Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VLAN and Internet Access

    TNSR
    1
    1
    106
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      shor0814
      last edited by

      I have a 2 TNSR routers connected to a pair of MLAG connected switches. I also have my own IPV4 subnet that is being announcec by BGP via Interface 1 on the first TNSR device. I have no problems at all right now, all of the servers on my network can access the internet and be accessed via their public IP address.

      What I am struggling with now is segregating clients into VLANs. When I create an access VLAN (22) for my client, I can no longer access the internet. My understanding is that I must create a bridge so that the VLAN22 can access the LAN interface with the gateway IP assigned. Each VLAN client will have a public IP from the single /24 subnet.

      When I followed the instructions for TNSR VLAN, nothing seemed to be problematic, but when I created the bridge things went wonky. Not only do the VLANs not work, but I also lose access to the non-VLAN devices.

      interface bridge domain 10
      flood
      uu-flood
      forward
      learn
      exit

      int Interface1
      bridge domain 10
      enable
      exit
      int Interface1.22
      bridge domain 10
      enable
      exit
      interface loopback bridgeloop
      instance 1
      exit
      interface loop1
      ip address 10.25.254.1/24
      bridge domain 10 bvi
      enable
      exit

      I did try changing the loop1 IP to my gateway IP and removing it from Interface1 but that didn't help. Maybe I am going about this wrong, but I need some guidance if possible.

      Thanks,
      Shawn

      For background:
      On TNSR device1:
      Interface1 is connected to a switch that carries my upstream BGP using a 10.34.14.0/24 address for now.
      Interface2 is the interface that has my gateway IP 23.x.x.x/24 and is also the port connected to the first switch.
      Interface3 is connected to a second switch and has no IP address

      TNSR device2 :
      Interface1 is connected to the switch that carreies the BGP but has no IP address and for all practical purposes is doing nothing

      Interface 2 is connected to the 2nd switch and has no IP address

      Interface 3 is connected to the first switch and has no IP address

      As you can see, the 2nd TNSR device is mostly sitting around doing nothing but eventually should be integrated in via VRRP or whatever I can get working.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.