Can VLANs transcend interfaces?

erosin · February 13, 2018, 6:08am

Trying to get my head around VLANs and see if I can use them for what I’m trying to achieve.

I have VyOS running on a router with 4 NICs. I wan’t to use VLANs to segregate my LAN into two segments that cannot talk to each other, but can both connect to the internet. In addition I want one NIC to serve as a “trunk” port that carries both VLANs to a ubiquiti unifi, which broadcasts a SSID for each VLAN.

Something like this:

eth0 - wan
eth1 - vlan1 -> switch1 -> lan_segment1
eth2 - vlan2 -> switch2 -> lan_segment2
eth3 - both vlans -> unifi -> 2 SSIDs (one on vlan1, the other on vlan2)

Now to my questins:

Is this possible? It seems like it should be, but all the config examples I’ve seen show vlans being assigned to a specific interface.
Do the ethernet switches (switch1 and switch2 above) need to support VLANs, or can I get away with the cheap ones I have laying around?
How do I go about configuring this in VyOS?

thanks

jfranco · February 24, 2018, 10:31pm

Hi,

You need managed switches for this to work.
Your set will not work, but if you do this way it will:
eth1 - vlan1,vlan2 -> switch1 -> lan_segment1 + unifi1 (ssid 1 and 2 if you will)
switch 1 and 2 connected thru trunk port passing all necessary vlans
eth2 - vlan1,vlan2 -> switch2 -> lan_segment2 + unifi2 (ssid 1 and 2 if you will)

system · July 8, 2018, 12:18am

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.