2

(Apologies in advance for not being an network savvy guy)

I have four VLAN's configured on a 24 port D-link DGS-3324SR. Each VLAN has 6 ports. The first VLAN has a connection to a modem providing 16 different "external" IP adresses. I call this the "hot" VLAN.

Now I want to route traffic from External IP's, connected to the VLAN1, into one Internal Server (Let's say on 10.232.0.0/24 range) on VLAN3. The external IP's are all static, no DHCP or anything.

Basically I want the server to act like it's directly connected to the internet, except having an internal IP. I would also be adding more internal servers that accesses the other external IP addresses later.

Examples how you would do this on other platforms or even in theory would be most appreciated, good sirs.

alu
  • 21
  • 1
  • 2

2 Answers2

2

You need to set up Network Address Translation, or NAT. One to one NAT will map an external address to one internal IP.

Depending on your ultimate configuration, you may also need a router or multilayer switch to route between VLANs. Remember that VLANs are layer 2 constructs and thus require a layer three device (whether physically separate or logically there but within the same hardware) in order to pass traffic between them. Here's a Cisco example of options.

This could all be done with a single multilayer switch if it had the right capabilities, but cannot be done just with the DGS you have alone as far as I know.

phoebus
  • 8,370
  • 1
  • 31
  • 29
  • Thanks for a very informative answer. I will try out this tomorrow at the office and see if I can get it running. This is fun stuff :) The D-Link switch I am using should be able to route between VLANs as it's a Layer 3 switch. – alu May 04 '13 at 23:30
  • Thou it looks like that the switch does not support NAT, could it be that I need to look for another name in the documentation? – alu May 04 '13 at 23:39
  • Switches don't generally support or perform NAT. The modem, firewall or router typically performs NAT. – joeqwerty May 04 '13 at 23:58
  • As @joeqwerty noted, you'll likely need to perform the NAT on another device if you want to keep the public IP off of the server itself. Typically this would be the device that is acting as the gateway, which may be your modem. – phoebus May 05 '13 at 06:17
0

You can setup a one to one NAT.

Spack
  • 1,594
  • 13
  • 22