MR3040

TP-Link is gaining its name as it has more and more likes this device because of low end price equipment likewise it has a good performance when it comes to wireless router this is because of the popular Atheros SoC chips that they are embedding to appliances. One of my favorite TP-Link product is TL-MT3040 its a portable 3G/4G wireless router equip with battery that is good when traveling to get hook your smartphone to the internet.

One of this feature that I like most is the WISP it stand for wireless internet service provider, in short the TL-MR3040 can act as WISP Client Router: In this mode, the device enables multiusers to share Internet from WISP. The LAN port devices share the same IP from WISP through Wireless port. While connecting to WISP, the Wireless port works as a WAN port at WISP Client Router mode. The ethernet port acts as a LAN port.

To begin with I am using an Aztech DSL605EW modem router built-in with WAP (wireless access point) aka WiFi this will act as my  WISP server, the configuration on this device is in Bridge Mode and WLAN also is able because my medium to hook to my TL-MR3040 is via wireless not wired.

Now, lets login to the TP-Link TL-MR3040 to get the quick setup, this is just a straight forward configuration like setting up your ordinary wireless router.

The quick setup will tell you how to configure the basic network parameters. Just follow the screenshot its simple, to continue, please click the Next button. To exit, please click the Exit button.

Then, will select from the option the WISP Client Router: In this mode, the device enables multiusers to share Internet from WISP. The LAN port devices share the same IP from WISP through Wireless port. While connecting to WISP, the Wireless port works as a WAN port at WISP Client Router mode. The ethernet port acts as a LAN port.

Note:

• Some configurations, such as access point's SSID, BSSID, encryption's info, will lose after changing operation mode.
• Some web pages will display abnormally before rebooting the device.

Next is the WAN Connection

• PPPoE - If you have applied ADSL to realize Dial-up service, you should choose this type. Under this condition, you should fill in both the User Name and Password that the ISP supplied.

This goes your account given to by your ISP, your username and password input then click Next.

On this part instead the TL-Link TL-MR3040 hook to cable/LAN now our medium is wireless we will use the WiFi as our medium to connect to the ISP. Click the Survey button then select your WISP server the Aztech DSL605EW.

The MR3040 wireless router has just finish the setup and will now ask you to reboot.

After rebooting, login to TL-MR3040 verify that the status of your wireless connection is on Client and the state is on Run, this means that you are already connected to the WISP server.

If your ISP account is valid or you didn't type any error both the username and the password you may be able to connect to your ISP network. Finally, its now successful as you can see from the screenshot above. There only a few routers that supports the WISP protocol namely TL-Link, Tenda, MikroTik and the third party firmware such Openwrt and DD-Wrt. If you know other routers that support the WISP please don't hesitate let me know leave message on my comment. Enjoy!

Read More

myBRO DV235T at P1 WiMAX Malaysia

An old friend of mine from menanjung came along bringing his P1 WiMAX wireless broadband with him seem to be who can live with out the internet connection. I said to him that have like that but different model that I use for surfing in my country. Good thing is that he lent me his WiMAX CPE for a while and ask him if its possible to try my abandoned myBRO DV235T that is also made by Packet One Malaysia only assembled in China. hehehe :)

Fast forwarding after a few tweaks, here's what I got it peaks up the frequency and suddenly get hook to the BTS. Yes it did connect and able to surf with my friend account, this is only want to prove that they really belongs to same clan.

As you can see from the screenshot, well done. Its myBRO DV235T WiMAX CPE from Smart Telecommunication from the Philippines good to know it did get work.

Now the WAN IP address of P1 WiMAX network, likewise the DNS. Below is the P1 WiMAX Welcome page, IP address is just the same as in the myBRO DV235T graphical user interface.

Yay! Ready to surf, can not wait to check the speedtest ? FYI, Packet One 4G WiMAX has two package the Prepaid and the Postpaid. Unlike Globe and Smart WiMAX in the Philippines they are strickly to postpaid only. Fair Usage Policy also applies to P1 you will have your qouta per month.

Fortunately I manage to surf the net comfortably this only means that my friend account still have a lot more balance remaining. Enjoy reading...

Read More

P1 WiMAX Dynamic Public IP Address

Packet One Networks (P1) is a Malaysian converged telecommunications, broadband and 4G service provider. The company was founded in 2002 and is a subsidiary of Green Packet Berhad. In March 2007, P1 was one of four companies awarded 2.3 GHz spectrum licenses by the Malaysian Government to deploy 4G WiMAX services throughout Malaysia. In August 2008, P1 became the first company to launch commercial WiMAX services in Malaysia.

P1 is unwired majority of home base subscribers are equip with the wireless modem aka the CPE, unlike Streamyx and Unifi they use POTS/PTSN likewise the PON its a passive optical network.

