Skip to content

Raspberry Pi 2b as a home router with Cisco switch and VLANs

Raspberry Pi 2b as a home router with Cisco switch and VLANs published on 5 Comments on Raspberry Pi 2b as a home router with Cisco switch and VLANs

Hi!

Some time ago I configured my Raspberry Pi as a home router. Below, in short brief is shown my configuration.
raspberry_cisco_switch

On the Cisco switch, I have created two vlans:
vlan10 – WAN (Internet connection)
vlan20 – LAN (Home network)

The first port of the Cisco switch is connected to the the Internet, and is configured as access port for vlan10. The second port is connected to the Raspberry Pi as trunk port – traffic from vlan10 and vlan20 is tagged on this port. Third port is in access mode and is connected to the home access point.

Network configuration on Raspberry Pi looks as follows:

On eth0 interface I have set 192.168.100.1 address for management purpose in case of problems with access to the Raspberry Pi from vlan’s side. On vlan10 interface I have to set the custom mac address to obtain IP address from my internet provider. Vlan20 with addresses 192.168.50.1/24 is for my home network.
The rest of my configuration like NAT, dhcp, dns is pretty standard and will not be posted about it here. If you have questions, I will be happy to answer in the comments 🙂

How Raspberry Pi performs as a router on my 100/50 Mb/s internet connection? Quite nicely for a network card supported by USB – which has Raspberry.
4931071421

5 Comments

hi jan!
i wanna make something like you, actually the same thing. the hardware i wanna use is raspberry pi 3, netgear 8 port web managed smart plus switch, 2 netgear 5 port web managed smart plus switch (must buy it), netgear R7500 and netgear wnr1000.
why i wanna do it?
we moved in a new appartment and the internet access is in one corner, same as the R7500 (router and wlan AP), but on the other side of the appartment is nothing. the appartment is very old and the walls are concrete ones. so, i decided that in the nearest future i should wire the rooms.
my plan would be: 1. netgear 5 port switch: port 1- internet access, port 2- pie, port 3-wnr1000, port 4- NAS, port 5- netgear 8 port switch; 2. netgear 8 port switch: port 1- bedroom, port 2- my sons room, port 3 & 4 multimedia, port 5 & 6 & 7 free and port 8- netgear 5 port switch; 3 netgear 5 port switch by my son: port 1 & 2 free, port 3- raspberry pie, port 4- daughters room, port 5- netgear 8 port switch.
the plan is to have 2 lans, our private lan and one extern for guests and tests (vlan 11 & vlan 22), to have vpn (side to side and peer to side).
The heart of the project would be raspberry pie. it should be router for 3 networks (internet, lan and guest), dns and dhcp for 2 of them (lan and guests) and vpn server.
what do you think, are those whishes to much for a pie?
before i tried 20 times to make a vpn server with pie, after the R7500 but i have never made it. i dont know why it never worked. i m totally unsatisfied with R7500. i bought it 3 years ago as i didn t know much about networking, now when i know something, i think it s not good, wanna use it as WLAN AP, the same as wnr1000.
thanks in advance!

Hello 🙂
The plan you described is not entirely clear to me, but I think that all of this described things are possible with devices which you have, and Raspberry may working well as the router of your network. I was using Raspberry as a router, dhcp server, dns server, vpn server for remote clients like iphone and for site-to-site connection beetweend two houses – for many years and it was working well with 100/50Mb/s internet connection.
To create your local network with two vlans (exactly it will be for vlans – one for internet connection for rpi, and one for private network) managed switches are necessary.
You have to create trunk (vlan) connections between this managed switches to allow transmission separate lans between them.
Below is my simple plan for your network with two managed switches.

Vlan2 – internet
Vlan3 – private network
Vlan11 – guests network
Vlan22 – tests network

1. netgear 5 port switch:

PORT 1 – internet access, (port in access mode (network without tagging) assigned to vlan2 (for example) on this switch

PORT 2- pie, (port in trunk mode (network with tagging), assigned to vlan2, vlan3 vlan11, vlan22 on the switch. This configuration give rpi access to all your network and internet. On raspberry you will have to create 4 vlan interfaces.

PORT 3-wnr1000, (port in access mode (network without tagging) assigned to vlan 3 or vlan11 or vlan22 on this switch

PORT 4- NAS, (port in access mode (network without tagging) assigned to vlan 3

PORT 5- netgear 8 port switch; (port in trunk mode (network with tagging), assigned to vlan3, vlan11, vlan22 on the switch

2. netgear 8 port switch:
PORT 1- bedroom, (port in access mode (network without tagging) assigned to vlan 3
PORT 2- my sons room, (port in access mode (network without tagging) assigned to vlan 3
PORT 3 & 4 multimedia, (port in access mode (network without tagging) assigned to vlan 3
PORT 5 & 6 & 7 free and
PORT 8- netgear 5 port switch; (port in trunk mode (network with tagging), assigned to vlan3, vlan11, vlan22 on the switch

3 netgear 5 port switch by my son:
PORT 1 & 2 free,
PORT 3- raspberry pie, (port in access mode (network without tagging) assigned to vlan 3
PORT 4- daughters room, (port in access mode (network without tagging) assigned to vlan 3
PORT 5- netgear 8 port switch. (port in trunk mode (network with tagging), assigned to vlan3, vlan11, vlan22 on the switch

For site-to-site vpn I recommend gre over IPsec (strongswan), and for client connections such as laptops, phones I recommend l2tpd (xl2tpd) over IPsec.

Regards

Hi Jan!
Thanks for a quick reply!
I have to plan it now. I think that pi would be the hardest part 🙂
I need to think a little bit about the steps. This is going to be a huge experience for me.
Thank you very much!
I ll write soon 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill the CAPTCHA *