Community discussions

 
EanDem
just joined
Topic Author
Posts: 8
Joined: Sat Dec 22, 2018 9:54 pm

Traffic routing between isolated bridges/subnets

Wed Jun 05, 2019 7:35 pm

Hi all,

I have main bridge with subnet A and 3 additional bridges with dedicated subnets - B-C-D. From main subnet i can reach any IP in other subnets with FW rule added allow traffic - seems routing here works fine. Without FW rule it does not working. Issue i have - i am unable reach any IP from subnets B-C-D with same FW rule in place. I am using default config for RB3011UiAS.

What is concept to have routing between isolated subnets? Routing? Advanced FW rules?
 
User avatar
JohnTRIVOLTA
Member Candidate
Member Candidate
Posts: 180
Joined: Sun Dec 25, 2016 2:05 pm
Location: BG/Sofia

Re: Traffic routing between isolated bridges/subnets

Wed Jun 05, 2019 7:45 pm

Check Interface List ... add other bridges in list LAN ?!
 
mkx
Forum Guru
Forum Guru
Posts: 2468
Joined: Thu Mar 03, 2016 10:23 pm

Re: Traffic routing between isolated bridges/subnets

Wed Jun 05, 2019 10:20 pm

What is concept to have routing between isolated subnets? Routing? Advanced FW rules?
The concept is that RB (and most of other routers as well) basically does two distinct tasks:
  1. forwarding packets between its L3 interfaces (i.e. the ones with IP address configured)
  2. preventing packets from passing between its L3 interfaces
Task #1 is executed by routing engine and task #2 is executed by firewall. Some configuration in firewall might seem to affect routing, but it's not. Even NAT doesn't affect routing, just changes either address ... but routing stll does its job (on the changed packet).
BR,
Metod
 
anav
Forum Guru
Forum Guru
Posts: 2835
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: Traffic routing between isolated bridges/subnets

Thu Jun 06, 2019 3:33 pm

Without seeing your config I am loathe to play guessing games.
If subnets are on different bridges then they should be blocked at L2 and firewall rules should dictate access between them.
So it should work.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)

Who is online

Users browsing this forum: Google [Bot] and 39 guests