You said I could allocate a subnet per VLAN. How would I do that and not max out the CPU? Is that the FastPath you speak of?
Thank you, Brett A Mansfield > On Jan 26, 2016, at 6:21 PM, Josh Reynolds <[email protected]> wrote: > > Yes, you can create /30 for each client, which which is fairly wasteful, or > you could allocate a subnet per vlan, which you can under/over estimate > during provisioning there. PPPoE is another option, and one I'm personally > not a fan of. You could 1:1 NAT them, but that scales very poorly. > > You could also simply get more IPv4, which is likely the easiest. > > At some point soon, you really need to be looking at IPv6 though. > >> On Jan 26, 2016 7:14 PM, "Brett A Mansfield" <[email protected]> >> wrote: >> I currently have a router with two ports that are not bridged to each other, >> but are statically routed. On each port I have the untagged Public LAN with >> Public IPs, and a tagged VLAN with internal IPs for management. But yes, >> after the router it is just a large bridged/switched network. Some of my >> older devices have run out of ram due to a large bridge table. The newer >> devices do not have that issue. >> >> I'm not really having any major issues. I did have each and every access >> point on their own dedicated port to the router with their own network. My >> issue with that was I had several ports running out of public IPs while >> others had more than enough to spare. I don't want to waste all of these IPs >> routing them like that, and I want to be able to move them around at will. >> PPPoE is not an option for me. >> >> Thank you, >> Brett A Mansfield >> >> > On Jan 26, 2016, at 5:38 PM, Josh Reynolds <[email protected]> wrote: >> > >> > So, if you tried to create a bunch of vlans and then bridged them all >> > together to terminate them on a single router interface/subnet/ip, >> > thats not going to work. What you just did didn't really segment >> > anything at all, and turned a fairly high performance (relatively >> > speaking) router into a kind of "hub". Remember hubs? Before swithces? >> > Terrible, terrible things. >> > >> > VLANs are not complicated constructs, and it drives me nuts that they >> > are so poorly understood. >> > >> > For you to segment your network, there are two ways to do it. You can >> > do it at layer2 with vlans, but those vlans will still terminate on >> > their own subnet at a router somewhere. The other way to do it is via >> > layer3, and route everything through your network. Both have >> > advantages, and the advantages of both depend on the network design, >> > transport medium used, etc. >> > >> > Are you currently running a large bridged/switch network and having issues? >> > >> > On Tue, Jan 26, 2016 at 6:06 PM, Brett A Mansfield >> > <[email protected]> wrote: >> >> What is a good router with FastPath. If I recall, the CCR had that, but I >> >> wasn't impressed with anything Mikrotik. >> >> >> >> I just want to segment my network into VLANs to limit the broadcast >> >> domain. I would also like to segregate services such as video and >> >> Internet. >> >> >> >> Thank you, >> >> Brett A Mansfield >> >> >> >>> On Jan 26, 2016, at 4:57 PM, Josh Reynolds <[email protected]> wrote: >> >>> >> >>> Okay, bridging a VLAN is where you are going wrong. Bridging is ALWAYS >> >>> going to send traffic to a low performance management CPU as opposed >> >>> to some type of FastPath hardware offloaded implementation. >> >>> >> >>> You need to attach a network diagram, and explain what you are trying to >> >>> do. >> >>> >> >>> On Tue, Jan 26, 2016 at 5:54 PM, Brett A Mansfield >> >>> <[email protected]> wrote: >> >>>> I'm looking for the best router available to handle Internet over VLANs >> >>>> that doesn't peg the CPU. >> >>>> >> >>>> Currently I use a UBNT EdgeRouter Pro, but I cannot get more than 100Mb >> >>>> from a bridged VLAN and that pegs the CPU to 100%. I get the same issue >> >>>> on CCRs. >> >>>> >> >>>> Thank you, >> >>>> Brett A Mansfield
