VLAN/Subnet Routing?

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Author Message
mwyu
DD-WRT Novice


Joined: 08 Jan 2010
Posts: 11

PostPosted: Fri Jan 08, 2010 21:15    Post subject: VLAN/Subnet Routing? Reply with quote
Hi everyone,
I've just finished installing dd-wrt (DD-WRT v24-sp2 (10/10/09) micro - build 13064) on my Linksys WRT54G2 v1 and have a question. Is it possible to use my router as a VLAN's/subnet router? I only ask because it appears I can configure a port on Setup > VLANs in the GUI.

---------------------------------------

I currently have 4 VLAN's on our network where each vlan uses a different subnet/ip range.

VLAN 0: 10.44.219.1 - 10.44.219.62 (255.255.255.192)
VLAN 1: 172.22.77.1 - 172.22.77.30 (255.255.255.224)
VLAN 2: 192.168.14.1 - 192.168.14.62 (255.255.255.192)
VLAN 3: 10.15.22.1 - 10.15.22.255 (255.255.255.0)

We currently have a W2K3 server that has 4 network cards. Each network card on the server, has a physical cable that plugs into each VLAN, and routes traffic between the VLAN's. DHCP Service is also enabled on our server, and issues IP addresses, to each of the VLAN's. From my research into linux lan routing, I think the above can be mimicked by using iptables and a dhcp service, but beyond that I don't have a clue. Is it possible to mimic this setup on my dd-wrt router?

Essentially, each port on my router (1-4) would be plugged into one of the four VLAN's and route traffic between them (the WAN port can stay as a WAN port), and hopefully issue out IP addresses that match the range that a VLAN uses. Hopefully if this is possible, we can reuse our W2K3 licence on another project that's coming up.

I'm not sure what other information you need so please ask if you require more.

Thanks in advance Smile
MWYT
Sponsor
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10143

PostPosted: Fri Jan 08, 2010 21:35    Post subject: Reply with quote
Yes, just put ports into separate VLAN's, apply, reboot, on the networking page configure an ip/netmask for each VLAN for the desired subnet, apply, add multiple dhcp for each VLAN, and apply. Then test and make sure the VLAN's are all working correctly before doing anything with iptables to restrict access between them. Also change your numbering because VLAN1 is the WAN VLAN, or change the WAN port assignment...
_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
mwyu
DD-WRT Novice


Joined: 08 Jan 2010
Posts: 11

PostPosted: Fri Jan 08, 2010 21:42    Post subject: Reply with quote
Thanks phuzi0n! I'll give that a go when I return to work tomorrow :)

MHYT
mwyu
DD-WRT Novice


Joined: 08 Jan 2010
Posts: 11

PostPosted: Sun Jan 10, 2010 15:37    Post subject: Reply with quote
Thanks phuzi0n! I got everything working perfectly, except for DHCP on the VLANs, but that's a minor issue Smile
layer3optimized
DD-WRT Novice


Joined: 09 Jan 2010
Posts: 4

PostPosted: Sun Jan 10, 2010 18:26    Post subject: Reply with quote
Guys, will DDWRT also able to use iptables to control the traffic between the 4 VLANs?

For example, could I configure iptables so that vlan1 can communicate with vlan2 only via port 80. All other ports will be blocked/firewalled.

Does using iptables like this slow down the throughput because it taxes the CPU?
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10143

PostPosted: Sun Jan 10, 2010 20:12    Post subject: Reply with quote
layer3optimized wrote:
Guys, will DDWRT also able to use iptables to control the traffic between the 4 VLANs?

For example, could I configure iptables so that vlan1 can communicate with vlan2 only via port 80. All other ports will be blocked/firewalled.

Does using iptables like this slow down the throughput because it taxes the CPU?

Yes, yes, yes.

_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum