Posted: Tue Feb 22, 2022 12:33 Post subject: How to configure VLANs between LANs
Hi there,
I'm new to VLANs and I want to use it with my Netgear R7800.
This is my setup:
* R7800
* WAN: my ISP Modem
* LAN port 1: Home network
* LAN port 4: IoT Network (every smart appliance is connected here).
* 3 Bridge:
** BR0: F
** BR1: Assigned to 2 Virtaul Access Point and to port 4
** BR2: Assigned to a Virtual Access Point for Guests
Currently I installed a new AP (Unifi AP AC Pro) on the attic. The attic is reached by a ethernet cable connected to the LAN Port 1 (home network) through a switch to my R7800.
Since I need the IoT network also on the attic my question is: is it possbile, through VLAN, provide the IoT network to my Unifi AP AC Pro?
I read that also Unifi AP AC Pro can be configure to create an Virtual AP using VLANs.
Thanks for the reply.
I have alreay 3 VLAN, I'm tring to understand how to do that:
On the Port 1 (connected to VLAN1) connect a PC that must be on VLAN2. This because I have only one cable that goes to the room where the new PC is place.
yes, you can run multiple VLANs on the same cable. It's only a matter of defining what's the native VLAN and what other tagged VLAN's are allowed on the same port. _________________ Linksys: Several WRTxx00AC variations | Netgear: 4x WNDR4500v2, 7x WNDR4300, R6400v1 | Asus: 2x RT-AC66U | Gl.inet: 3x GL-AR150
Joined: 15 Aug 2016 Posts: 223 Location: Melbourne, Australia
Posted: Sat Feb 26, 2022 21:18 Post subject:
Per Yngve Berg wrote:
You cannot use VLAN2, because that's the WAN.
Is the switch of type Managed/Smart switch that can handle VLAN?
Further to what Per Yngve Berg mentioned above; and other posters wrote earlier, here is some clarification:
First, it's best not to use numbers from 1 to 9 for creating your own VLANS. This is to avoid potential clashes with any default (i.e. inbuilt) VLANS that were pre-assigned with one of these numbers. It's a good practice to use a VLAN number starting from 10 and upwards. For this very reason, VLAN10 below refers to your created VLAN1, and VLAN20 refers to VLAN2).
Now with that out of the way.
For your port 1 (on the router) to carry traffic for both VLAN10 and VLAN20, port 1 needs to be configured as TRUNK, or Tagged port. The Ethernet cable connected to it becomes a TRUNK link.
The other end of that link should be connected to another TRUNK port on, say, a smart 4-port switch (i.e. one that is VLAN capable). Assign VLAN10 and VLAN20 to specific ports on the switch as needed.
Then connect each device to either VLAN10 or VLAN20 port as required.
The above post, in general, is how to extend multiple VLANS, by wire, from a port on the router to another location.
So, the answer to your question is a cable, alone by itself, can not switch traffic from one to another VLAN without the tagging functions at layer 2 at both ends of the cable. A cable is simply a dumb conduit. _________________ Life is a journey; travel alone makes it less enjoyable and lonely.
thank you for the detailed replies. I'm realative new to VLANs so I need a little help.
I'm using two "NETGEAR Switch Ethernet Plus 8 porte GS108E" and in my mind I think that the "connection" between the VLANx inside the dumb cable to the specific device is made by the Managed Switch.
Am I right?
In my scenario, this is what I should do:
* Define a VLAN40 (VLAN connected to port 4)
* This VLAN should be transported by the cable connected to port1.
* The managed switch connect the VLAN40 to my UnifiAP.
Joined: 15 Aug 2016 Posts: 223 Location: Melbourne, Australia
Posted: Thu Mar 03, 2022 21:26 Post subject:
Fedex03 wrote:
I'm using two "NETGEAR Switch Ethernet Plus 8 porte GS108E" and in my mind I think that the "connection" between the VLANx inside the dumb cable to the specific device is made by the Managed Switch.
Exactly. The cable (like a road allowing cars to travel on it) simply carries traffic from one end to the other. It does not distinguish traffic intended for one VLAN from another. But a VLAN-capable switch adds/strips the VLAN tag then sends the traffic, down the cable, to the correct destination.
