VLANs on home network with synology and draytek modem

Premable
I am keen to implement VLANs on my home network as I wish to segregate some computers so I can play with possibly network destroying stuff in a separate area.

Key facts
VLANs only segregate IPv4 data, not IPv6; for IPv6 you need separate address spaces.
VLAN id’s don’t propagate to wireless network, you need to run a separate VID (wireless network) for that.
A synology BOND needs some hacking to support VLANs. However it appears the new BOND has to have a different ip address for it to appear on the network. I believe this is down to having one ARP table and same MAC address but this is the limit of my knowledge at the moment.

Implementing VlANs
I created a separate wifi connection for the default VLAN (which is normally enabled) so I had management access to the switches, when VLANs were turned on.

Although my switches are not tp-link devices I found this article very useful.
https://forum.tp-link.com/showthread.php?76663-TP-LINK-TL-SG108E-VLAN-configuration-issue
The key points are:
Add any device that is VLAN aware, or under dhcp as a “tagged’ port.
Any VLAN unaware device mark the port as “untagged”, and in addition set a PVID id, on the port. Then when data leaves the port the data is untagged, when data enters the port the data is tagged.
“Tag” any trunk between switches.

Configuring Synlogy
I have a ds918+ which has 2 ethernet connects which I join together to make a single bond. To add VLANs I followed the article
http://www.mybenke.org/?p=2373
However he shows two bonds having the same ip address. This appears to work, i.e. synology comes up, but my TV on the new VLAN couldn’t detect the synology box. I thus had to use a separate ip address on the new VLAN.

Synology current issues
I now worry I have a problem my router isn’t routing to the correct DNS address for the new VLAN.
I have two VLANs say 1 and 2.
On VLAN 1 the DNS is at 192.168.1.101 (synlogy box)
On VLAN 2 the DNS is at 192.168.1.102 (synlogy box)
On the LAN setup of the router (192.168.1.1) there is only one place were I can specify a DNS. So a request on VLAN 2 (if I use the router as the DNS) can’t route to the correct DNS. – Solution is specify a different DNS address for every device on VLAN 2 (not ideal, but will work)
Other issue is that the Media Server DNLA needs to specify a BOND, and I may need to run another instance, having said that I haven’t got the media server to work on either BOND yet.

Conclusion
It seems to work, but rebooting my router a lot caused my vdsl line speed to drop. (hopefully it will train up again). Aside: also I believe I a had a “real” call from talktalk! Checking about the line flapping, instead of a hacker… Might have been a hacker (checking id), but the conversation was very brief, checked my name, asked me if my internet was working! Wasn’t the usual hacker script…

2 Replies to “VLANs on home network with synology and draytek modem”

  1. hi,

    minor correction, the bonds do not have the same IP address, since they differ in the subnet on the according VLAN. Given your config you shoud try :

    192.168.1.101 on VLAN 1 … and
    192.168.2.102 on VLAN2

    DNS should be only one device usually. And make sure you configure your gateway IP address per VLAN according to your needs.

    Best regards, frank

    p.s. and perhaps consider a routing capable switch – for small money from ebay, to relief your router from the LAN routing traffic, since its routing performance does not exactly match the needs of your internal devices

    1. Took your advice Frank, and put the stuff on separate subnets. Feel happier about it. I think my network is a bit over engineered for the usage its getting, but I do take your point on getting a router capable switch, will look into it.

Leave a Reply to brombo Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.