[TriLUG] Network configuration help?

Aaron Joyner via TriLUG trilug at trilug.org
Fri Apr 30 11:39:22 EDT 2021 

Yes, you're understanding perfectly.  That should accomplish what you want.

Best of luck!
Aaron S. Joyner

On Fri, Apr 30, 2021 at 11:16 AM Brian McCullough via TriLUG <
trilug at trilug.org> wrote:

> You are both increasing my education considerably.  I am generally a
> beginner in this field, knowing just enough to get by on a small
> network.
>
>
> On Fri, Apr 30, 2021 at 10:53:27AM -0400, Triangle Linux Users Group
> discussion list wrote:
> > If you connect the ZyXEL router's WAN port to your internal ethernet
> > network, clients who connect to the ZyXEL's WiFi network will have access
> > to the internal ethernet network.  With the ZyXEL acting as a router they
> > won't be in the same broadcast domain, so they won't see eg. printers via
> > mdns, and they might not have the same DNS server, but that's only
> security
> > through obscurity.  It only makes discovery slightly harder, it does not
> > hamper the ability to connect.  You'll be able to ping hosts on the wired
> > subnet, connect to its webservers or fileservers, etc.
>
> That was a concern.
>
>
> > As Wes mentioned while I'm typing this, if you can separate that ZyXEL
> > router's WAN port at the switch layer, by placing it in a separate VLAN,
> > you might be able to provide some actual segmentation.  If you can
> > accomplish that, you can probably simplify things and just plug the
> ZyXEL's
> > LAN port into the VLAN'd port, turn off its DHCP functionality, and just
> > use it as an over glorified access point.  It'll happily bridge traffic
> > between the wired and wireless interfaces, and you can lean on the switch
> > to provide L2 segmentation, and the upstream router to provide services
> > such as DHCP and DNS.  My intuition is that you probably don't have a
> > managed L2 network with VLANs, or a router that would comfortably handle
> > multiple subnets on separate VLANs, though...
>
> As it happens, I may be able to do what you recommend.  The primary
> router is an OpenWrt machine, and I remember VLAN showing up in the
> configuration settings.
>
>
> OK, so as I understand you, I move the connection from the OpenWrt
> machine from WAN to LAN on the ZyXEL after turning off DHCP on the
> ZyXEL.
>
> I then assign a completely different IPv4 address to the port on the
> OpenWrt that the ZyXEL is plugged in to, and call that port VLAN 9 ( or
> something ).
>
> I presume that the OpenWrt machine is expected to provide DHCP services
> to the devices on the ZyXEL, but within the different subnet.
>
> Am I understanding correctly?
>
>
>
> More research to do.
>
>
>
> > Aaron S. Joyner
>
>
> Brian
>
>
> --
> This message was sent to: Aaron S. Joyner <aaron at joyner.ws>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : https://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web  :
> https://www.trilug.org/mailman/options/trilug/aaron%40joyner.ws
> Welcome to TriLUG: https://trilug.org/welcome

More information about the TriLUG mailing list