To complete the picture, the R7800 router has an inbuilt switch chipset that controls its LAN ports and as such it can also act like a switch.
Quote:
In my scenario, this is what I should do:
* Define a VLAN40 (VLAN connected to port 4)
* This VLAN should be transported by the cable connected to port1.
* The managed switch connect the VLAN40 to my UnifiAP.
This is correct?
I'd suggest a read of the linked post below, you will get more detailed examples of setting up VLANS for your Netgear R7800.
VLANS settings is specific for each router because each inbuilt switch chipset is internally wired differently from one router to the next. Keep that in mind. It's one of the most confusing areas of networking in my own experience. But I am sure you can master it, once you got the fundamentals right.
I'm using two "NETGEAR Switch Ethernet Plus 8 porte GS108E" and in my mind I think that the "connection" between the VLANx inside the dumb cable to the specific device is made by the Managed Switch.
Exactly. The cable (like a road allowing cars to travel on it) simply carries traffic from one end to the other. It does not distinguish traffic intended for one VLAN from another. But a VLAN-capable switch adds/strips the VLAN tag then sends the traffic, down the cable, to the correct destination.
To complete the picture, the R7800 router has an inbuilt switch chipset that controls its LAN ports and as such it can also act like a switch.
Quote:
In my scenario, this is what I should do:
* Define a VLAN40 (VLAN connected to port 4)
* This VLAN should be transported by the cable connected to port1.
* The managed switch connect the VLAN40 to my UnifiAP.
This is correct?
I'd suggest a read of the linked post below, you will get more detailed examples of setting up VLANS for your Netgear R7800.
VLANS settings is specific for each router because each inbuilt switch chipset is internally wired differently from one router to the next. Keep that in mind. It's one of the most confusing areas of networking in my own experience. But I am sure you can master it, once you got the fundamentals right.
I wonder if it possible to pass VLAN40 and VLAN10 into the port 3 of my router (it is unused) and connect this port directly to my Unifi AC Pro in order to create a trunk. In this way the Unifi AC Pro can handle the trunk on the other side and provides an SSID for each VLAN.
Is it possibile?
I tought that because I saw that my Managed Switched can assign only one VLAN to a specific port.
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "2 3 4 6"
swconfig dev switch0 vlan 10 set ports "1 6t"
swconfig dev switch0 set apply
vconfig add eth1 10
brctl addif br1 eth1.10
ifconfig eth1.10 up
VLAN1 is my private network on Ethernet port 4 and VLAN10 is my IoT Network on Ethernet Port 1.
I wanto to create a TRUNK on unsed port of my router for example Ethernet Port 2 that trasnport VLAN1 and VLAN10.
Joined: 13 Aug 2013 Posts: 6860 Location: Romerike, Norway
Posted: Mon Jul 18, 2022 15:29 Post subject:
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "1t 2 3 4 6"
swconfig dev switch0 vlan 10 set ports "1t 6t"
swconfig dev switch0 set apply
On newer builds, the interface name is no longer eth1.10, but vlan10
swconfig dev switch0 set enable_vlan 1
swconfig dev switch0 vlan 1 set ports "2t 3t 4 6"
swconfig dev switch0 vlan 10 set ports "1 2t 3t 6t"
swconfig dev switch0 set apply
vconfig add eth1 10
brctl addif br1 eth1.10
ifconfig eth1.10 up
My idea is:
* VLAN 1: private network connected to bridge0 (br0)
* VLAN 10: IoT network connected to bridge1 (br1)
I set up 2 trunk:
* Port 2
* Port 3
at this port I attached two AP (one from Ubiquiti and one from Mikrotik).
I want to create two Virtual wireless on each AP (PrivateWiFi and IoT WiFi).
I configured the Ubiquiti AP to have two VAPs one associated to VLAN1 and one associted to VLAN10 but it seems not work.
The Ubiquiti AP gets IP from VLAN1 but the VLAN10 seems not work because I cannot get an IP from the router (br1).