hey, I wanted to ask YOU, dear ones, how can I share the Internet from the WAN interfaces with workstations (e.g. 1,2) from the maxbr2 device. The stations receive IP addresses from dhcp from router1 and are in vlan 111, which is sent by speedfusion in layer 2. These stations browse the resources of server1 and I would like them to also use the external Internet via WAN in maxbr2
You can’t because all the traffis is encapsulated in layer 2 so the only gateway they currently have access to is Router 1 (12.10.5.1)
Do you really need layer2 between the locations? What problem does it solve?
If you could move to layer 3 instead then you can break out to the internet locally at the remote sites.
ok thanks
layer 2 is needed to get IP addresses from DHCP from router1, because I need to have access to server1 resources, and I will have more peplink devices and I always want to have access to this network, I also wanted the devices to have as little configuration as possible,
What are the resources? What applications are on server1?
What’s stopping access via routed Layer 3 addressing? Is it a firewall on the server, is the server using a different gateway an doesn’t have a route back? Is it multicast traffic?
If you can change to L3 if gives you loads more options.
we decided on layer 2 because we want to have as little configuration as possible, so each time there can be different devices connected to this vlan, in layer 3 you have to configure routes etc. - that’s why we chose to connect to the network in my main office in layer 2, I have a question then whether using a tunnel in layer 2 can have an impact on WAN consumption in maxbr2
Ok I can understand that I suppose but the disadvantages likely outweigh the benefits.
In layer 2 you lose all routing logic and control over what user traffic passes over the WANs at the remote sites (which you want). if there is a broadcast storm at one site or very talkative mukticast traffic then bandwidth is needlessly consumed at all the other sites too (which you don’t want).
Peplink Layer3 auto advertises the vlans at the remote locations to the other sites so there is no complex configuration needed.
My advice is to revert to L3.
Yes because all broadcast traffic on that Layer 2 network will arrive at all sites.