New Member
Posts: 9
Registered: ‎05-10-2015

Connecting switch0.3 to eth0 trunk; better ideas?

[ Edited ]

Hi all, I'd like to confirm that my configuration is up to networking best practices.  My ISP seems to allocate IPs in a relatively weird way.  Regardless, I've set up my ERX to make use of both a static IP I pay for an the public group IP the ISP gives everyone in my neighborhood.

 

I currently have switch0 (eth1 through 4) masq'ed to eth0.2 for internet using the static IP as allocated by my ISP.  To use the group IP, clients will tag their traffic with VLAN 3, which will exit our network through eth0.  I've accomplished this by creating the virtual interface switch0.3, and bridging that to eth0.  While I bridged switch0.3 and eth0 through the config tree, the equivalent command(s) would be:

 

configure
set interfaces bridge br0
set interfaces switch switch0 vif 3 bridge-group bridge br0
set interfaces interfaces ethernet eth0 bridge-group br0
commit
save

TLDR (I know I can write too much, so here's a summary)

VLAN1 inside <--> eth0.2 with static IP

VLAN3 inside <--> br0 <--> VLAN1 outside with group IP

 

Is a bridge the most efficient/best way to do this?  Anyone with more experience have any better ideas?

New Member
Posts: 9
Registered: ‎05-10-2015

Re: Connecting switch0.3 to eth0 trunk; better ideas?

Still looking for suggestions.  I think I recall reading that using bridges in most modern networks is frowned upon, being slower or less intelligent(?) than switching.  Is this the case?

SuperUser
Posts: 20,402
Registered: ‎09-17-2013
Kudos: 5144
Solutions: 1458

Re: Connecting switch0.3 to eth0 trunk; better ideas?

[ Edited ]

This sounds convoluted ... and possibly outright wrong.

 

This is outright wrong.

 

If you're paying for a static, you DO NOT need to use DHCP anywhere.  To be honest, you probably shouldn't be using those IPs at all, given your purchase of the static (that is - let the DHCP / random IP address go to someone else).

New Member
Posts: 9
Registered: ‎05-10-2015

Re: Connecting switch0.3 to eth0 trunk; better ideas?

[ Edited ]

Yeah...I know it's convoluted, but I want to set up our ERX to make use of both the IP we pay for and the group IP, to [semi-]mask some of our traffic, if we want/need.

 

I suppose my question wasn't about whether what I set up was necessary, but if it was the best way...is a bridge really the best way to connect a VLAN to a router that's located on the WAN interface on a different VLAN, (and in this case VLAN 1?)

Veteran Member
Posts: 8,108
Registered: ‎03-24-2016
Kudos: 2129
Solutions: 930

Re: Connecting switch0.3 to eth0 trunk; better ideas?

The built in switch is VLAN-aware. 

You might be able to put all interfaces on switch0, so you don't need the bridge.

The ERX will do its routing between different VLANs, and switching when staying on same VLAN.

 

SuperUser
Posts: 20,402
Registered: ‎09-17-2013
Kudos: 5144
Solutions: 1458

Re: Connecting switch0.3 to eth0 trunk; better ideas?

hell, even "just" routing between eth0 and eth0.x to switch0 would be doable.

 

 

Or, y'know, not trying to "cheat" your way to extra IPs ...

Highlighted
New Member
Posts: 9
Registered: ‎05-10-2015

Re: Connecting switch0.3 to eth0 trunk; better ideas?

The switching sounds like something I can handle...I'll investigate when I get home.  As for the routing, do you know how I would set that up?  It's a little beyond me, but any help would be great; I could probably figure it out, (I would enjoy firguring it out,) if you just gave me the principles of how to set it up.

 

Thank you again, and we'll see if this works.