I am building a network that currently has two remote sites and one main tower site where my fiber comes in and I am co-located. The remote sites will house access points for customer access.
I’m trying to develop a plan to segment the customer traffic as to protect my management network.
I have RB1200’s at each of the three locations. Currently all of this is setup in a test lab environment and working.
Configuration is as follows:
ETHER1 on each RB1200 is set as follows:
Tower: 172.30.0.1/22
Site A: 172.30.4.1/22
Site B: 172.30.8.1/22
Backhauls configured as follows:
Tower to Site A: ETHER2 10.10.0.1/29
Radios at 10.10.0.2 and 10.10.0.3
Site A: ETHER2 10.10.0.6/29
Tower to Site B: ETHER3 10.10.0.8/29
Radios at 10.10.0.9 and 10.10.0.10
Site B: ETHER2 10.10.0.14/29
OSPF is running on the backhaul links and broadcasting the 172.30.x.x/22, OSPF Loopback and 10.10.x.x/29 networks.
A gigabit switch is connected to ETHER1 at Site A and Site B. Off the switch I have multiple Ubiquiti Rockets with sectors.
The IP addresses for these AP's fall inside of the local 172.30.x.x/22 subnet.
-
Is it possible to assign ETHER1 a second IP address in a different subnet and then setup a DHCP server that hands out addresses?
-
Would it make sense to setup a VLAN on ETHER1?
-
Other ideas?