[ale] VLANs and logging

Derek Atkins derek at ihtfp.com
Thu Apr 18 11:18:10 EDT 2019 

DNS does not need to be on a multi-homed server -- you can have your
router perform layer-3 routing between your VLANs to your DNS server.

DHCP, however, does need to be multi-homed, or at least your router (which
needs to be multi-homed) needs to know to forward DHCP broadcast packets.

All other "A must be able to talk to B" issues can be handled by IP-based
routing between your VLANs.

-derek

On Thu, April 18, 2019 11:10 am, Alex Carver via Ale wrote:
> Right, I know that they would normally be on untagged ports.  That's the
> basics which I understand.  It was my hope that there was a different
> method of implementing VLANs that I didn't know about that didn't have
> to involve a multihomed router and possibly multihomed devices.  My hope
> did not materialize and the only way I knew how is the only way available.
>
> As for DHCP I don't want the DHCP/DNS on the router because the router I
> would likely get would not do those functions anyway (being a pure
> router).
>
> On 2019-04-18 06:46, Phil Turmel via Ale wrote:
>> Only the router and the DHCP server need to be on trunk lines. (Consider
>> having the router perform DHCP, too.)  All other devices would be on
>> untagged ports for the VLAN you wish them to be a part of.
>>
>> On 4/17/19 11:53 PM, Alex Carver via Ale wrote:
>>> Not the router, the multihomed devices that are on trunk lines from the
>>> switch.
>>>
>>> On 2019-04-17 14:59, Phil Turmel via Ale wrote:
>>>> It's a pretty basic premise of routing that the router has to have an
>>>> address in the subnets it is going to route between, as it must offer
>>>> a
>>>> gateway address *in the subnet* to the leaf nodes.
>>>>
>>>> On 4/17/19 2:50 PM, Alex Carver via Ale wrote:
>>>>> I was hoping to avoid having multiple IPs on them but looks like I
>>>>> can't
>>>>> since each VLAN virtual interface will have to have its own IP.
>>>>>
>>>>> On 2019-04-17 08:47, Phil Turmel via Ale wrote:
>>>>>> A trunk port w/ tagged VLANs for your router and DHCP server is all
>>>>>> you
>>>>>> need.  These devices are then virtually multihomed (in addition to
>>>>>> your
>>>>>> router's uplink).
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> https://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>


-- 
       Derek Atkins                 617-623-3745
       derek at ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant

More information about the Ale mailing list