Who knows how to setup VLAN

Forum about all other NON Home automation stuff can be placed here....

Who knows how to setup VLAN

Postby vincenttor » Sun Mar 01, 2015 3:04 pm

Is any one that can explain/help me out with setting up a VLAN.
I have been reading and trying allot to setup multiple VLAN, and what i want to achieve is this:

I like to have a few ports on my switch that can not see each other for a guest network for example.
There are 6 rooms in the building that share the same Internet connection, of course they do not need to see each other since they do not know each other.
So i read that Vlan should be able to do this, but when someone connects to his wired line a computer, and for example a small 4-8 port switch to get more ports available.
Is it then possible that the user can see his own computer/printers in his Vlan ?

I have a linksys srw224g4 switch that supports vlan, layer 2/3.
But do i need a special router also since it has no routing abilities ?
I could be totally wrong with everything since most of the detailed info is in english and this isn't my native language so i do not understand everything 100%.
Any help or info/of solutions for this "problem" would be highly appreciated

Thanks
vincenttor
Member
Member
 
Posts: 341
Joined: January 2014
Location: Netherlands

Re: Who knows how to setup VLAN

Postby Henk_J » Mon Mar 02, 2015 9:17 am

I don't really understood your question but ...A Vlan is by default a totally separated LAN. So if you have a switch with ports 1-4 in Vlan 1 and ports 5-8 in Vlan 2 then the systems in the same vlan will see each other. Systems in vlan 1 will not see systems in Vlan 2 and vice versa. If you want to connect both vlan's you need to implement routing (layer 3) and in that case all systems in Vlan 1 will see systems in Vlan 2 unless you implement firewall rules or access lists between Vlan 1 and Vlan 2.
Henk_J
Member
Member
 
Posts: 57
Joined: May 2011
Location: Beuningen

Re: Who knows how to setup VLAN

Postby Edwin2008 » Mon Mar 02, 2015 7:02 pm

You also have paid which divide the port of the switch in separate networks do it will also work if you reconnect a other (non smart) switch
** edwin **
Edwin2008
Advanced Member
Advanced Member
 
Posts: 696
Joined: November 2008
Location: Netherlands

Re: Who knows how to setup VLAN

Postby Akatar » Mon Mar 02, 2015 7:24 pm

Edwin2008 wrote:You also have paid which divide the port of the switch in separate networks do it will also work if you reconnect a other (non smart) switch


i read it three times and i have no idea what you are trying to say?
Akatar
Senior Member
Senior Member
 
Posts: 1008
Joined: November 2007
Location: the netherlands

Re: Who knows how to setup VLAN

Postby labium » Mon Mar 02, 2015 9:49 pm

how do you route from one vlan to the other . like one vlan to the outside ?
labium
Member
Member
 
Posts: 486
Joined: February 2010
Location: netherlands

Re: Who knows how to setup VLAN

Postby vincenttor » Mon Mar 02, 2015 11:00 pm

Thanks for the replies,
@ Henk, so what i describe here is possible then ?

This is what i like to be able to do:
Image

Now the red circle is a room, for example i live there, i have a network printer, dreambox , laptop , computer that i want to connect in my "own" LAN.
They all have to be able to see/share with each other, and have Internet acces.
They can not be able to see the user and his own small network in room 2 , or 3, or 4 and so on.

Can i give a room a separate unmanaged switch , connect it to a port on the linksys that is connected/used in a Vlan, and that the user is able to use the internet and his own private lan without interference from others.
Or can a user for example place his own router on the wire that comes out of the port from the linksys that is connected to a Vlan ?
Is this option possible what i just showed in this example, as far i understood it should be but what do i exactly need to achieve this.
Or is there another solution that can do this ?

Do i need a "special" router after the modem te set everything correct ?
From what i have read , some say i need a special switch that can handle routing, some write that you need a modem/router that can handle Vlan ability and pass the info trough to the in my case linksys

@ labium, this is what i ask myself , see the sentence above.
I think i have set the Vlan correctly after watching several tutorials and reading them, but the computers that i connected to those Ports that i set to a Vlan , they did not got any ip address assigned.
vincenttor
Member
Member
 
Posts: 341
Joined: January 2014
Location: Netherlands

Re: Who knows how to setup VLAN

Postby vincenttor » Tue Mar 03, 2015 7:00 am

Going to try pfsense, it should all be possible to do like is described I have been told :)
vincenttor
Member
Member
 
Posts: 341
Joined: January 2014
Location: Netherlands

Re: Who knows how to setup VLAN

Postby mhn » Tue Mar 03, 2015 8:24 am

Your setup can do what you want. But you need a router where the nets meet.

