I have two switches serving multiple sites that I want to aggregate together on a single router, and have all of those sites (and their associated vlans) share IP addresses (mostly because I am nearly out of IP addresses). I have a bonded interface from a Netonix switch going into four ports on the router, and a 10G interface coming from a MS510TXPP switch going to the router as well. Multiple VLANs traverse over those network ports. For example, VLAN 11, 21, 31, 41, 51 can all go over both the bonded interface or the 10G interface depending on what state the MSTP ring is in that I have setup. My idea is the following...
1) create a bridge and add the bonded ports as well as the 10G port to that bridge. Lets call this bridge1 (interface bridge add name=bridge1) (interface bridge port add interface=bonded/10G bridge=bridge1)
2) create the necessary vlans on the newly created bridge, (interface vlan add name=11(21,31,etc) vlan-id=11(21,31,etc) interface=bridge1)
3) create a new bridge (interface bridge add name=vlan_bridge)
4) add vlans as ports on new bridge (interface bridge port add interface=11(21,31,etc) horizon=1 interface=vlan_bridge
5) ip address add address=x.x.x.x/x interace=vlan_bridge
My question is...is there an easier or more efficient way to do this? I am trying to make it so all VLANs share the IP subnets I have available, but at the same time I need to be able to limit their ability to talk to each other. I have this same setup working well with only the bonded interface (no second switch). I now need to add a second switch with a 10G interface to the mix, and want to know if this is going to cause problems. I have tried in a test environment, but without adding heavy traffic, I'm not sure if there might be unintended consequences.