I currently have a router with two ports that are not bridged to each other, but are statically routed. On each port I have the untagged Public LAN with Public IPs, and a tagged VLAN with internal IPs for management. But yes, after the router it is just a large bridged/switched network. Some of my older devices have run out of ram due to a large bridge table. The newer devices do not have that issue.
I'm not really having any major issues. I did have each and every access point on their own dedicated port to the router with their own network. My issue with that was I had several ports running out of public IPs while others had more than enough to spare. I don't want to waste all of these IPs routing them like that, and I want to be able to move them around at will. PPPoE is not an option for me. Thank you, Brett A Mansfield > On Jan 26, 2016, at 5:38 PM, Josh Reynolds <[email protected]> wrote: > > So, if you tried to create a bunch of vlans and then bridged them all > together to terminate them on a single router interface/subnet/ip, > thats not going to work. What you just did didn't really segment > anything at all, and turned a fairly high performance (relatively > speaking) router into a kind of "hub". Remember hubs? Before swithces? > Terrible, terrible things. > > VLANs are not complicated constructs, and it drives me nuts that they > are so poorly understood. > > For you to segment your network, there are two ways to do it. You can > do it at layer2 with vlans, but those vlans will still terminate on > their own subnet at a router somewhere. The other way to do it is via > layer3, and route everything through your network. Both have > advantages, and the advantages of both depend on the network design, > transport medium used, etc. > > Are you currently running a large bridged/switch network and having issues? > > On Tue, Jan 26, 2016 at 6:06 PM, Brett A Mansfield > <[email protected]> wrote: >> What is a good router with FastPath. If I recall, the CCR had that, but I >> wasn't impressed with anything Mikrotik. >> >> I just want to segment my network into VLANs to limit the broadcast domain. >> I would also like to segregate services such as video and Internet. >> >> Thank you, >> Brett A Mansfield >> >>> On Jan 26, 2016, at 4:57 PM, Josh Reynolds <[email protected]> wrote: >>> >>> Okay, bridging a VLAN is where you are going wrong. Bridging is ALWAYS >>> going to send traffic to a low performance management CPU as opposed >>> to some type of FastPath hardware offloaded implementation. >>> >>> You need to attach a network diagram, and explain what you are trying to do. >>> >>> On Tue, Jan 26, 2016 at 5:54 PM, Brett A Mansfield >>> <[email protected]> wrote: >>>> I'm looking for the best router available to handle Internet over VLANs >>>> that doesn't peg the CPU. >>>> >>>> Currently I use a UBNT EdgeRouter Pro, but I cannot get more than 100Mb >>>> from a bridged VLAN and that pegs the CPU to 100%. I get the same issue on >>>> CCRs. >>>> >>>> Thank you, >>>> Brett A Mansfield
