I have a few questions about your video, “VLANS saved my home network”.
When running your single Cat 5e cable from the Flex-mini switch, you have that on port 2 set to “all” or as a trunk port, right? And then that Cat 5e cable connects to your upstairs Enterprise-24-POE switch to a trunk port?
When creating the InternetVLAN, you do that under “create new virtual network”. Do you leave the DHCP server option enabled or turn it off? What about DNS multicast? It doesn’t seem like these are relevant given the purpose of WAN traffic only.
Will this setup affect anything like WAN firewall rules or traffic management? On the UDMP dashboard, WAN1 will still show with the public IP and not a VLAN IP?
I attached a diagram showing my network - hopefully you can make sense of it. Of course, the UDM Pro and all switches will connect into the aggregation switch. And a port on the 24-port-Enterprise switch will be set to the InternetVLAN only to plug into the WAN port on the UDM Pro.
So on the port that uplinks the downstairs switch, to the upstairs one I do not have any VLANs blocked on that Port. (basically tagged as ALL). That way the VLANS can flow upstairs between the switches
So this is the really important thing to do: Set is as VLAN only network (now third party gateway)
This way the VLAN acts ONLY as a VLAN. If you add the UDM as a router, then the UDM will try to do DHCP and other things.
So as long as the VLAN is setup only as a VLAN (the UDM is not acting as a router on it) then your firewall rules will be unaffected. WAN1 will still be the public IP because that is the VLAN IP. When you create a VLAN only network you are only creating a virtual switch. Only thing that is different is in my ‘devices’ tab I see the upstream gateway hooked up to my Flex Mini.
TL;DR;
As long as you do not set a router on the Internet VLAN AND the ONLY two things that are tagged on the internet VLAN are the modem and the UDM WAN port then you will have the exact same setup as if you just bought a switch and plugged your modem and UDM WAN port into it.
I’m currently stumped. The UDM Pro SE isn’t pulling a public IP address from my Xfinity modem using either of the WAN ports. The modem is in bridge mode and has been since I’ve had it. And it always worked fine when plugged directly into a WAN port of the UDMP SE. The modem is an X1 modem from Xfinity.
To recap: modem > USW-Enterprise-8 (port 1 InternetVLAN) > USW-Enterprise-8 (SFP+ fiber “default” network) to upstairs USW-aggregation (ports “default”) > USW-aggregation to USW-24-Enterprise-24 SFP+ > USW-24-Enterprise port 24 InternetVLAN > UDMP SE WAN port 9.
Oddly, my backup T-Mobile Home Internet works great using the same network configuration as above. The UDMP SE WAN port 10 pulls an IP address right away. One difference is that the T-Mobile Home Internet uses CGNAT, so the UDMP SE is getting a local IP address in the 192. range. I tired the Xfinity modem on port 10 but it still wasn’t pulling an IP address.
Are there any thoughts on why the Xfinity modem isn’t playing nice? In the WAN settings for port 9 (Xfinity) there is a place to specify a VLAN. Should that be 100 for the internetVLAN or is that for the WAN side?
UPDATE: I was able to get the VLAN configuration setup properly - it initially wasn’t working because the VLAN carrying the WAN traffic wasn’t isolated from other VLANs (I thought it was). It’s been working great with no performance hit observed. In fact, the Internet feels more responsive running through the VLAN-ONLY configuration.
Looks awesome man! Yeah its a bit funky to setup at first (I actually had it setup over the switch all in the same space for 2 weeks ahead of filming the video to make sure it would work without a hitch)