As you can see on this graphical user interface of the P1 WiMAX wireless modem, it is possible for those who are eager to hook they web server, ftp, ssh and other stuff to cater to the public with the help of Dynamic DNS. Even though you are at the last mile, where in 2copper wire can not reach such such POTS or PTSN for the DSL broadband.

Read More

Goodbye! TM Streamyx Public IP Address

During the old days I was enjoying with my TM Streamyx internet, though it was the cheapest package I have availed it means a lot to me. Speaking of the lowest plan rate that I only spent 60RM per month with my "Naked DSL" offered by Telekom Malaysia Berhad to a subscriber like me that used less bandwidth 384Kbps is just enough to cater my public web server, ftp, ssh and other stuff. As a loyal customer to my ISP they upgrade to 512Kbps after four (4) years, yes its more than eight (8) years to date yet I am still sticking to my copper trunk line connection.

Since last year my Streamyx account has no longer on its own dynamic Public IP address as it is very useful for me with the help of free and paid Dynamic DNS that have been offered by most registrar for a fraction of dollars. To further my suspicious if my Streamyx is waving to Unifi I did this test verifying that I guest its because of my DSL modem only.

This is my Aztech DSL605EW DSL modem been serving 24/7/360 without any issue all day night up and running. As you can see its PPPoE but my IP address is NATted to private IP address which is useless to serve my needs because I am already behind NAT. Web server, ftp, ssh and other stuff like CCTV is no longer possible to be in public.

Keep trying! Same story with my new TP-Link WR740N the cheapest wireless router that can do more with OpenWrt firmware, but still gives  me a private IP address.

This is Aztech DSL5018EN1T1R DSL modem wireless router, same result that gives me another private IP address behind NAT.

This is Innacomm W3400V DSL modem wireless router a sub-con of Telekom Malaysia, still no luck to have a public dynamic IP address.

My last test is ZyXELL P-600 series rebrand to TM6841G, this is also a DSL modem wireless router unfortunately all of the above device I have tested does not give a public dynamic IP address as I do have during the old days. Its more like decent to be hook to P1 WiMAX though it is unwired by using their wireless modem, their CPEs are capable of giving a good dynamic public address. I guest its time to upgrade to TMnet or Unifi, I am thinking of Maxis Fiber. Telekom Malaysia ISP is saving more chunk of their dynamic public address by doing this strategy, this is how they can maximized they resources as IPv4 is going to end soon because of more and more going to be a Netizen.

Read More

How-To TP-Link WR740N OpenWrt Separate VLANs

A Virtual LAN, or vlan for short, allows partitioning the network in a set of virtual networks, mutually isolated.

The TP-Link TL-WR740N contains four (4) LAN ports, all belonging to the same network. With VLANs, it is possible to configure those LAN ports in different manner, so that the device does not behave anymore as a switch on the 4 ports. For example, it would be possible to setup the two leftmost ports on a virtual LAN: devices connected into these ports would see each other, but would have no routing to devices plugged into the rightmost ports.

Full information on VLANs in OpenWrt can be found in the network interfaces document. This page includes information specific to the TL-WR740N router, configured with OpenWrt (Attitude Adjustment 12.09 release).

The default /etc/config/network configuration looks like:

root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'

config interface 'lan'
option ifname 'eth0'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'

config interface 'wan'
option ifname 'eth1'
option proto 'dhcp'

config switch
option name 'eth0'
option reset '1'
option enable_vlan '1'

config switch_vlan
option device 'eth0'
option vlan '1'
option ports '0 1 2 3 4'
option vid '1'

So there is a switch identified as eth0. To get info on this switch:

swconfig dev switch0 help

Which outputs:

switch0: eth1(AR934X built-in switch), ports: 5 (cpu @ 0), vlans: 16

--switch

Attribute 1 (int): enable_vlan (Enable VLAN mode)

Attribute 2 (none): apply (Activate changes in the hardware)

Attribute 3 (none): reset (Reset the switch)

--vlan

Attribute 1 (int): vid (VLAN ID)

Attribute 2 (ports): ports (VLAN port mapping)

--port

Attribute 1 (int): pvid (Primary VLAN ID)

Attribute 2 (string): link (Get port link information)

So this device supports 16 vlans, and the port 0 is the CPU port; ports 1,2,3,4 are associated to the 4 LAN connections on the back of the router.

To get the exact matching between ports and the labelling on the router, enter now:

swconfig dev switch0 show

And play with connecting cables to the LAN connections. For this router, I got the following allocation:

Port 0: CPU

Port 1: LAN 4

Port 2: LAN 1

Port 3: LAN 2

Port 4: LAN 3

With the existing configuration, there is a single virtual lan, with identity 0, identified as eth1.0 (or directly eth1).

