Hello,
Can one subnet provide addressing for many vlans without 1:1 natting?
I want one vlan per customer's CPE router, but instead of each vlan having its own /30, just one /25 is used across all vlans. The reason I want to do it this way is to avoid the use of PPPoE but still keep customer's traffic separate from one another as it traverses the L2 bridges and radio links, and to make good use of a public subnet.
I have tried and failed by putting vlans on a bridge and assigning the subnet to the bridge - the eth port behaves like an access port rather than a trunk port..
Is this possible? Am I doing it wrong or is there a better way of achieving this?
Thank you!
Re: One /25 public subnet for 100 vlans without 1:1 nat?
Don't do it as different VLANs - use layer 2 isolation to isolate the different customers, then enable "local-proxy-arp" and disable the sending of redirects to allow the customers to contact each other through the router again.
Re: One /25 public subnet for 100 vlans without 1:1 nat?
What method of layers2 isolation are you referring to? More details would be good.
Thank you
Thank you
-
-
CZFan
Forum Guru
- Posts: 2098
- Joined:
- Location: South Africa, Krugersdorp (Home town of Brad Binder)
- Contact:
Re: One /25 public subnet for 100 vlans without 1:1 nat?
Can one subnet provide addressing for many vlans without 1:1 natting?
I want one vlan per customer's CPE router, but instead of each vlan having its own /30, just one /25 is used across all vlans. The reason I want to do it this way is to avoid the use of PPPoE but still keep customer's traffic separate from one another as it traverses the L2 bridges and radio links, and to make good use of a public subnet.
I have tried and failed by putting vlans on a bridge and assigning the subnet to the bridge - the eth port behaves like an access port rather than a trunk port..
Is this possible? Am I doing it wrong or is there a better way of achieving this?
Don't know that Mikrotik supports this functionality, also not sure if Cisco does, but do know that BDCom Gpon OLT equipment does and is called "super net" in their terms where you can have on IP subnet over multiple vlans
If you are not going to use PPPoE, what will you for authetication, etc,
My assumption that what mducharme was referring to is called bridge split horizon, there you setup the clients with only an ip and no gateway ussually making use of proxy arp, so not sure how local proxy arp firs in here
Following with interest
I want one vlan per customer's CPE router, but instead of each vlan having its own /30, just one /25 is used across all vlans. The reason I want to do it this way is to avoid the use of PPPoE but still keep customer's traffic separate from one another as it traverses the L2 bridges and radio links, and to make good use of a public subnet.
I have tried and failed by putting vlans on a bridge and assigning the subnet to the bridge - the eth port behaves like an access port rather than a trunk port..
Is this possible? Am I doing it wrong or is there a better way of achieving this?
Don't know that Mikrotik supports this functionality, also not sure if Cisco does, but do know that BDCom Gpon OLT equipment does and is called "super net" in their terms where you can have on IP subnet over multiple vlans
If you are not going to use PPPoE, what will you for authetication, etc,
My assumption that what mducharme was referring to is called bridge split horizon, there you setup the clients with only an ip and no gateway ussually making use of proxy arp, so not sure how local proxy arp firs in here
Following with interest