Upgrade SG-1000 to SG-1100 with VLANs
I am running into issues getting my new SG-1100 to run using a config restored from an existing SG-1000 that has two VLANs defined (20, 30) under the LAN interface cpsw1. I tried to edit the backup XML port names (per the reload docs when VLANs are in use) to change all "cpsw0" to "mvneta0.4090" for the WAN, and "cpsw1" to "mvneta0.4091" so that it hopefully would keep the config entries for VLANs 20 and 30 (on cpsw1 in the SG-1000). After successful config load of the edited backup file. the restore process just declared success (it didn't offer up the interface assignment screen). But on reboot the LAN interface was inoperable. So I got on the console and went through the manual interface definition and IP assignment stuff for WAN, LAN and OPT, and now the LAN interface (port mvneta0.4091) does DHCP correctly and web config is working again. I can see all the aliases etc from the restore, so that's good. But I can't figure out how to add my old VLANs 20 and 30 as members of the mvneta.4091 vlan in the SG-1100 switch config.
The manual section Switch VLAN Configuration doesn't have any info specific to how to configure the switch in the SG-1100. Is there doc someplace that describes how to define new VLANs as members of mvneta.4091 on the SG-1100?
Currently I'm fumbling around in the Switch VLAN config in the web configurator, but keep getting errors every time I try to save 20 and 30 as new members of mvneta0.4091. Haven't found the correct way to do this yet.
I'm hoping that once I can get these set up, that the rules for them (that should have come from the restore) will be visible in web config again and I won't have to enter them.
Thanks in advance for any help/info with how to get these VLANs defined...
Found this, am gonna work through it:
[https://forum.netgate.com/topic/139859/sg-1100-running-real-vlans/19](SG-1100 Vlan discussion)
Also found this in another post from [https://forum.netgate.com/user/jimp](link url), wish I'd seen this first. It's correct steps to edit the backup file from the SG-1000 before doing the restore to the SG-1100
- Make a backup from the 1100 and your old device (SG-1000 in this case)
- Copy the switch config and VLAN config from the 1100 config to your old device config backup
- Optionally edit the interface names in the old device config to what you want them to be now
- Restore the config
This should be added to the restore doc that talks about having to edit the config files when VLANs are present. It should also cover cases like this where restore file must contain correct switch config for the target box. Or much fancier (and much more work) enhance the restore to handle these types of mismatches without requiring manual editing...
Getting closer :-)
Got this to work successfully, Figured I'd post a rough description of what I did, in case it's of use to anyone else. Here are my recap notes.
SG-1000 to SG-1100 with two custom VLANs
SG-1000 config in my case had two additional vlan interfaces:
- 20 - VL20_IOT
- 30 - VL30_GUEST
SG-1000 has two network ports; cpsw0 (WAN) and cpsw1 (LAN), with no opt1.
SG-1100 has one network port - mvneta0 which designates the internal switch hardware. SG-11000 implements its three connectors as three switch ports so has a switch config that SG-1000 does not. A VLAN definition is used on each port to keep the traffic separate and match it up with the correct interface:
SG-1100 switch ports are below, with the VLAN id to each:
- port 3 - WAN VLAN 4090
- port 2 - LAN VLAN 4091
- port 1 - OPT1 VLAN 4092 (unused in my install)
Note that interface elements are labelled in the backup XML as wan, lan, opt1, opt2, opt3, etc. Since SG-1000 has no opt1 hardware port and SG-1100 does, this caused mismatches with custom VLANs which have to be resolved to get rules and other references to these interfaces correct
- 20 - VL20_IOT (was opt1 on SG-1000, now opt2 on sg-1100)
- 30 - VL30_GUEST (was opt2 on SG-1000, now opt3 on sg-1100)
To get the VLAN-specific rules to load with updated interfaces, editing XML in backup file is required.
Did these rough steps:
- Took backup on SG-1000
- On SG-1100, defined VLAN 20 and 30 in switch config, associated with switch port 2 (tagged)
- on SG-1100, defined interfaces VL20_IOT and VL30_GUEST on mvneta0, changed LAN interface to desired IP
- Took backup of SG-1100
- Moved switch XML over, replaced interfaces XML with SG-1100 entries
- Edited all rules referring to opt1 and opt2 interfaces in edited backup
opt2 -> opt3
opt1 -> opt2
- Edited other entries referencing these interfaces by their internal opt<n> IDs
- Backup contained RRD data, so edited file names accordingly
opt2 -> opt3
opt1 -> opt2
- Restored edited file on SG-1100
Be careful about just doing a search-and-replace without reviewing each change, as it is easy to mess this up.
Once all this was done, all VL20_IOT and VL30_GUEST rules restored correctly. SG-1100 rebooted and operated with the correct rules for all interfaces including the two custom VLANs.
If anyone could use more details on this, I can post example XML etc.
I wish I'd read this this morning before going on site with a virgin SG-1100. My VLANS are even 20, 30, and 31 :-)
Thanks for taking the time.