I have a very simple setup, yet, I cannot figure out the correct settings.
Setup:
CCR1009, which has ports ether0 (defaulted for configuration), ether1,…ether7
Bridge-Trunk with two ports added to it - ether2 and ether3
ether2 is conneced to ISP, ether3 - to a ESXi vSwitch; the bridge is used to relay two VLANs (982 and 2208) from the ISP to the vSwitch (this works fine).
The 982 VLAN has IPs in the 192.168.2.0/24 network.
Goal: I want to extend the .2.0 network, by routing between the 982 VLAN and another port, ether5, which is connected to the 192.168.10.0/24 network.
I can’t find a way to configure the router! Thanks in advance for any help…
Should be simple, add a vlan interface to ether5 and call it it vlan982-ether5 with VLAN ID 982, assign the vlan an IP from the correct range, and it should be routable between these
But why not adding ether5 to the bridge and config vlan on bridge?
From what I understand, you suggest that I put the ether5 port in the 982 VLAN, either by adding the port to the Bridge-trunk (which won’t work on its own, as the ether5 port needs to have untagged/access status), or by assigning a VLAN interface to the port, with ID 982. With both of these suggestions, however, I end up having two different networks (192.168.2.0 and 192.168.10.0) in the 982 VLAN; how do I route between the two networks after I set it up like that? It’s essentially a switched layer 2 environment, and I need routing (layer 3)…?
If you add ether5 to Bridge-Trunk and configure the VLAN’s on the bridge, you can specify ether 2& 3 as tagged for relevant vlans, and ether5 as untagged for vlan 982.
But I think we should start with a diagram / explanation of what you ant to achieve in order to advise correct way to go.
I was already able to add a port to the 982 VLAN in access mode, by setting a VLAN interface, and a second bridge, with another port. The problem is that ether5 is connected to a second router, in the 192.168.10.0 network, and the 982 VLAN has another network in it - 192.168.2.0. So, I added another port in access mode in the 192.168.2.0, but then couldn’t find a way to route between the two networks.
I’ll draw up a diagram and post it later today. Thank you for all your help!
Here is the network topology. I have included other parts of the network for clarity, the problem is only concerning the CCR1009: The 192.168.10.5 workstation needs a route to the 192.168.0.111 server. Everything else works fine.
Add ether5 on CCR to bridge and configure it as an untagged / access port for vlan 982
Add IP from vlan 982 to the port on Asus router connected to ether5 on CCR
On Asus router, add a route to 192.168.0.0/24 via gateway 192.168.2.1
On Debian router, add route to 192.168.10.0/24 via vlan 982 IP assigned to port connected to CCR ether5 on Asus router
I tried doing it this way, but the Asus cannot handle two networks on the LAN ports (it’s a switch in terms of these ports) - It’s a “home” router, and you can only set IPs for the WAN port and DHCP network scope for the LAN ports - so I can only use them with the 192.168.10.0 network. The only option I am left with, is to use an IP from the 192.168.10.0 network at the ether5 port of the CCR, and route between that port and the bridge with the 982 VLAN,…somehow. Do you have any suggestions / guidelines how I could do that?
I could (on Monday), however you can assume it’s just the bridge with the two ports, eth2 and eth3 enslaved, in trunk mode. I have not set IPs, or routing rules, as nothing works, and always reverted to default (blank) configuration.
If I understand you correctly, the CCR is currently only a Layer 2 switch, my thinking is to change this to a layer 3 switch, then we can route between the 192.168.2.0 & 192.168.10.0 subnets via the CCR.
So need to see current config to propose suggested changes
