[ale] VLANs for home with a Linux Router
Alex Carver
agcarver+ale at acarver.net
Mon Jan 2 20:13:48 EST 2017
On 2017-01-02 16:55, DJ-Pfulio wrote:
> On 01/02/2017 06:55 PM, Robert L. Harris wrote:
>> Linux firewall
>
> That can mean almost anything.
>
> VLANs are "suggestions", not security, unless there is physical separation at
> some point.
>
> Better to segment the network using a different router port for each subnet and
> separate "dumb" switches for each, as needed.
>
> This is actually how I do it, but with pfsense for the router. A normal linux
> distro can do it, just tie the firewall rules to the specific interface. Don't
> know about typical $20 home routers.
If you have a router with something like OpenWRT installed then it can
handle tagging, too. Otherwise it's probably easiest to get something
like a Ubiquiti EdgeRouter if an appliance is desired instead of rolling
one from scratch.
More information about the Ale
mailing list