I have searched far and wide so I if it looks like I have no idea what i'm doing, that is because it is a correct assumpstion. Usually we do this ourselves with our MikroTik router setup. We have a machine network where each network needs to be separated into its own /24 subnet. In this particular situation because customer wanted to to the complete infrastructure this was done ad-acta where a network interface is connected to all subnets with each own VLAN.
Here is slightly shortened configuration:
network:
ethernets:
enp2s0:
dhcp4: false
enp4s0:
gateway4: 192.168.79.1
nameservers:
addresses: [192.168.11.5, 192.168.11.6]
addresses: [192.168.79.114/24]
dhcp4: false
vlans:
vlan.2008:
id: 2008
link: enp2s0
macaddress: 00:00:00:00:20:08
vlan.2010:
id: 2010
link: enp2s0
macaddress: 00:00:00:00:20:10
bridges:
br2008:
interfaces: [vlan.2008]
addresses: [10.10.21.254/24]
dhcp4: no
br2010:
interfaces: [vlan.2010]
addresses: [10.10.31.254/24]
dhcp4: no
version: 2
ip tables config:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -i br+ -j ACCEPT
-A FORWARD -i enp2s0 -o enp4s0 -j ACCEPT
-A FORWARD -i enp4s0 -o enp2s0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i br+ -j ACCEPT
The problem I have now is that for this example there are 'gateway aware?' 2 devices (10.10.31.10 on br2010 coming in at VLAN2010 and 10.10.21.15 on br2008). What do I have to do differently to get these two to be able to communicate with each other?
Currently I can ping 10.10.31.10 from br2010 and 10.10.21.15 from br2008, what routing do I have to do to get these two to see each other? In Mikrotik this is done without a hitch so what I am missing here? If this is done completely wrong I am able to change it except that devices need this VLAN configured, otherwise everything can be rearranged. What do I need to read on to know what is going on here better?
