Fundemental concept question - Router on a stick with L3 inter-vlan
-
So I have a question in the L2/switching/VLAN forum, but the more I think about it the more I wonder if what I want to do is even possible.
Basically, I'm currently router on a sticking 7 VLANs. There is one ESXi host that is now regularly pegging a host on another VLAN which, because this is coming from a DMZ server is having Snort rules applied on it and causing massive latency issues on my network when it happens.
I was hoping I'd be able to ONLY inter-vlan route that single host via L3 routing on the switch to stop that traffic from going across the router. I can get it to work, but the connection going out to the internet is problematic.
So my question is in a router-on-a-stick world, is it feasible to L3 inter-vlan route a single host? Or should I consider going all out inter-vlan or moving the destination host? I was kind of hoping for a L3 way of fixing it, since it wouldn't require re-addressing some hosts if I decided to move the destination into the VLAN. I wouldn't have to re-ip if I went all in inter-vlan, but I'd be missing out on the ease of ACLs in pfSense and the extra protection of snort on those interfaces.