Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routing VLAN's into specific servers

    Scheduled Pinned Locked Moved Routing and Multi WAN
    4 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      SyRenity
      last edited by

      Hi.

      I have a deployment where multiple VLAN's with overlapping IP's connected to machines, each one physically.
      I'm looking to a way to concetrate them on managed switch, and route to specific servers and backwards.

      So, is it possible to define routing rules, so particular VLAN will go to a specific server (perhaps according to MAC)?

      Also, is it possible to have only a portion of traffic originating from server, going through these VLAN, and rest going to WAN (perhaps according to IP's)?

      I.e.:

      <–----------> switch <------> WAN
      server <---> pfsense
                                  <------------> switch <------> VLAN

      Thanks.

      1 Reply Last reply Reply Quote 0
      • C
        clarknova
        last edited by

        @SyRenity:

        So, is it possible to define routing rules, so particular VLAN will go to a specific server (perhaps according to MAC)?

        MAC-based vlan is possible but my limited experience suggests that most vlan-capable switches don't support it. Find a switch that will do MAC-based vlans and I don't think pfsense will be a problem.

        Also, is it possible to have only a portion of traffic originating from server, going through these VLAN, and rest going to WAN (perhaps according to IP's)?

        pfsense will route traffic according to the firewall rules you create and then according to its routing table. What are you trying to accomplish?

        db

        1 Reply Last reply Reply Quote 0
        • S
          SyRenity
          last edited by

          Hi.

          Thanks for your reply.

          MAC-based vlan is possible but my limited experience suggests that most vlan-capable switches don't support it. Find a switch that will do MAC-based vlans and I don't think pfsense will be a problem.

          I actually meant according to server MAC, meaning every VLAN will be routed to proper MAC address (perhaps via trunking?).

          pfsense will route traffic according to the firewall rules you create and then according to its routing table. What are you trying to accomplish?

          I will explain in a bit more detail.

          Today we have several LAN's with overlapping IP addresses, so they connected each to it's own server. This means every LAN takes single NIC per server for it's purposes. What we look at, is to still have these LAN's be bound to server, but instead of being connected to it, use pfSense trunking capabilities, and have possibly several LAN's over single server.

          This means the LAN will be connected to managed switch, and will belong to specific VLAN, which then will be routed by pfSense to proper server. Is such configuration possible?

          Thanks.

          1 Reply Last reply Reply Quote 0
          • C
            clarknova
            last edited by

            I'm not sure I understand you fully, but this is what I think you mean:

            You have a single layer 2 network, basically a bunch of servers (and possibly other hosts) connected to a switch or series of switches that are not split into vlans. On this L2 network you have configured multiple subnets, so for example you have a server whose address is 192.168.1.100/24 and another that is 172.16.0.200.

            Now you want to change things, such that each server actually sits on a separate vlan and can reach the other hosts only through pfsense.

            Am I close? Can you provide a diagram of how things are and how you want them to be? You can do this for free on gliffy.com.

            db

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.