Page 1 of 1

Correct way to set up VLANs

Posted: Wed Jun 08, 2016 5:25 pm
by KennyPowers
When using the switch chip and CPU for VLANs should the VLANs be set up on the main bridge-local or the Master interface.

I have them set up on the Master interface Ether-2 but I do't get an address from the DHCP server (Each VLAN has its won DHCP) but when I move them to bridge-local everything seems to work correctly.

Re: Correct way to set up VLANs

Posted: Wed Jun 08, 2016 9:04 pm
by k6ccc
How you setup VLANs depends entirely on what you are trying to accomplish, and what hardware is involved. Let me give my specific example. I have two RB750s that are both connected to a single HP 2610-48 managed switch. All 5 ports of each router are in use and are connected to the switch (router #1 connects to switch ports 1, 3, 5, 7, & 9, and switch #2 connects to switch ports 11, 13, 15, 17, & 19). The switch currently has 9 different VLANs in use. Router #2 has an internet port, and 4 separate LANs (using all 5 ports), but router #1 has an internet port and 5 separate LANs (requiring one more port than it has). I am using two VLANs on an 802.11q trunk between router #1 and the HP switch (because of the need for one more LAN than the router has available). I am not using any bridges. And yes, I could have put all the LANs (and even the internet port) all on the same physical port of the routers and used a bunch of VLANs on a single 802.11q trunk between each router and the HP switch. However I'm not short on ports on the switch, and I like to be able to see the blinking lights when troubleshooting! Remember that if you are using VLANs in the router, you need to have something at the other end of the 802.11q trunk that can split the trunk back out to the individual LANs (either another router, a managed switch, or in some cases a NIC in a computer can handle multiple VLANs on an 802.11q trunk).

Now for the DHCP part. Router #1 has 4 address pools and 4 DHCP servers. Each server uses the interface for that particular LAN - whether it's a VLAN or a physical interface. Similarly Router #2 has 2 address pools and 2 DHCP servers - each using the physical interface for that particular LAN.

Make sense?

Re: Correct way to set up VLANs

Posted: Fri Jun 10, 2016 1:19 am
by thenoob
you have to understand that the switch chip(vlan) is separated from the main CPU (bridge)

if you look at the diagram you will learn that if you want to exchange layer2(pc to pc on same switch chip) only you need to add each port in the vlan but if you want to go layer 3 you need to add the switch_cpu to the vlan and also add the master interface to the bridge interface. and add an ip to that interface

if you want to go from one switch chip to the other you need to add both master interface to a bridge interface.

you basically have both the switch perspective and the router perspective and need to address both as separate even though its in the same chassis/hardware.

on the wiki you can find which switch chip you have based on the RB hardware you have.

Re: Correct way to set up VLANs

Posted: Fri Jun 10, 2016 8:42 am
by KennyPowers
Where I was getting stuck was the 2 seperate switch chips you need to add your VLANs to both master ports and also bridge both sets of VLANs together for the whole switch to work along with bridging ether2 and ether6.

Alternatively you could add all VLANs to interface bridge-local where ether2&ether6 are bridged and the whole switch will work.

So which method is the most efficient, best practice way of doing this?

Thanks for the help guys.