How to combine VLANs from two SDNs?
How to combine VLANs from two SDNs?
If you start with two independent SDNs with ER605/OC200/TL-SG22110P each with their own ISP.
- SDN#1 has a VLAN 31 (192.168.31.1/24)
- SDN#2 has a VLAN 32 (192.168.32.1/24)
- On SDN#1 if the managed switch provided VLAN 31 (untagged) to Server 1A and Camera 1B then they should be able to communicate with each other (e.g., the Server record the Camera). Devices 1A and 1B could access the internet via Router ER605#1.
- Likewise SDN #2 if the managed switch provided VLAN 32 (untagged) to Camera 2A and 2B then they should be able to communicate with each other as well. Devices 2A and 2B could access the internet via Router ER605#2.
- QUESTION: If the two SDN were nearby, how could VLAN 31 and VLAN 32 be interconnected to allow Server 1A to record Cameras 2A and 2B?
- Could a simple switch (TL-SG108) be added combining the untagged networks VLAN 31 and VLAN32 without causing problems in either SDN thus allowing Server 1A see Cameras 2A and 2B? What might the complications be?
- Could the subnet mask for the Devices be made wider without causing problems? (e.g., router problems)
- Seems like the DHCP ranges for each router on their VLAN should be easily set up to not cause problems?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
You should be ok to x-connect the user VLANs this way, you just need to ensure that you don't reuse IPs on both sides, but that each site router is aware of the VLANs being shared so it can help with inter-VLAN routing but DON'T enable DHCP on both sides for any given VLAN!
The ONE thing to avoid though is merging the management VLANs/broadcast domains, you don't want the controllers interfering with each other (in theory they shouldn't, but I would explicitly exclude your management subnet and VLAN from the 2210 port profiles that x-connect via the 108.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
You should be ok to x-connect the user VLANs this way, you just need to ensure that you don't reuse IPs on both sides, but that each site router is aware of the VLANs being shared so it can help with inter-VLAN routing but DON'T enable DHCP on both sides for any given VLAN!
The ONE thing to avoid though is merging the management VLANs/broadcast domains, you don't want the controllers interfering with each other (in theory they shouldn't, but I would explicitly exclude your management subnet and VLAN from the 2210 port profiles that x-connect via the 108.
- Copy Link
- Report Inappropriate Content
Also, since I don't have the luxury of a 60km ethernet cable, so I just set up a L2TP/IPsec VPN from Site2 and used the 'network extension' mode to allow certain subnets on either side to see each other. I even used a policy route to force one of the remote VLANs across this VPN tunnel to use the local ISP1 instead of ISP2. This has been working well for me, though I do have to set a monthly reboot schedule for my ER605v1's so they don't lockup due to memory starvation. My cameras are happily recording away at Site1 from Site2.
- Copy Link
- Report Inappropriate Content
Thanks so much for your help.
Your solution is a good onel, but my ISPs have very low bandwith. I can afford a single mode fiber cable between the "LAN side" of the SDN running at a Gb. (-:
Thanks again.
- Copy Link
- Report Inappropriate Content
I'm still noodling the ramifications of this ie L2 Broadcasts vs L3 routing, but something like this should be a good start.
By default TPlink routers enable inter-VLAN routing, so you will need to add ACLs in the 2210's to block comms from 31/32 VLANs to the 10's and 20's
Also, (deleted by mistake) the x-connected 2210 ports should belong to both 31 AND 32.
- Copy Link
- Report Inappropriate Content
I could not get my head around your reply. I generalized what I thought you were trying to do as shown below
I have another idea in the next post.
- Copy Link
- Report Inappropriate Content
Another idea would be shown below. Putting two Eithernet adapters on the server or doing a simular thing with some router magic,
- Copy Link
- Report Inappropriate Content
Well you could really simplify things with the second NIC...just plug the other site into it and be done!
- Copy Link
- Report Inappropriate Content
Apparently my last graphic would not copy to the message. I think I got what you were organially saying.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 512
Replies: 11
Voters 0
No one has voted for it yet.