Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1198
Views
0
Helpful
3
Replies

Homelab networking advice (adding a new router and VLANs)

Parth Maniar
Level 1
Level 1

‎05-13-2021 01:04 AM - edited ‎05-13-2021 12:50 PM

Hello,
I hope you and your loved ones are safe and healthy.
 
I am want to integrate a Cisco Integrated Service Router "RV-345" into my network & use VLAN to segregate traffic.
 
Current setup:
Netgear Wi-Fi router is the only component carrying out network access and routing. Here is a simple representation of the network:
 
homelab_v_1-current_state.png
  1. WAN port is connected via CAT-6 cable to ISPs box.
  2. NAS with 2 network port working in bond mode (combined speed instead of fault tolerance) connected to port 1 & 2 of the Netgear.
  3. Workstation with 2 Intel NICs connected to ports 3 & 4 of the Netgear router. This workstation has ESXi installed and 12 VMs running on it.
 
 
Proposed setup:
Cisco ISR 345 will carry out wired access and routing while setting Netgear to access point mode. Further requirements for VLANs:
 
homelab_v_1-desired_state.png
  1. VMs running on ESXi require separation using VLANs. I will have multiple VLANs which while segregated from each other need access for few central services like the DHCP, DNS (reachable via Wi-Fi access point port) and one VLAN on the ESXi which will be for logging.
  2. Currently, a Raspberry Pi running DHCP and DNS servers provides these network services. This is connected via Wi-Fi for now. This is important to note as I would need Wi-Fi to extend all VLANs to reach these central services.
  3. Raspberry Pis will eventually be connected via ethernet, but right now, they are connected via Wi-Fi.
 
Questions:
  1. As per my understanding, ESXi is where I have to create the VLANs and extend them via Cisco ISR. Is this correct?
  2. How do I ensure that the Wi-Fi port forwards all VLANs? In other words, how do I ensure that backbone network services (DHCP, DNS) are available irrespective of the VLANs
  3. From the NAS, I have a volume mounted on the workstation using iSCSI. Are there any implications using VLANs on this?
 
I apologise if the post is missing information and more is required. Kindly let me know if something needs to be added.
0 Helpful
3 Replies 3

pieterh
VIP
VIP

‎05-14-2021 02:08 AM

  1. As per my understanding, ESXi is where I have to create the VLANs and extend them via Cisco ISR. Is this correct?
    -> correct, the ESX needs to add vlan tags to the packets sent over the link to the Cisco
    the cisco port needs to be configured as vlan-trunk, to process vlan tags,
    this must be configured manually as the ESX and Cisco do not dynamically form a vlan-trunk (as between two Cisco switches)
  2. How do I ensure that the Wi-Fi port forwards all VLANs? In other words, how do I ensure that backbone network services (DHCP, DNS) are available irrespective of the VLANs
    -> you can't but I do not think this is what you want.
    you need to route data from de wireles part of the lan to the DHCP server
    as the netgear is in accesspoint mode and the cisco does the routing,  this should not be to difficult,
    on the cisco interface for the WLAN you need to configure an ip-helper/dhcp-relay that points to the dhcp server
  3. From the NAS, I have a volume mounted on the workstation using iSCSI. Are there any implications using VLANs on this?
    no, not really 
    you can separate the iSCSI traffic using a dedicated vlan, iSCSI still works as before
    but you can also route traffic from other vlans to the iSCSI vlan,
    and you have the possibility to apply an ACL to filter host that are allowed to access the iSCSI vlan

0 Helpful

Parth Maniar
Level 1
Level 1
In response to pieterh

‎05-15-2021 01:23 AM

Hello, I hope you and your loved ones are safe and healthy

 

Thank you very much for your reply.

 

I have few follow-up questions to help me settle this without disruption:

 

1. Currently I am using a Raspberry Pi to host DNS/DHCP servers. This is running without a VLAN and is provisioning IPs from 192.168.0.0 to 192.168.0.254.

Questions:

A. I will need the DHCP scope from current to 192.168.0.0. to 192.168.255.254 right? (My VLAN ID equals the IP pool in the third octet. Hence VLAN100 where shared services are located I will have 192.168.100.0-254).

B. The port where Raspberry Pi will be physically connected port 5: This port will have following setting:

B.1 - Tagged for VLANs 10 through 100

B.2 - Untagged for VLAN 1

 

2. Port VLAN settings:

I am confused in this setting. What should be the setting for ports running multiple:

A. Ports housing multiple VLANs such as the virtulisation (ESXi) will run VLANs 30 through 50. What should the port setting be?

A.1 Tagged for 30-50

A.2 Untagged for all other?

 

B. What about ports needing ALL VLANs such as the Wi-Fi?

B.1 Tagged for ALL VLANs except - VLAN 1 on which only the Router's management interface is? I don't mind taking router access through wired medium only.

 

Thanking you in anticipation.

 

 

0 Helpful

paul driver
VIP
VIP

‎05-16-2021 09:55 AM

Hello
FYI the new cisco router  will be performing all the routing as such you create the routed interfaces on that rtr and vlans then assign the ports connecting to the NAS - ESXI to their respective vlan 

You create the dhcp scopes on the cisco rtr or have the PI continue to service this.

Port 5 will be trunked to the netgear allowing all vlans to service your wifi ssids

The net gear router will have its routing disabled


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card