Creating 2 networks over 1 physical link using smart switch and VLAN

[gourav]

Hello folks. I recently got an Airtel internet connection. Given that I use a pi-hole and multiple smart devices, I did not wish to reconfigure everything. So I plugged in a LAN cable from my Airtel router to the WAN port of my existing router so that everything continues to work as it was. I configured my existing router in router mode with WAN as dynamic IP.

I need help with one issue though. I have 3 rooms. My previous internet connection was in Room3. I have my NAS setup on Ethernet there which I cannot move.

Airtel used the conduits in the building, hence the internet connection landed in Room1. I have a PC in Room1, for which I had pulled a LAN cable from room 3. I used this cable to connect my Airtel router to my main router. This means that my PC no longer has a wired connection. I do not want to connect it directly to Airtel router. Here's a diagram to help visualise this:

I have a TL-SG105E switch which allows me to create VLANs. So I was wondering if there was some way I could use it to kind of run 2 networks through the same cable.

So I went to the 802.1Q VLAN options and created 2 VLANs, one with port 1 and 2 and another with port 2 and 3. I connected my main router to port 2, so that it's available on both VLANs. Then I connected my Airtel router to port 1 and my PC to port 3.

Based on my understanding, my PC should have only been able to see my main router, since the Airtel router is on a different VLAN. However, it got assigned an IP address from the Airtel router and got internet connection directly from the Airtel router.

Now, I don't understand this VLANs very well, and one of the reasons for doing this was to get a better understanding by experimenting. So I tried creating tagged and untagged VLANs. I tried removing port 1 and 2 from the default VLAN, etc. Nothing helped. I got only two results, either PC connects to Airtel router, or PC doesn't get internet connection at all.

So I thougth of asking for help here. Is what I'm trying to do even possible? It seems the main issue here is that for my main router, this cable is only an input, and hence other devices on the VLAN don't see this router at all. Is that what's happening.

Please let me know if anyone has any ideas.

 

[Fenix]

Here is my essay of a reply.

Based on the information provided, it appears that the issue might be related to how VLANs and routing are configured. Here are some possible considerations for the problem:

VLAN Configuration: It seems like you've set up VLANs on your switch, but the VLANs may not be configured correctly. The PC getting an IP address from the Airtel router suggests that the VLANs might not be isolating the Airtel router and the main router as intended.

Routing: VLANs are typically used for segmentation within a local network. If your Airtel router is directly connected to your main router, it might be routing traffic between them, which could explain the PC getting an IP from the Airtel router.

Double NAT: Having two routers in the same network can lead to a "double NAT" situation, which can cause issues. It's essential to ensure that only one device is handling NAT and DHCP for your network.

Cable Connection: Make sure that your physical cable connections are correct and that there are no accidental crossovers.

To resolve the issue, you may need to review your VLAN and router configurations, ensuring that traffic between the Airtel router and main router is appropriately isolated. You might consider setting one of the routers to operate in bridge mode or access point mode to simplify the network layout.

If you're not experienced with VLANs and routing, I am certain that a fellow memebr familiar with networking could be helpful.

 

[jayanttyagi]

In short eliminate one of the router. You don't need to re configure anything if you simple move original router to room 1 and use switch in room 3 for devices. You don't need vlan in this case at all.

 

[rockyo27]

Simple config.....connect wire from router to switch main port and assign all vlans to it......then on other switch ports give vlans as u like to distribute and then connect. Also do assign 0 vlan to switchport connecting to router.

 

[bobbyprajan]

So I was wondering if there was some way I could use it to kind of run 2 networks through the same cable.

This is possible provided the equipment at both ends of the cable understand VLAN tagging

I went to the 802.1Q VLAN options and created 2 VLANs, one with port 1 and 2 and another with port 2 and 3. I connected my main router to port 2, so that it's available on both VLANs

This will work only if the main router has VLANs configured and the physical port has matching configuration as the switch port

My suggestion would be to get a basic idea and configure it properly before you start testing

 

[nRiTeCh]

I'm wondering why you using Vlans for your home usage unless its a business + private usage thing which requires division of network.