When the nets arrive at the Linksys it will have to know where to send the package. If the Linksys is unable to route you will need an extra port for each net to the router. I never tried pfsense but I think it can be the router. :-)

"Dump" switches on each net is no problem. And it doesn´t matter who plug the cable for it. :-)

Regards
Morten
mhn
Member
Member
 
Posts: 399
Joined: July 2009
Location: Denmark

Re: Who knows how to setup VLAN

Postby vincenttor » Tue Mar 03, 2015 12:59 pm

Thanks morten for the info.
Will show the configuration here is someone is interested when k got. It working of course
vincenttor
Member
Member
 
Posts: 341
Joined: January 2014
Location: Netherlands

Re: Who knows how to setup VLAN

Postby wwolkers » Tue Mar 03, 2015 1:00 pm

What you are describing here is called a private vlan (http://en.wikipedia.org/wiki/Private_VLAN).
Not every manufacturer supports this though.

According to the docs your switch should support PVE, so you could try that.
wwolkers
Member
Member
 
Posts: 273
Joined: September 2008
Location: Netherlands

Re: Who knows how to setup VLAN

Postby raymonvdm » Tue Mar 03, 2015 3:32 pm

Private VLAN is not needed for this setup. Just create as much normal vlan`s as needed (one per room) and create firewall / nat rules on the router to let each vlan connect to internet but block the vlan2vlan communication.

You can try to use pfsense but i don`t know if psense supports that much vlan interfaces. In the past i have used shorewall and Mikrotik for this. Mikrotik also supports hotspots and billing per interface
Running HS3PRO on PC with Z-Wave / OpenTherm / Plugwise / RFXcom / MQTT / XAP400 / Logitech Media Server and Squeezelite on PI`s
raymonvdm
Senior Member
Senior Member
 
Posts: 1146
Joined: December 2011

Re: Who knows how to setup VLAN

Postby wwolkers » Tue Mar 03, 2015 6:33 pm

Private vlan would allow you to use a 'normal' simple router, since it is all 1 ip subnet, and is less work to setup. Creating a load of vlans and 1 tagged port in each vlan is also an option, yes.
It's all a matter of preference, and the situation it will be used in.
wwolkers
Member
Member
 
Posts: 273
Joined: September 2008
Location: Netherlands

Re: Who knows how to setup VLAN

Postby vincenttor » Wed Mar 04, 2015 12:44 am

Well I have setup pfsense virtually. And been playing with it and the linksys connected on the lan of my laptop.
I must say it is actually fun to play with. Not that everything worked like I want but still.
Tomorrow I'll try some more and hope I get it working.
Thanks for the info guys
vincenttor
Member
Member
 
Posts: 341
Joined: January 2014
Location: Netherlands

Re: Who knows how to setup VLAN

Postby Edwin2008 » Fri Mar 06, 2015 2:23 pm

Akatar wrote:
Edwin2008 wrote:You also have paid which divide the port of the switch in separate networks do it will also work if you reconnect a other (non smart) switch

i read it three times and i have no idea what you are trying to say?

Allright, missed this post. Being screwed by the auto speller on Phone...
VLan is only be respected by devices that are able to recognize Vlan tag. So if you have a smart switch which you devide into vlan segments a computer will see another computer in another vlan. This is not what i expected when setting up a vlan with a netgear pro smart switch.
Calling the support desk revealed that if you want the port to be seperated you need to use the pvid option. Basically this tell's the port you mark to only work with the vlan you want it.
Don't ask me why but this is what the guy said and indeed after that it worked. So when now connecting two pc's in different port's that are both marked to different vlan's they are unable to react or see eachother.
Hopefully this clarifies it a bit :)
** edwin **
Edwin2008
Advanced Member
Advanced Member
 
Posts: 696
Joined: November 2008
Location: Netherlands

Re: Who knows how to setup VLAN

Postby raymonvdm » Fri Mar 06, 2015 3:16 pm

pvid tells the switch to mark traffic without a vlan tag (untagged) to be tagged with the specified vlanid. So if the ports are all on PVID1 all computers connected to that switch will see each other.
Running HS3PRO on PC with Z-Wave / OpenTherm / Plugwise / RFXcom / MQTT / XAP400 / Logitech Media Server and Squeezelite on PI`s
raymonvdm
Senior Member
Senior Member
 
Posts: 1146
Joined: December 2011


Return to Off Topic

Who is online

Users browsing this forum: No registered users and 1 guest