Set up a high-level home network with EdgeRouter, Linksys switch, and VLANs.
Set up a high-level home network with EdgeRouter, Linksys switch, and VLANs.
Hey everyone! I've recently chosen to upgrade my home network. The goal is to host game servers, implement a security system, and plan to switch ISPs that support iTV. For these reasons, I want a separate network for the servers and security setup—clearly for safety. I'm thinking of using VLANs: keeping the security system isolated from the rest. To achieve this, I purchased a second-hand Linksys LSG318 managed switch so I can assign VLANs to ports and use PoE for future security cameras. This switch will be placed outside my home in the man cave.
In the man cave, I'll set up the game servers, NAS, security system, and extra LAN ports for TV and PCs during LAN parties. Maybe even a Steam cache server later. As a computer enthusiast, this project is also a learning opportunity. Usually I gather info online and use basic logic, but this time I need more advanced details.
I've created a diagram to show what I want. The VLAN IDs are fictional; using VLAN 1 as the default isn't recommended for security. (The legend in the top right is in Dutch—my mistake, hope the pictures clarify enough.)
Currently, my ISP modem operates in bridge mode on ports 9 and 10, with an edge router receiving DHCP IPs from it. I've added VLANs 1 through 4 to the router, each with its own DHCP server and range. The switch is connected to Switch0, which is named 'switch0.1', 'switch0.2', etc.
I edited the switch configuration, but it didn't affect any ports I could identify. My approach was to set all ports as trunk ports, requiring a managed switch for each VLAN. After changing the settings, I assigned VLANs to ports and got IP addresses. However, only one DHCP server is assigned—port 2 gets its IP from the main range, while port 2 gets another from the secondary range.
Now I want ports 1-6 to have dedicated VLANs, and ports 7 and 8 to carry all VLANs, allowing me to split them on the Linksys router. This is tricky—I can't manually assign VLANs to those ports and still manage trunking or load balancing. Plus, I need them to act as a LAN bridge with a 2GB uplink or load balancing.
What’s the solution? How do I make ports 1-6 switch on their own VLANs while keeping 7 and 8 trunked? And how can they function as a LAN bridge with extra bandwidth?
He found a video discussing how to set a VLAN ID in the PVID field for using a specific VLAN on a port, and how to input the VLAN ID in the VID field when using VLANs on devices behind that port. The explanation suggests this method doesn't seem effective, as DHCP doesn't assign IP addresses.
In a typical arrangement you'd configure one port to cover all VLANs. For example, VLAN10 uses ports 1-6, VLAN20 ports 7-8, and VLAN30 ports 9-#. Then you set up a trunk interface like Port 48 or a 10GbE port to carry those VLANs together. On the router, manage sub-interfaces and assign DHCP servers accordingly. If your internet connection is 10GbE, multiple user LAGs won't slow performance. You can usually create a virtual trunk for this setup. Dynamically changing which ports belong to which VLAN isn't standard, but you can adjust group memberships manually in the switch. Connected clients may need a restart to receive IPs from the new subnet.
Hey there, glad you got back. Ports 1 through 6 are set up with a fixed VLAN, while ports 7 and 8 serve as the backup for lag or failover to your Linksys switch. That switch will then have dedicated single VLANs per port. I’m having trouble getting all the VLANs working together so DHCP can pass through ports 7 and 8 at the same time for the switch. If I assign one VLAN, it works, but I can’t make separate networks function. As I’ll need at least three VLANs, I’m stuck. Ports 9 and 10, which connect to SFP ports, will handle uplinks, and I’m hoping fiber arrives soon.
@Caennanu Apologies if I overlooked it: Do you already possess all this gear? A more straightforward approach would be to divide the networks at the main router, isolate the IoT network, plug in switches for each eth port, and link your client devices to those switches. By chance, I recently came across this video using the ER-X.
Thanks for the response. I understand what you're suggesting. However, it would require about five switches and two extra cables for my man cave. That means I'd have to clear my driveway, dig a new hole, install the cables, and then put the driveway back up—no proper piping between buildings. It sounds like a lot of effort, even though it should be manageable. I anticipate the firewall ruling will follow soon. First, I need to establish a connection.
The idea you had is clear from the video you shared. You want to set up DHCP assignments based on specific VLANs and ports. For example, give VLAN 1 to ports 0 and 1, VLAN 2 to ports 2 and 3, and so on. Assign VLANs 1 through 4 to ports 6 and 7, since those ports handle multiple VLANs. You’ll need to configure the switch to recognize these port assignments before DHCP can work properly. Make sure you understand how the switch interprets these mappings.
I don’t have any background with Edge Routers. I only understand basic VLAN configuration on Cisco devices. The main idea stays similar, but if a feature isn’t available in the Edge Router, I’m unsure how to resolve it. Apologies for the confusion.