Hi,
What I have done so far is made a bridge with vlan 11 and 12 inside it the two vlans are on interface 2 which goes out to a switch. The sunbet 172.16.88.1/24 is set up with dhcp on the bridge. What I find is that when I plug in my device it gets the ip on vlan 11 but will not get internet access until I disable vlan 12 inside the bridge then the pings will start to go out to google.com. When I enable the vlan 12 interface again the device still pings to the internet for about 4-5 minutes than stops again.
I have looked at the horizon option which will isolate the ports and fixes the problem but for what I am trying our customers are going to be on the different vlans and we are just trying to see if there is a way that they can still communicate to eachothers IP address.
So basically we want
client1 → vlan11 → bridge → vlan12 → client2
and viceversa so they can access eachother if need be. Is something like that feasible?
any help would be much appreciated!
where is your gateway to internet? - Another port in the same bridge? If you use horizon you cant have just two ports. The “main” port should be without - and you isolate the other by using horizion. To have just two vlan bridget together - and put horizion - would be the same as not putting the vlan to bridge at all.
1 remove horizion
Do you use rstp? - Try to dissable it.
Hi Samsung172,
I have tried disabling it and it didn’t change the outcome, I disabled it on the switch and the bridge itself. The way we do this is we route a block of IP addresses to the CCR and put the first IP on the bridge to be the gateway then the vlans in the bridge would be handing out one public IP each customer (the dhcp server is put on the bridge), so there is no main/gateway port needed in the bridge.
When horizon is set so both vlans can’t talk to eachother it works fine other than now the person on vlan 4 lets say can’t ping/talk to the public ip for the client on vlan 5.
When I try to reproduce this on the bench I do see the problem as well as on the switch I see myself in the mac table as vlan 4 and 5 even though I am tagged on vlan 4.
The set up is
please don’t mind my poor paint skills
Let me know if there is any other questions about the setup.