[mythtv-users] VLANs, HDHomeruns and bears, oh my

Ben bkamen at benjammin.net
Mon Apr 6 20:08:25 UTC 2020 

On Mon, 6 Apr 2020 at 18:04, Michael <mythtv at blandford.net <mailto:mythtv at blandford.net>> wrote:
>
>
>     I have something similar to this at my house.
>
>     Desktop computers and infrastructure on VLAN1.   Can route to the
>     internet or any of the other VLANs
>
>     IOT devices on VLAN 2.   Can only route to the internet. Limited access
>     to VLAN1 on specific ports/protocols for things like plex or mythtv
>
>     Guest internet on VLAN 3.  Can only route to the internet
>
>     Cameras on VLAN4.  Can't route anywhere
>
>
>     All VLANs have access to DNS/DHCP on VLAN1
>
>
>     I set this up with an Edgerouter and Unifi switches.   If you google
>     'edgeos IOT vlan' you can find many guides on how to set something like
>     this up.
>
>
>     The key thing to note is the VLANs don't extend down to the individual
>     devices.   It is virtual concept that happens between the swtiches and
>     routers to separate the networks.
>
>
>     Michael
>

I have a similar setup at home. I'm using an older Juniper SSG140.

You could also build your own using something like OPNsense which handles VLANs quite nicely (and could be a firewall for your home).

The only caveat I would say is that VLANs COULD extend to end devices if you set the port on the switch to be a TRUNK port instead of an ACCESS port.

But most of the time, switch ports that go to end devices are set to ACCESS and then a specific VLAN. The end device has no idea it's on a VLAN.

Cheers,

  -Ben



-- 
Ben Kamen - O.D.T., S.P.
----------------------------------------------------------------------
eMail: ben AT benjammin DOT net               http://www.benjammin.net
Fortune says:
It is more rational to sacrifice one life than six.
		-- Spock, "The Galileo Seven", stardate 2822.3
-                                                              -
NOTICE: All legal disclaimers sent to benjammin.net/benkamen.net
or any of it's affiliated domains are rendered null and void on
receipt of communications and will be handled/considered as such.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mythtv.org/pipermail/mythtv-users/attachments/20200406/9cc11af2/attachment.htm>

More information about the mythtv-users mailing list