Yes, you can create /30 for each client, which which is fairly wasteful, or you could allocate a subnet per vlan, which you can under/over estimate during provisioning there. PPPoE is another option, and one I'm personally not a fan of. You could 1:1 NAT them, but that scales very poorly.
You could also simply get more IPv4, which is likely the easiest. At some point soon, you really need to be looking at IPv6 though. On Jan 26, 2016 7:14 PM, "Brett A Mansfield" <[email protected]> wrote: > I currently have a router with two ports that are not bridged to each > other, but are statically routed. On each port I have the untagged Public > LAN with Public IPs, and a tagged VLAN with internal IPs for management. > But yes, after the router it is just a large bridged/switched network. Some > of my older devices have run out of ram due to a large bridge table. The > newer devices do not have that issue. > > I'm not really having any major issues. I did have each and every access > point on their own dedicated port to the router with their own network. My > issue with that was I had several ports running out of public IPs while > others had more than enough to spare. I don't want to waste all of these > IPs routing them like that, and I want to be able to move them around at > will. PPPoE is not an option for me. > > Thank you, > Brett A Mansfield > > > On Jan 26, 2016, at 5:38 PM, Josh Reynolds <[email protected]> wrote: > > > > So, if you tried to create a bunch of vlans and then bridged them all > > together to terminate them on a single router interface/subnet/ip, > > thats not going to work. What you just did didn't really segment > > anything at all, and turned a fairly high performance (relatively > > speaking) router into a kind of "hub". Remember hubs? Before swithces? > > Terrible, terrible things. > > > > VLANs are not complicated constructs, and it drives me nuts that they > > are so poorly understood. > > > > For you to segment your network, there are two ways to do it. You can > > do it at layer2 with vlans, but those vlans will still terminate on > > their own subnet at a router somewhere. The other way to do it is via > > layer3, and route everything through your network. Both have > > advantages, and the advantages of both depend on the network design, > > transport medium used, etc. > > > > Are you currently running a large bridged/switch network and having > issues? > > > > On Tue, Jan 26, 2016 at 6:06 PM, Brett A Mansfield > > <[email protected]> wrote: > >> What is a good router with FastPath. If I recall, the CCR had that, but > I wasn't impressed with anything Mikrotik. > >> > >> I just want to segment my network into VLANs to limit the broadcast > domain. I would also like to segregate services such as video and Internet. > >> > >> Thank you, > >> Brett A Mansfield > >> > >>> On Jan 26, 2016, at 4:57 PM, Josh Reynolds <[email protected]> > wrote: > >>> > >>> Okay, bridging a VLAN is where you are going wrong. Bridging is ALWAYS > >>> going to send traffic to a low performance management CPU as opposed > >>> to some type of FastPath hardware offloaded implementation. > >>> > >>> You need to attach a network diagram, and explain what you are trying > to do. > >>> > >>> On Tue, Jan 26, 2016 at 5:54 PM, Brett A Mansfield > >>> <[email protected]> wrote: > >>>> I'm looking for the best router available to handle Internet over > VLANs that doesn't peg the CPU. > >>>> > >>>> Currently I use a UBNT EdgeRouter Pro, but I cannot get more than > 100Mb from a bridged VLAN and that pegs the CPU to 100%. I get the same > issue on CCRs. > >>>> > >>>> Thank you, > >>>> Brett A Mansfield >
