I have a DSL modem, RVS4000,WRV200 and SLM2008. I'm trying to create several vlans using the SLM2008 switch so that all my computers have internet access (wired) some also have internet access (wireless). But restrict how my computer âtalkâ with each other. I have a media server and two media computers I want to be able to âtalkâ with each other but not with any other computer on the network. I have a desktop computer that I don't want to âtalkâ with any computers on the network (just needs wired internet access) and I have two laptops that need wired and wireless internet access but should not be able to talk to each other or any other computers on the network.
I tried creating VLANS as you suggested. I set port four on the RVS4000 as a "trunk" port and connected from that port to port eight on the SLM2008. There is not a feature on the SLM2008 to set a port as a "trunk", like you can with the RVS4000. I made port eight a member of every VLAN but..... whenever I access the internet on any of the computers all ports on the SLM2008 light up. Shouldn't only port eight and whatever the particular port that computer is connected to light up when the internet is accessed?
I'm only familiar with the slm2008, never worked with any of the others. For all those different scenarious, it really sounds like you will need a true IOS router (or another router brand that can do 802.1q) since you will need to do inter-vlan routing at the device that routing the internet traffic. You could put another router on the network to do it, but why deal with another device. I have a simple setup at home using a cisco 871 that my cable mode plugs into. The fa0 interface is the uplink to my slm2008 in the attic. I have 2 vlans, vlan 1 and vlan2. vlan2 is used for my voice IP phone for work, vlan1 is just the default vlan for my other devices.
fa0 interface is the uplink from the 871 to the slm2008, and is in switchport trunk mode as well as vlan2 assigned as the voip vlan and the qos policy assigned to it via the auto qos command against the interface which automatically creates a voip qos policy
On the SLM port 8 is the uplink to the 871 router and I i added vlan2 on the slm2008 and assigned vlan1 and vlan2 to port 8 which basically is the way to make it a trunk port.
The key and which I think is the root of your problems is you need to create vlan routing instances/interfaces (which I am thinking maybe the linksys 4000 can't do since, well, it's a linksys) which is usally a more advanced feature and available on more "true" routing devices. For my cisco 871, its as simple as adding the following to allow inter-vlan routing as well as both vlans access to the internet.
interface Vlan1 description $FW_INSIDE$ ip address 192.168.250.1 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip nbar protocol-discovery ip flow ingress ip flow egress ip nat inside ip virtual-reassembly zone-member security in-zone
interface Vlan2 description $FW_INSIDE$ ip address 192.168.251.17 255.255.255.240 no ip redirects no ip unreachables no ip proxy-arp ip nbar protocol-discovery ip flow ingress ip flow egress ip nat inside ip virtual-reassembly zone-member security in-zone
At that point, you can control what traffic flows between interfaces/vlans via firewall-zones/ACLs.
Remember a trunk is just the ability to carry multiple logically definated networks over the same physical wire, but without a routing instance for a vlan, no traffic assigned to the vlan can ever leave/route to any other devices outside that assigned vlan, but will only be switched between devices in the the same network./vlan.
As far as why all the lights light, it is probobly due to unicast broadcast. When a switch doesn't have a ip-to-mac record in its cam, it will flood all ports on that switch hoping that it will find it's intended target and populate it's cam tables properly. These can become a very bad thing if the MAC address doesn't get learned especially if a device send traffic is 1gb or 100mb and a device on the same switch is only 10mb. The 10mb device will get destroyed. We had this type of problem at my work, and older SPARC with only 10mb interface was getting killed becuase of a network misconfiguration that caused it. This situation is called a unicast-storm.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...