Could someone please explain how the routing between vlans would work with in the following configuration:
RB5009 with VLAN10 and VLAN20
CSS326 wired into RB5009's ether2.
CSS port 1 is trunk port to RB5009 (that is, port 1 carries VLAN10 and VLAN20)
CSS Ports 2-8 are access ports for VLAN10
CSS ports 9-16 are access ports for VLAN20
Let's say I have a smart TV (Roku) on CSS port 2. The TV will be on VLAN10 and have full access to the Internet.
But, I have my smartphone in my hand, which is wifi connected to an AP on CSS port 9 (VLAN20), and I like to use the Roku app to control the TV.
Do I need to set up a firewall rule on the RB5009 to allow frames from VLAN20 to access devices on VLAN10?
The RB5009 doesn't know which CSS port the AP is on (and therefore doesn't know how or from where my smartphone is comes to be on VLAN20).
If this is the case, aren't I creating a lot of traffic between the CSS and the RB5009 and a lot of routing work for the RB5009?
I know this is a basic question.
Now, if there is an entirely better way (either in hardware such as using a CRS) or ROS (filtering or routing) or VLANing, or some other way, I'd love to hear about it.
Thanks.
RB5009 with VLAN10 and VLAN20
CSS326 wired into RB5009's ether2.
CSS port 1 is trunk port to RB5009 (that is, port 1 carries VLAN10 and VLAN20)
CSS Ports 2-8 are access ports for VLAN10
CSS ports 9-16 are access ports for VLAN20
Let's say I have a smart TV (Roku) on CSS port 2. The TV will be on VLAN10 and have full access to the Internet.
But, I have my smartphone in my hand, which is wifi connected to an AP on CSS port 9 (VLAN20), and I like to use the Roku app to control the TV.
Do I need to set up a firewall rule on the RB5009 to allow frames from VLAN20 to access devices on VLAN10?
The RB5009 doesn't know which CSS port the AP is on (and therefore doesn't know how or from where my smartphone is comes to be on VLAN20).
If this is the case, aren't I creating a lot of traffic between the CSS and the RB5009 and a lot of routing work for the RB5009?
I know this is a basic question.
Now, if there is an entirely better way (either in hardware such as using a CRS) or ROS (filtering or routing) or VLANing, or some other way, I'd love to hear about it.
Thanks.
Statistics: Posted by Josephny — Tue Mar 25, 2025 12:55 am