Posted: Fri Jan 08, 2010 21:15 Post subject: VLAN/Subnet Routing?
Hi everyone,
I've just finished installing dd-wrt (DD-WRT v24-sp2 (10/10/09) micro - build 13064) on my Linksys WRT54G2 v1 and have a question. Is it possible to use my router as a VLAN's/subnet router? I only ask because it appears I can configure a port on Setup > VLANs in the GUI.
---------------------------------------
I currently have 4 VLAN's on our network where each vlan uses a different subnet/ip range.
We currently have a W2K3 server that has 4 network cards. Each network card on the server, has a physical cable that plugs into each VLAN, and routes traffic between the VLAN's. DHCP Service is also enabled on our server, and issues IP addresses, to each of the VLAN's. From my research into linux lan routing, I think the above can be mimicked by using iptables and a dhcp service, but beyond that I don't have a clue. Is it possible to mimic this setup on my dd-wrt router?
Essentially, each port on my router (1-4) would be plugged into one of the four VLAN's and route traffic between them (the WAN port can stay as a WAN port), and hopefully issue out IP addresses that match the range that a VLAN uses. Hopefully if this is possible, we can reuse our W2K3 licence on another project that's coming up.
I'm not sure what other information you need so please ask if you require more.
Yes, just put ports into separate VLAN's, apply, reboot, on the networking page configure an ip/netmask for each VLAN for the desired subnet, apply, add multiple dhcp for each VLAN, and apply. Then test and make sure the VLAN's are all working correctly before doing anything with iptables to restrict access between them. Also change your numbering because VLAN1 is the WAN VLAN, or change the WAN port assignment... _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
Guys, will DDWRT also able to use iptables to control the traffic between the 4 VLANs?
For example, could I configure iptables so that vlan1 can communicate with vlan2 only via port 80. All other ports will be blocked/firewalled.
Does using iptables like this slow down the throughput because it taxes the CPU?
Yes, yes, yes. _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)