vlan applications on vigor router - draytek · vlan applications on vigor router intro virtual...

Draytek Corp. 2013.06 Alpha Huang/Marketing Project Management

Copyrights E-mail: [email protected]

VLAN Applications on Vigor Router

Intro

Virtual Local Area Network is so-called VLAN. It offers the logical grouping technique to separate the

physical ports of Ethernet switches, thus we can management our local network easier, more flexible and

secure. For instance, you’re a networking administrator in your company and you’re planning to isolate the

visitors’ traffics from your private network for security considerations because you cannot ensure that

visitors’ computer is clean. Or you want to separate your private network into several parts by divisions

because there are too many computers in the same network segment and it results in the local traffics

heavily. VLAN helps you to solve these situations, and Draytek’s products support bellow two popular

types:

Port-based

It uses a matrix table of the physical ports to define the traffics how to exchange between each port,

and the traffics will be isolated from the ports are not being ticked in the same line. It is the easiest way to

setup an isolate network, but not a flexible way to maintain a growing network. Because the idea of

port-based VLAN is grouping by physical ports, but the difficulty is how to handle the traffics between two

or more Ethernet switches. Thus, VLAN is suitable for some circumstances, for example, the rental

apartment, SOHO office…and so on. These clients may need two or three isolated networks only and setup

a network in a simple way.

Tag-based

The idea of tag-based VLAN is to identify a virtual LAN with a specific ID, therefore, VLAN ID

introduced by tag-based VLAN. Through VLAN ID, ports with different VID (VLAN ID) will be identified as in

different LANs, so the traffics also will be isolated from each of VLANs. Many administrators who manage

an enterprise network or even the internet service providers (ISP) adopt Tag-based VLAN popularly because

it is convenient to maintenance and management a distributed network. Setting a large-scale network is

easy by giving each of them with different VID and isolating the traffics at the same time. Besides the VLAN

ID, there is another feature, Trunk, introduced. While the role of a port on an Ethernet switch is setup as a

Trunk port, it means the VLAN ID will be kept while forwarding the packets between switches. By this

feature, VLANs are able to distribute over two or more Ethernet switches easily, moreover design a large



and secured network is possible through Trunk port. When VLAN is being enabled on Vigor routers, the

LAN ports are being turned into Trunk mode automatically. Therefore, a VLAN supported switch, like

VigorSwitch G2260/P2261, or VigorSwitch G1240, is needed.

Vigor routers [Note]

support Tag-based feature both on LAN and WAN interfaces. The next we’ll demonstrate

our web design and how to configure the settings by introducing the functionalities of Vigor router.

[Note]

Broadband router : Vigor2920/Vigor3200/Vigor2925/Vigo2960/Vigor3900

Modem router : Vigor2850/Vigor2860

VLAN Packets on Vigor routers

Trunk mode of LAN

Trunk Port can carry the packets with VID but replace the Non-VID packet as the VID of Trunk port

while forwarding the packets to another switch.

Bridge mode of WAN

P1 and P2 are doing NAT flow to access to the internet, but P3 and P4 will forward the

packets between WAN and LAN ports directly.



Web User Interface

So far, there are two kinds of open system on Vigor router. One is DrayOS, which is Draytek owned, and

another is Linux-like which customized by Draytek from OpenWRT. Here DrayOS system is going to be

introduced to you because it is the most stable and superfast booting system in Draytek products. If the UI

style of yours is different from the following. It may not DrayOS system with new web style or maybe the

Linux-like model.

WAN

VLAN Settings of WAN

Detail settings of channel profile

VLAN Settings

VLAN Members

Service Binding &

WAN Setup



LAN

Enable Port-based VLAN by checking the option

The option of Tag-based VLAN

VLAN Group

VLAN ID assigned

Member of Port-based or Tag-based VLAN

DHCP Pool will be used

802.1p field

VLAN applications on Vigor router

Multi Subnet (VLAN of LAN)



Port-based mode

Tag-based mode

By above settings, there are four private networks will be created and computers attached with each of

LAN ports or SSIDs which are able to obtain a private IP address from each DHCP servers

(LAN1/LAN2/LAN3/LAN4). However, the traffics of the LAN port or SSID that are NOT being grouped in the

same VLAN are unable to forward to each other. The benefit of Port-based is able to extend the wired ports

by installing a cheaper dumb switch as many as you need, but Tag-based offers you a flexible and

well-managed network. The networks are isolated, secured and reduce the broadcasting storm effectively

in each of networks with VLAN.

Guest Network



Port-based mode

Tag-based mode

To deploy a guest network, which serves your guests the internet accessibility, but the traffics have to be

isolated from your private network due to the security considerations, it can be done by above settings.

However, a switch support VLAN function is need if VLAN Tag enabled.

Triple Play (Multi-WAN)

NAT mode with VLAN



Following settings, the set-top box (STB) is able to attach with any LAN port. Video streaming which

your ISP provided will be played on your monitor.

��Setup the VLAN ID on WAN1 profiles if

WAN is the primary interface of IPTV service.

�Open the profile of WAN5 by clicking the ID.

�Setup connection of WAN 5 and bind the service

onto it.

NO need to enable Port-based

Bridge.

�Go to Application >> IGMP to bind

it on PVC WAN.



Data NetworkBridge mode with VLAN

Set-top box (STB) or the other kinds of media devices are able to attach with Port4 or Port5 of LAN. Those

devices that attached with Port4 or Port5 are able to access the services network directly which your ISP

provided.

vlan applications on vigor router - draytek · vlan applications on vigor router intro virtual...

Documents