Results 1 to 8 of 8

Thread: IP Aliasing

  1. #1
    Untangler
    Join Date
    Feb 2011
    Location
    Olympia, WA
    Posts
    53

    Default IP Aliasing

    The objective that Iím attempting to accomplish is noted at the bottom of the graphic rendering of my network setup. Iím facing 2 limitations that I identified: 1. Limited physical interfaces at the UT-Server. 2. Network wiring constraint to the targeted switch.

    My question to the networking forum is, can I accomplish the objective by ďadding a IP aliasĒ to my interface eth1 (example: 192.168.29.x), if so how would I enable DHCP services to the IP alias?

    Network VLAN Configuration.png

  2. #2
    That Which Lurks Below
    Join Date
    Jul 2018
    Posts
    66

    Default

    You can add an alias at the bottom of the interface config:
    2022-07-21 14_23_19-Window.png

    …but an alias isn't an interface unto itself. It just informs the existing interface that it also owns that additional IP address. The DHCP settings for the interface don't change if you add an alias.

    If you want separate DHCP server settings, you need a separate interface entirely. You can use VLANs, if you have a switch capable of adding VLAN tags to traffic.
    Grśme Ravenscroft ē Technical Marketing Engineer
    ('gram', like the unit of measurement)
    he/him
    Please don't reboot your NGFW.
    How can we make Arista ETM products better?

  3. #3
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,510

    Default

    I don't think aliases are what you're after, if you're trying to terminate multiple VLANs on a single physical interface you need to define the appropriate child interface for that.

    Config -> Network -> Interfaces

    The listed virtual interface (internal), is assigned to a specific physical interface (eth1). Internal in this case defines the IP configuration to be used for unsigned packets that land on the eth1 interface. Above the list of interfaces is an "add Tagged VLAN interface" button, you use this to create a child interface of a selected physical interface, in this case Internal. When you create this new interface it will ask you for the 802.1q tag (VLAN tag). This new interface has its own IP configuration, and determines what IP configuration and services work for packets on the selected physical interface and assigned the tag in question.
    dashpuppy likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  4. #4
    Master Untangler
    Join Date
    Jul 2010
    Location
    Nanaimo B.C
    Posts
    866

    Default

    Quote Originally Posted by sky-knight View Post
    I don't think aliases are what you're after, if you're trying to terminate multiple VLANs on a single physical interface you need to define the appropriate child interface for that.

    Config -> Network -> Interfaces

    The listed virtual interface (internal), is assigned to a specific physical interface (eth1). Internal in this case defines the IP configuration to be used for unsigned packets that land on the eth1 interface. Above the list of interfaces is an "add Tagged VLAN interface" button, you use this to create a child interface of a selected physical interface, in this case Internal. When you create this new interface it will ask you for the 802.1q tag (VLAN tag). This new interface has its own IP configuration, and determines what IP configuration and services work for packets on the selected physical interface and assigned the tag in question.
    Creating a dedicated vlan would totally work !
    Started Youtube Channel, Have a question about Untangle Ask me : jason @ jasonslab.ca
    https://www.youtube.com/c/jasonslabvideos << Please like and subscribe, helps me out !!

  5. #5
    Untangler
    Join Date
    Feb 2011
    Location
    Olympia, WA
    Posts
    53

    Default

    Thanks to everyone for your responses.

    To follow the path of enabling separate DHCP server settings by adding VLAN tags to traffic on my UT physical interface (eth1), how would the assignment of IP addresses occur on connected devices at the targeted VLAN?

    Since the “Tagged VLAN Interface” will be defined on a physical interface (eth1), which has direct connection to a L3 switch, will the VLAN switch ports need to be set to a specific mode for the ip’s to reached the connected VLAN devices?

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,510

    Default

    Yes, but if the switch is doing L3 work the broadcast domain won't extend past it.

    If the switch is doing L3 work, you don't need VLANs on Untangle.

    https://en.wikipedia.org/wiki/OSI_model

    Everything I said was assuming L2 switching. L3 opens different doors, and I have no idea how you've built your switch. You need to pick a design and run with it. We can help with configuration questions, but what you've posted here are design questions. That's well beyond the scope of a forum thread.
    gravenscroft likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    Location
    York, NE
    Posts
    1,947

    Default

    I see four possible ways to interpret this:

    If Untangle is your DHCP server and you terminate the VLANs on Untangle, you only need an L2 switch (but L3 switches can always be setup as L2 only).

    If Untangle is your DHCP server and you terminate the VLANs on the L3 switch, your L3 switch needs to also support a DHCP/BOOTP relay agent, and you may also need special options in the Untangle DHCP settings. What this looks like on the switch (or whether it's even supported) depend on the switch brand, and I've not had to mess with the Untangle DHCP settings in this way myself, so I'm not sure what's needed there.

    If Untangle is not your DHCP server and you terminate VLANs on Untangle, the only difference from the first option is how you configure your switch ports for your actual DHCP server.

    If Untangle is not your DHCP server and you terminate VLANs on the L3 switch instead of Untangle (this is my network), you don't need to set Untangle any different than if you did not have VLANs at all. This will be entirely handled within your L3 switch. Your L3 switch needs to have Untangle set as it's default gateway, and the DHCP settings for each VLAN should set the L3 switch as the gateway. You'll also need some additional DNS records so Untangle can see hostnames properly.

    will the VLAN switch ports need to be set to a specific mode for the ip’s to reached the connected VLAN devices?
    In ALL of these cases you will need to know how to configure the switch ports to support the correct VLAN. The port connected to Untangle should be untagged with the VLAN for Untangle's default interface, and tagged with the VLAN of any child interfaces. Trunk ports connecting between switches should have the same settings on both ports and include all VLANs. Wherever your DHCP server lives, that port needs to be untagged on the main VLAN. In scenarios without dhcp-helper the port must also be tagged for additional VLANs.
    Last edited by jcoehoorn; 07-25-2022 at 07:52 AM.
    gravenscroft likes this.
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 16.5 to protect a 1Gbps fiber link for ~450 residential college students and associated staff and faculty

  8. #8
    Untangler
    Join Date
    Feb 2011
    Location
    Olympia, WA
    Posts
    53

    Default

    Thank you again for responding. Your input providing more avenues of thought to consider and research while perusing a solution.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2