Omada SDN and SNAT \ Masquerading
Hi all,
sorry for my bad English in first!
I’m new omada SDN user, and I need help to understand how the system works.
My environment is:
OC200 1.0 (firmware version 1.14.3 Build 20220112 Rel.64116 , controller version 5.0.30);
TL-R605 v1.0 (firmware version 1.2.0);
TL-SG2008P v1.0 (firmware version 1.0.2);
EAP265 HD(EU) v1.0 (firmware version 5.0.4).
Network topology is:
FFTH 1000/300Mbps -> R605 -> SG2008P -> EAP265
|-> OC200
I’ve created N network interface (I will describe only few in this scenario):
“Client” – Interface - 10.10.101.1/24 (VLAN 101);
“Server” – Interface - 10.10.10.1/24 (VLAN 10);
“Guest” – Interface - 10.10.200.1/24 (VLAN 200);
“Network” – Interface - 10.10.2.1/24 (VLAN 2) <-this subnet is used for all the network environment previously described.
Each of this interface has DHCP enabled and DHCP range defined.
The system automatically creates a port profile for each interface:
“Client”: native network Client, Tagged network Client, untagged network Client;
“Server”: native network Server, Tagged network Server, untagged network Device;
“Guest”: native network Guest, Tagged network Guest, untagged network Guest;
“Network”: native network Network, Tagged network Network, untagged network Network;
“ALL”: native network Network, Tagged network All, untagged network Network;
“DISABLE”: native network None, Tagged network Network, untagged network Network;
I’ve defined 2 WLAN:
SSID1 – VLAN 101;
SSID2 – VLAN 200 – guest network.
The AP is connected to a switch port with “ALL” profile defined.
I have a home assistant installation on server network with ip 10.10.10.100, and a dreame vacuum connected via wifi on SSID1 with ip 10.10.101.166.
i would integrate the vacuum on home assistant, but discovery across different network are not working cause the device won't respond to packet outside of his network.
I found a workaround as described here: https://github.com/rytilahti/python-miio/issues/422#issuecomment-455824152
and here: https://python-miio.readthedocs.io/en/latest/troubleshooting.html#discover-devices-across-subnets
But i don't understand how i can implement on omada platform.
On the first link there are some example of configuration on different router, SDN infrastructure or iptables.
As i can understand, i need to implement a nat masquerade between the 2 vlan, but i do'nt understand how to do that, cause i can nat only on wan interface in my Omada Controller.
the corresponding in iptable should be: iptables -t nat -A POSTROUTING -s 10.10.10.100/32 -d 10.10.101.166/32 -p UDP -j MASQUERADE --to-ports 54321
There's a way to do this in Omada?
Thanks in advice,
S.