Are VLan's used to split my switch into segments?

networking switch vlan network-design

I'm trying to plan for the following Small Office network setup:

enter image description here

  • 3x Internet connections
  • Things connected to the port in each colour can only get routed through their corresponding internet port.

for example:

Internet 1 (RED) - ports 4, 6, 8, 10 ... 22, 24 only go out via port 1.

I don't care if a device from the RED ports can see a device from another colour.

Is this called VLan segmenting? Do I need to tag each port a VLAN ID?

Yes, I'm new to this so please be kind. Of course, I've got the wrong terminology so I would also be grateful for any help in getting corrected on the terminology used, here.

Further notes: - I'm only using one switch. not two or more than need to joined. - 3x internet connections because it's cheaper in AU to get 3x ADSL connections that 1x 'fast office' internet (like 40/10 or 100/10, etc)... - Each internet connection is doing something unique (eg. voip vs internet vs multimedia)

UPDATE 1:

Also, I'm assuming each colour would have it's own IP range? eg.

  • RED : 192.168.0.1/24
  • YELLOW: 192.168.1.1/24
  • BLUE: 192.168.2.1/24

(and the modem/routers are acting as the DHCP servers for those coloured ports).

UPDATE 2: Switch is a brand spankin' new Ubiquiti Unfi 24port Switch.


Solution 1:

VLANs are a technology used to sub-divide physical switches into smaller logically-isolated layer 2 broadcast domains, and also to enable one switch to inform other connected switches which VLANs each ethernet frame is assigned to.

Whether or not your switch supports 802.1q VLANs is something you will need to determine on your own. Not all switches do support 802.1q. Generally-speaking, user-facing ports get assigned as un-tagged VLAN members, and ports between switches get assigned as tagged VLAN members.

As for routing, this is something that VLANs (in your case) have no influence on. You will still need a router connected to each VLAN to serve as the default gateway for each VLAN/subnet.

As a small example of how this might go, if you want three VLANs connected to three different routers, you create the three VLANs and then assign switch ports as untagged members of their VLAN. One port on each VLAN gets connected to the router, and the rest of the ports are available for other devices: Wireless Access Points, Workstations, printers, etc.. The router for each VLAN will need to fulfill DHCP, DNS, NAT, etc. duties for its assigned subnet. Keep in mind that in this situation (with three different independent and isolated routers), systems on one VLAN will have no way of communicating with systems on another VLAN. To remedy that situation, you will likely need to have a single router which is uplinked to the switch via a VLAN trunk (tagged interface), and which serves as a router for all of your networks.

Related

Does the ELB also route outbound reply traffic in AWS
How to see disk usage graph on Windows Server 2012
Copying an EBS Snapshot to S3 for low-cost storage
Using Azure AD to push Group Policy settings
In Civ5, what effects does it have if another civ is "hostile" or "fearful"?
What are the keys to a successful melee and/or unarmed build in Fallout: New Vegas?
What is the difference between the USB ports on the front/back of the XBox 360?
How to preload Cataclysm without pre-ordering it?
Why is windowed mode always slower in games?
How did Garrosh Hellscream become the new Warchief?
StarCraft2: Easy way to calculate number of harvesters
In Civilization V, I have iron but it won't let me build swordsmen