New SG300-10 Switch, VLAN Routing Setup with 2 WANs

pkauf · ‎02-22-2018

I have done some searching, but have been unable to find the right situation that matches what I am trying to do. I'm new to VLAN/Switch Routing, so forgive maybe some newbie type questions. I have 2 discreet LANS in my network. 192.168.0.* and 192.168.5.*. the 192.168.5.* network is for my "service" related devices (cameras/automation/etc.), the 192.168.0.* handles everything else. Due to external access, both networks have a WAN router with its own public IP address. What I am trying to do is configure my new SG300-10 switch to route LOCAL traffic (LAN) between 192.168.0.*/192.168.5.* and still allow each segment to continue to use it's own path to the internet (each using the current default route for each segment). I know I want to setup a VLAN for each, but am not quite sure of how to proceed. Any help or other posts you can point me to would be greatly appreciated. Thanks! If this doesn't make sense I can put together a picture and post it.

Aleksandra Dargiel · ‎02-22-2018

Hi Pkauf,
I think I understand what you are trying to accomplish. So I suggest:
at layer 2:
1. create vlan for each of the subnets
2. create trunk to the router (if router supports trunking, dot1q)
that should allow you to extend broadcast domain up to router and keep separated broadcast domains between both subnets

at layer 3:
1. keep the default gateway router IP address, specific to the subnet
2. set static route to access other subnet via switch as next hop - this however needs to be done on each host so it may not scale well.

Please let me know if I got it correct.
Aleksandra

pkauf · ‎02-22-2018

I don't think that is what I am looking for. I got the SG300 so I could route the 2 VLANs together. Each of the VLANs currently (and needs to have) their own path to the "WAN"(internet), but need to be able to see each other. So, for example, if I am a machine on the 192.168.0.* network, and I try to go to 192.168.5.X, it will go via the VLAN Routing, but if that request was for something outside those 2 networks (cisco.com, or whatever), it would go to the router attached to that network (in this case 192.168.5.1 (current default route - LAN address of the router). I do not want to have to hard code stuff on each host. Also, since I'm new to this part, not 100% sure I understand the trunking you are talking about, doing some research now.

Aleksandra Dargiel · ‎02-23-2018

OK, so perhaps set up as the following:
1. vlan 1 - 192.168.0.0/24
2. vlan 2 - 192.168.5.0/24
3. vlan 3 - 192.168.100.0/24 - special subnet for the router
SG300 does routing for any traffic.
Router needs to have static routes for vlan 1 and vlan 2 subnets as well as nat setting for those subnets so traffic goes and comes back from internet.

Is this something you are looking for?

pkauf · ‎02-23-2018

Close. Could i have a 4th VLAN that is for the second router? And have it setup so VLAN1 routes to internet for VLAN3 and VLAN2 routes for VLAN4? Each of my routers has a separate ip for internet access. Also realize my routers are not high end business class routers, just normal full function home/soho routers.

Aleksandra Dargiel · ‎02-23-2018

OK. Yes, but it is possible with higher end switch which support HSRP or VRRP.
Or switch which support policy based routing. for example SG350 or 550 series:
https://www.cisco.com/c/dam/en/us/td/docs/switches/lan/csbms/350_/2_3/admin_guide/AG_Tesla_350_550.pdf

For the home/soho router it really depends on the implementation:
1. some of them would need only static route and would NAT anything it receives on LAN interface
2. some of them would require some subnet to be added for the NAT to work and occurs static routes
It is just matter of testing the router.