Routing between VLANs | Source IP
I'm posting this in the 'Controller' section, but it really involves Controller, Gateway and Switches.
I have the following equipment:
1 x ER707-M2 Gateway
1 x SG2428P v5.20 24 port PoE Switch
1 x TL-SG2008P v1.0 8 port PoE Switch
The ER707 is configured with a static IP address as well as a number of alias IP addresses (I have a /28 block of ipv4 addresses). It is connected directly to the SG2428P via the WAN/LAN 3 port on the gateway.
I don't think it matters, but the host I am testing with is connected to the 8 port switch, which is uplinked to the 28 port switch. So it goes ER707-M2 -> SG2428P -> TL-SG2008P -> Client PC
The problem I am having is that anytime I route internally (IE: VLAN 101 to 110) the originating packets appear to be coming from the Public WAN IP Address. Why is this happening, and how can I fix it? The SG2428 is supposed to be a L3 switch, so it should route the VLANs without even hitting the gateway, correct? I want the source address to be the internal IP address. So if I route packets from 10.1.1.100 to 10.1.10.67 then 10.1.10.67 should see the packets as arriving from 10.1.1.100, but it is actually seeing them from my Public WAN IP. This is causing issues with ACLs as well as local services I am running (IE: Caddy).
I did enable the VLAN interface on the 28 port switch, but I am unsure if I need to assign a static IP to those interfaces and change my DHCP scope so that the default gateway for those VLANs show that IP (which is what I would do on my Cisco L3 switches). If I need to do that, can someone walk me through the correct way to do that?
If it matters, I am using the "Default" for my management VLAN, but I did change it from VLAN 1 to VLAN 254.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
This article will tell you how to solve the problem you are experiencing. As the article points out, you should set policy routing on the switch and static routing on the router for your network requirement to work properly. Here is the article:
How to build up a multi-nets network via Multi-Nets NAT feature on TP-Link router with L2+/L3 switches:https://www.tp-link.com/support/faq/887/
- Copy Link
- Report Inappropriate Content
Looks like I may have figured it out.
I found where I could set the VLAN Interface IP Address to Static, so I set it to 10.1.13.1. I then updated my DHCP scope default gateway to 'manual' and pointed it to 10.1.13.1. It appears to work now as expected.
Does this sound right?
- Copy Link
- Report Inappropriate Content
nope. While it routes internally fine, I lost internet. seems as if there is no route to the outside now.
- Copy Link
- Report Inappropriate Content
This article will tell you how to solve the problem you are experiencing. As the article points out, you should set policy routing on the switch and static routing on the router for your network requirement to work properly. Here is the article:
How to build up a multi-nets network via Multi-Nets NAT feature on TP-Link router with L2+/L3 switches:https://www.tp-link.com/support/faq/887/
- Copy Link
- Report Inappropriate Content
@Hank21 Is there not a way to just create a static route on the L3 Switch to handle traffic that is destined outside of my configured VLANs?
Also, I am using an Omada Controller, and very little in that link matches up to what I am seeing in the Controller interface.
All I really want is the core switch to handle the L3 routing of my VLANs and the router to handle all of the internet traffic.
Before I simplified to the Omada system, I used OSPF between my Cisco 45066E and my Ubiquity Router. Is something like that an option? My network is changing quite often (we are a softare company that creates software that runs over the network), so creating static routes for each VLAN is going to be difficult to maintain.
- Copy Link
- Report Inappropriate Content
This link will show you how to configure the Omada Gateway and Omada Switch in Controller mode.
How to Configure L3 Interfaces and Static Routes on Omada Switches: https://www.tp-link.com/support/faq/4017/
If you read that link carefully, you will see that the static routing set up on the switch is for the VLAN interface to find the gateway so that it can access the Internet, and the router has to route that traffic back.
We have some Omada L3 switches like SG6654XHP, SG6428XHP, SG6654X, SG6428X that support OSPF, while TL-SG2008 does not.
- Copy Link
- Report Inappropriate Content
@Hank21 That URL redirects to https://www.tp-link.com/us/support/faq/4017/, which says it doesn't exist. i tried removing the 'us', but it still just redirects again.
- Copy Link
- Report Inappropriate Content
@Hank21 So I think I found it at https://www.tp-link.com/en/support/faq/4017/, however, it references in the switch gateway config as the next hop to be 192.168.0.102. Is this correct? The switch IP address is 192.168.0.2, and .102 is never referenced other than in the switch gateway config. Please confirm, and if it is correct, why? I will need to adapt this to my own topology, so knowing why this is will help.
[EDIT].102 is referenced on the gateway next hop, not switch. apologies for the error in my text above. But the question still stands.
- Copy Link
- Report Inappropriate Content
The controller configuration module shows that the switch has been adopted by the controller, with an IP address of 192.168.0.102. However, according to the network topology displayed above, the IP address is 192.068.0.2. This is quite easy to misunderstanding. I'll send feedback to the relevant department.When configuring a static route on a switch, the next hope should be the IP address of the gateway. When configuring a static route on a gateway, the next hope should be the switch's IP address.
- Copy Link
- Report Inappropriate Content
@Hank21 I was finally able to sit down and work with this. I adjusted the procedure a bit. I already had all my VLANs set up the normal way. So what I did was set up the static routing from the gateway to switch, and switch to gateway. Then I just changed the default gateway in the LAN to the static IP I set up for the VLAN interface on the switch. Seems to work well.
In other words, the gateway is still handling the DHCP and my LANs are still set up as Interfaces instead of VLANs.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 668
Replies: 9
Voters 0
No one has voted for it yet.