To configure two virtual lans, one associated to the left ports (LAN 1, LAN 2 / ports 2 and 3), and other associated to the right ports (LAN 3, LAN 4 / ports 1 and 4), we use the following configuration:

config interface 'loopback'

option ifname 'lo'

option proto 'static'

option ipaddr '127.0.0.1'

option netmask '255.0.0.0'

config interface 'lan'

option ifname 'eth0.1'

option type 'bridge'

option proto 'static'

option ipaddr '192.168.1.1'

option netmask '255.255.255.0'

config interface 'landenver'

option ifname 'eth0.2'

option type 'bridge'

option proto 'static'

option ipaddr '192.168.2.1'

option netmask '255.255.255.0'

config interface 'wan'

option ifname 'eth1'

option proto 'dhcp'

config switch

option name 'eth0'

option reset '1'

option enable_vlan '1'

config switch_vlan 'eth0_1'

option device 'eth0'

option vlan '1'

option vid '1'

option ports '2 3 0t'

config switch_vlan 'eth0_2'

option device 'eth0'

option vlan '2'

option vid '2'

option ports '1 4 0t'

This creates an interface called lan associated to the first vlan (eth1.1), that is, to the ports labelled in the router as LAN 1, LAN2; it also creates the interface landenver associated to the second vlan (eth1.2), on the remaining router ports. Note that each interface uses a different set of LAN ports (2,3 vs 1,4) and both obviously communicate with the CPU (port 0). As both access the port 0, this is tagged (0t). Detailed information on this logic is included in the switch documentation on the OpenWRT wiki page.

With this configuration, entering now (after restarting the network with /etc/init.d/network restart:

swconfig dev switch0 show

Will output:

root@OpenWrt:/# swconfig dev switch0 show

Global attributes:

enable_vlan: 1

Port 0:

pvid: 0

link: port:0 link:up speed:1000baseT full-duplex txflow rxflow

Port 1:

pvid: 2

link: port:1 link:down

Port 2:

pvid: 1

link: port:2 link:down

Port 3:

pvid: 1

link: port:3 link:up speed:100baseT full-duplex auto

Port 4:

pvid: 2

link: port:4 link:down

VLAN 0:

vid: 0

ports: 0t

VLAN 1:

vid: 1

ports: 0t 2 3

VLAN 2:

vid: 2

ports: 0t 1 4

For this to fully work, we need to provide additional firewall rules, and setup dhcp for the new interface (landenver): enter in /etc/config/firewall the following new lines:

config zone

option name landenver

option network 'landenver'

option input ACCEPT

option output ACCEPT

option forward REJECT

and, in /etc/config/dhcp add now:

config dhcp landenver

option interface landenver

option start 200

option limit 250

option leasetime 12h

Time now to restart the network, and enjoy the different virtual lans:

/etc/init.d/network restart

Read More

How-To TP-LINK WR740N Openwrt MultiWAN

Just wanted to share my TP-Link WR740N ver4.27 wireless router flashed with Openwrt firmware "Attitude Adjustment 12.0" loaded with MultiWAN. These are five (5) ADSL trunk that I wanted to do with load balancing likewise as failover. My equipment compose of one (1) TP-Link WR740N wireless router use as the core, one Azetech ADSL modem with four(4) port LAN, one (1)port RJ11 built-in with wireless Access Point were I used as WISP server. Also I have four(4) TP-Link ADSL modem TD-8816 were I used as routed device for eWAN1-4.

As you can see the above network diagram how I wired all the device to make it work properly, I have five(5) xDSL line hooked to each of the TP-Link TD-8816 then to WR740N wireless router four(4) LAN port but converted it as eWAN port via Free Switch of Openwrt plugins. Now my WR740N flashed with OpenWrt firmware will serve as load balancer and failover appliances.

So, here's my setup of TP-Link WR740N flashed with OpenWrt Attitude Adjustment 12.09 as Load Balancer and Failover. First what I did is configure the VLAN Switch.

By default after the TP-Link WR740N flashed with OpenWrt firmware this is how it looks like, then proceed to configure the VLAN Switch make at least four VLANs.

After successfully able to configure the VLANs Switch, then proceed to setup for the eWANs.

The above screenshot having five(5) xDSL trunk, four(4) lines are via TP-Link TD-8816, then the other line is via WISP server, my Azetech modem router that has built-in Access Point aka WiFi I made it in Bridge Mode then also serve as PPPoE server. Then configure the TP-Link WR740N WLAN or radio0 as client mode and connect to the WISP server that is why I have able to made it work as five xDSL trunk. Forget to mention that I revert that eth0 by default is for LAN convert it to WAN then likewise the eth1 by default is for WAN convert it to LAN.

The last but not the least, please don't forget the firewall setting because fail to do this things your internet will not work inshort you will not be able to browse any of your favorite website. This part here is a must, you can just follow my screenshot and edit the setting if how many trunks you have with you.

Finally the MultiWAN Openwrt plugins will just turn into green as above sample you, your TP-Link WR740N now doing the job as Load Balancer and Failover, just like those expensive Cisco equipment, D-Link not to mention others... enjoy!

Read More