Vlans - How to connect over

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › Vlans - How to connect over

funnyfela

352 posts

Ultimate Geek
+1 received by user: 48

#302027 23-Oct-2022 15:57

Hey guys,

We are trying to learn and figure this out on the go, but I suspect someone may have the answer nice and easy, and it may not be even possible.

We have just received some new gear at our church, and included was a managed switch in the control room. There are multiple Vlans as there is AVoIP, Control screen faces, NDI cameras etc, all separated.

Our main Presentation PC is currently plugged into 192.168.40. so as to be able to access the NDI system. The software has a remote for phones, and my phone on the wifi, which is connected to the unmanaged switch and on 192.168.1. Due to this, when I open the app and try connect, it cannot find the software (there is no option to manually type an IP). However if I use the audio mixer app and type the 192.168.40. ip of the mixer, it connects.
This also applies to the NDI camera app, if I open if on my phone, the OBS computer cannot see my stream.

I have attempted to set an IP on my phone as 192.168.40. but didn't work, not that I expected it to. And don't get me wrong, we're good with tech but this Vlan stuff is all something any of us have played with before.

Is there anything specific we can do to achieve this? The SSID on the unifi is our tech one, so we can configure it as needed.
Or is this a bigger beast than we were anticipating.

If you have to run heating in winter, you don’t own enough computers.

Spyware

3817 posts

Uber Geek
+1 received by user: 1366

Lifetime subscriber

#2986931 23-Oct-2022 16:36

Shift the unifis to managed switch ports that can see all vlans (or get another managed switch) and configure respective SSID for each network.

Spark Max Fibre using Mikrotik CCR1009-8G-1S-1S+, CRS125-24G-1S, Unifi UAP, U6-Pro, UAP-AC-M-Pro, Apple TV 4K (2022), Apple TV 4K (2017), iPad Air 1st gen, iPad Air 4th gen, iPhone 13, SkyNZ3151 (the white box). If it doesn't move then it's data cabled.

funnyfela

352 posts

Ultimate Geek
+1 received by user: 48

#2986934 23-Oct-2022 17:05

Spyware:

Shift the unifis to managed switch ports that can see all vlans (or get another managed switch) and configure respective SSID for each network.

Switch 1 is technically a managed switch I should have said, but it is all blank and just used like an unmanaged one.

Spyware

3817 posts

Uber Geek
+1 received by user: 1366

Lifetime subscriber

#2986942 23-Oct-2022 17:36

Create a trunk between switches, configure switch ports, and apply SSIDs on Unifi.

fe31nz

1294 posts

Uber Geek
+1 received by user: 423

#2987076 23-Oct-2022 23:51

The way I do this sort of thing is to create an SSID for each VLAN, so things on the Ethernet side on a VLAN can connect to things on the SSID connected to that VLAN. Then the WiFi devices need to connect to the SSID corresponding to the VLAN they need access to. This works ok as long as devices only need access to one VLAN, but if a device needs to use two different pieces of software that need to access different VLANs, there will still be a problem.

The need to be on the same VLAN (or subnet) usually occurs when a device needs to see broadcast packets in order to make a connection (eg to find some server software). The classic example is SAMBA, where the SMB servers send out broadcast packets to say they are available to be connected to. Any Windows PC with SMB sharing enabled does this, as does any Linux box running a SAMBA server. Broadcast packets are only visible on the VLAN or subnet they are sent on. However, with SAMBA, the client can usually also be directly configured with the IP address of the server and that will allow it to connect, even if the server does not show up on the list of available servers that gets presented from the server broadcast packets the device has seen. As you have noticed, some client software does not have the option to just set an IP address. This can simply be because the client is badly written and just does not have that option available, or it can be that the protocol involved will not work between different VLANs or different subnets.

With really good routers, it can be possible to do bi-directional network address translation in the router to send packets (including broadcast packets) from one VLAN or subnet to another VLAN or subnet so that they appear as an IP address that is part of each subnet. By doing that, you can make protocols like this that work between VLANs or subnets. But it is a lot of work, and I am fairly sure that a FritzBox is not going to be able to do it. An Edgerouter should be able to do this, as should any Linux box where you have access to the kernel level routing tools nftables or the older iptables. I am not familiar enough with Mikrotik routers to say if they can do it. Enterprise level routers (eg Cisco or Juniper) should be able to do this. This does require that the packets are processed through the router, rather than just the switches, which can cause bottlenecks if the traffic is high speed, as the traffic will be sharing one single 1 gigabit connection to the router. So if the traffic is fast enough (in total across all the protocols you are doing NATing on), you start to need a 10 gigabit router and a 10 gigabit port on the switches.

funnyfela

352 posts

Ultimate Geek
+1 received by user: 48

#2987095 24-Oct-2022 08:53

Cheers guys, appreciate your replies. Will re look at this.

Gotta love learning new stuff haha