Business Community > Controllers > Routing between VLANs | Source IP
< Controllers

Routing between VLANs | Source IP

Routing between VLANs | Source IP

Routing between VLANs | Source IP
Routing between VLANs | Source IP
a week ago - last edited a week ago
Model: Omada Software Controller (Linux)  
Hardware Version:
Firmware Version: 5.14.0.11

I'm posting this in the 'Controller' section, but it really involves Controller, Gateway and Switches.

 

I have the following equipment:

 

1 x ER707-M2 Gateway

1 x SG2428P v5.20 24 port PoE Switch

1 x TL-SG2008P v1.0 8 port PoE Switch

 

The ER707 is configured with a static IP address as well as a number of alias IP addresses (I have a /28 block of ipv4 addresses).  It is connected directly to the SG2428P via the WAN/LAN 3 port on the gateway.

 

I don't think it matters, but the host I am testing with is connected to the 8 port switch, which is uplinked to the 28 port switch.  So it goes ER707-M2 -> SG2428P -> TL-SG2008P -> Client PC

 

The problem I am having is that anytime I route internally (IE: VLAN 101 to 110) the originating packets appear to be coming from the Public WAN IP Address.  Why is this happening, and how can I fix it?  The SG2428 is supposed to be a L3 switch, so it should route the VLANs without even hitting the gateway, correct? I want the source address to be the internal IP address.  So if I route packets from 10.1.1.100 to 10.1.10.67 then 10.1.10.67 should see the packets as arriving from 10.1.1.100, but it is actually seeing them from my Public WAN IP.  This is causing issues with ACLs as well as local services I am running (IE: Caddy).

 

I did enable the VLAN interface on the 28 port switch, but I am unsure if I need to assign a static IP to those interfaces and change my DHCP scope so that the default gateway for those VLANs show that IP (which is what I would do on my Cisco L3 switches).  If I need to do that, can someone walk me through the correct way to do that?  

 

If it matters, I am using the "Default" for my management VLAN, but I did change it from VLAN 1 to VLAN 254. 

  0      
 
  0      
 
#1
Options
1 Accepted Solution
Re:Routing between VLANs | Source IP-Solution
a week ago - last edited a week ago

  @muzicman0 

This article will tell you how to solve the problem you are experiencing. As the article points out, you should set policy routing on the switch and static routing on the router for your network requirement to work properly. Here is the article:

How to build up a multi-nets network via Multi-Nets NAT feature on TP-Link router with L2+/L3 switches:https://www.tp-link.com/support/faq/887/
    

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
Recommended Solution
  0  
  0  
#4
Options
8 Reply
Re:Routing between VLANs | Source IP
a week ago

Looks like I may have figured it out.

 

I found where I could set the VLAN Interface IP Address to Static, so I set it to 10.1.13.1.  I then updated my DHCP scope default gateway to 'manual' and pointed it to 10.1.13.1.  It appears to work now as expected.

 

Does this sound right?

  0  
  0  
#2
Options
Re:Routing between VLANs | Source IP
a week ago

nope.  While it routes internally fine, I lost internet.  seems as if there is no route to the outside now.

  0  
  0  
#3
Options
Re:Routing between VLANs | Source IP-Solution
a week ago - last edited a week ago

  @muzicman0 

This article will tell you how to solve the problem you are experiencing. As the article points out, you should set policy routing on the switch and static routing on the router for your network requirement to work properly. Here is the article:

How to build up a multi-nets network via Multi-Nets NAT feature on TP-Link router with L2+/L3 switches:https://www.tp-link.com/support/faq/887/
    

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
Recommended Solution
  0  
  0  
#4
Options
Re:Routing between VLANs | Source IP
a week ago - last edited a week ago

  @Hank21 Is there not a way to just create a static route on the L3 Switch to handle traffic that is destined outside of my configured VLANs?  

 

Also, I am using an Omada Controller, and very little in that link matches up to what I am seeing in the Controller interface.

 

All I really want is the core switch to handle the L3 routing of my VLANs and the router to handle all of the internet traffic.

 

Before I simplified to the Omada system, I used OSPF between my Cisco 45066E and my Ubiquity Router.  Is something like that an option?  My network is changing quite often (we are a softare company that creates software that runs over the network), so creating static routes for each VLAN is going to be difficult to maintain.

  0  
  0  
#5
Options
Re:Routing between VLANs | Source IP
a week ago

  @muzicman0 

This link will show you how to configure the Omada Gateway and Omada Switch in Controller mode.

How to Configure L3 Interfaces and Static Routes on Omada Switches: https://www.tp-link.com/support/faq/4017/

 

If you read that link carefully, you will see that the static routing set up on the switch is for the VLAN interface to find the gateway so that it can access the Internet, and the router has to route that traffic back.

We have some Omada L3 switches like SG6654XHP, SG6428XHP, SG6654X, SG6428X that support OSPF, while TL-SG2008 does not.

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#6
Options
Re:Routing between VLANs | Source IP
Thursday

  @Hank21 That URL redirects to https://www.tp-link.com/us/support/faq/4017/, which says it doesn't exist.  i tried removing the 'us', but it still just redirects again.

  0  
  0  
#7
Options
Re:Routing between VLANs | Source IP
Thursday - last edited Thursday

  @Hank21 So I think I found it at https://www.tp-link.com/en/support/faq/4017/, however, it references in the switch gateway config as the next hop to be 192.168.0.102.  Is this correct?  The switch IP address is 192.168.0.2, and .102 is never referenced other than in the switch gateway config.  Please confirm, and if it is correct, why?  I will need to adapt this to my own topology, so knowing why this is will help.

 

[EDIT].102 is referenced on the gateway next hop, not switch.  apologies for the error in my text above.  But the question still stands.

  0  
  0  
#8
Options
Re:Routing between VLANs | Source IP
Friday

  @muzicman0 

The controller configuration module shows that the switch has been adopted by the controller, with an IP address of 192.168.0.102. However, according to the network topology displayed above, the IP address is 192.068.0.2. This is quite easy to misunderstanding. I'll send feedback to the relevant department.When configuring a static route on a switch, the next hope should be the IP address of the gateway. When configuring a static route on a gateway, the next hope should be the switch's IP address.
 

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#9
Options

Information

Helpful: 0

Views: 161

Replies: 8

Related Articles
[Bug] Policy Routing (5.13.23)
361 0
mDNS repeater across VLANS
6341 29
ACL with Source IP and Port to Destination IP and Port between VLANs
486 0
Routing between 2 vlans
427 0
Firewall ACL Rules. How to choose a IP-Port Group along with IP group source and destination.
810 0
Vlans and Profiles
231 0
About Us
Press
Copyright © TP-LINK CORPORATION PTE. LTD. All rights reserved.