I am keen to implement VLANs on my home network as I wish to segregate some computers so I can play with possibly network destroying stuff in a separate area.
VLANs only segregate IPv4 data, not IPv6; for IPv6 you need separate address spaces.
VLAN id’s don’t propagate to wireless network, you need to run a separate VID (wireless network) for that.
A synology BOND needs some hacking to support VLANs. However it appears the new BOND has to have a different ip address for it to appear on the network. I believe this is down to having one ARP table and same MAC address but this is the limit of my knowledge at the moment.
I created a separate wifi connection for the default VLAN (which is normally enabled) so I had management access to the switches, when VLANs were turned on.
Although my switches are not tp-link devices I found this article very useful.
The key points are:
Add any device that is VLAN aware, or under dhcp as a “tagged’ port.
Any VLAN unaware device mark the port as “untagged”, and in addition set a PVID id, on the port. Then when data leaves the port the data is untagged, when data enters the port the data is tagged.
“Tag” any trunk between switches.
I have a ds918+ which has 2 ethernet connects which I join together to make a single bond. To add VLANs I followed the article
However he shows two bonds having the same ip address. This appears to work, i.e. synology comes up, but my TV on the new VLAN couldn’t detect the synology box. I thus had to use a separate ip address on the new VLAN.
Synology current issues
I now worry I have a problem my router isn’t routing to the correct DNS address for the new VLAN.
I have two VLANs say 1 and 2.
On VLAN 1 the DNS is at 192.168.1.101 (synlogy box)
On VLAN 2 the DNS is at 192.168.1.102 (synlogy box)
On the LAN setup of the router (192.168.1.1) there is only one place were I can specify a DNS. So a request on VLAN 2 (if I use the router as the DNS) can’t route to the correct DNS. – Solution is specify a different DNS address for every device on VLAN 2 (not ideal, but will work)
Other issue is that the Media Server DNLA needs to specify a BOND, and I may need to run another instance, having said that I haven’t got the media server to work on either BOND yet.
It seems to work, but rebooting my router a lot caused my vdsl line speed to drop. (hopefully it will train up again). Aside: also I believe I a had a “real” call from talktalk! Checking about the line flapping, instead of a hacker… Might have been a hacker (checking id), but the conversation was very brief, checked my name, asked me if my internet was working! Wasn’t the usual hacker script…