 

[n1r0]

You can't have 2 routers active on the same network. You need to disable DHCP on one of them.

Option A:​

1. Disable the routing function on the Airtel unit by putting it into Bridge Mode
2. Move your old router to Room 1, connect WAN to Airtel, LAN 1 to PC, LAN 2 to Room3
3. Clone the Airtel unit's MAC address to your router. (May or may not be required, depending on if your account is bound to a particular MAC)
4. Setup WAN connection on old router using ISP provided credentials
5. Place the switch in Room 3 to connect to multiple devices there

Now you should have the same network config as before without using VLANs

Option B:​

1. Disable the routing function on old router by putting it into AP (Access Point) mode
2. On Airtel unit connect: LAN 1 to PC, and LAN 2 to a LAN port on your old router
3. Disable DHCP on Airtel
4. Enable DHCP on old router, set gateway to Airtel's IP & DNS to PiHole

This will allow you to reuse your current network setup as your old router is handling all the DHCP stuff, while Airtel is just acting as internet gateway

 

[rockyo27]

Whole router can't be put into bridge mode only one port is what ISP's allow to be put in bridge as it takes and binds mac of both router and the optics so main router always needs to be connnected.
and yes what @nRiTeCh Said, why u need 2 networks for at thome.....otherwise u can do as i said above and be done or if using another router then put it in AP mode and make changes as @n1r0 said above.

 

[gourav]

Thanks folks for your replies.

I'm wondering why you using Vlans for your home usage unless its a business + private usage thing which requires division of network.

It was mostly experimental, for learning purposes. I'd probably end up not using this setup even if it was successful.

Double NAT: Having two routers in the same network can lead to a "double NAT" situation, which can cause issues. It's essential to ensure that only one device is handling NAT and DHCP for your network.

Double NAT or having two routers on my network was not causing any issue for me. In my usual setup, everything works fine

To resolve the issue, you may need to review your VLAN and router configurations, ensuring that traffic between the Airtel router and main router is appropriately isolated. You might consider setting one of the routers to operate in bridge mode or access point mode to simplify the network layout.

then on other switch ports give vlans as u like to distribute and then connect

This is possible provided the equipment at both ends of the cable understand VLAN tagging

This will work only if the main router has VLANs configured and the physical port has matching configuration as the switch port

My main router does not support VLAN. As I understand now, with all the replies and some further reading, what I was trying is not possible, mainly because my main router won't provide internet connection over its WAN port. Since my switch's VLAN is connected to router's WAN port, devices on that VLAN will not get internet connection.

In short eliminate one of the router. You don't need to re configure anything if you simple move original router to room 1 and use switch in room 3 for devices. You don't need vlan in this case at all.

Move your old router to Room 1, connect WAN to Airtel, LAN 1 to PC, LAN 2 to Room3

This is what I'm going to do. I'll move my main router to the same place as Airtel router (Room1), then have the switch in room3 connected to my main router.

I'll try putting Airtel router in bridge mode. But as of now, I don't think that would be necessary. Since my Airtel router is only providing internet to my main router, which is taking care of everything else on the network, there is no issue with connections.

 

[n1r0]

I'll try putting Airtel router in bridge mode. But as of now, I don't think that would be necessary. Since my Airtel router is only providing internet to my main router, which is taking care of everything else on the network, there is no issue with connections.

This will lead to double NAT. A network within a network. Net-ception!
Chances are you are behind a CG NAT already, so shouldn't really change anything

 

[rockyo27]

As I understand now, with all the replies and some further reading, what I was trying is not possible, mainly because my main router won't provide internet connection over its WAN port. Since my switch's VLAN is connected to router's WAN port

Don't connect the wan port of airtel router to switch....just connect the LAN port to switch