Vlan and DHCP servers

[AidenTheBotLol]

Hi Everyone,

 

I was going to be getting a managed Unifi switch so I can setup Vlans. With those Vlans I am going to be setting up separate DHCP servers for every category of devices in the house and it would look something like this.

 

10.0.0.x - Main Home WiFi, Access to servers on subnet

 

10.0.10.x - Restricted Network for the kids

 

10.0.20.x - IOT Restricted network only

 

10.0.30.x - Guest Lan

 

Okay so my big question is lets say I am a device on 10.0.0.x and I want to print to a printer on 10.0.30.x could I do that. Second big question is if I am a guest on 10.0.40.x I would not want to be able to access printers, speakers, TVS etc. Is that possible to setup in a UniFi Edgerouter 4 (I am going to be building a PFSense box later). 

[Lurick]

You just need 1 DHCP server (windows/linux) with a scope for each subnet and then do DHCP relay on the non-local networks (ie the 3 without the server) to point to that DHCP server. Of course this assumes you're not using the Ubiquiti to do the DHCP itself in which case that's moot and you'll just setup the scopes on the UniFi itself.

Provided you don't have a firewall rule to block the 10.0.0.X to 10.0.30.X traffic then yes

For your second question you'd likely just setup a rule on the EdgeRouter to block traffic between those subnets, I'm not 100% on the exact steps but I would imagine it's possible for sure.

[bdk74]

Its called inner vlan routing and yes you can. It could be wide open or you can have east-west filtering between vlans. Meaning depending on what traffic you can define what is allowed and what is not. You can define the guest not to be able to access internal resources but just internet access.