Local Network Setup and Management
This article introduces the LAN configuration of Vigor Router, including the basic TCP/IP settings, the DHCP options, and the VLAN configuration.
- Router's LAN Interface
- TCP/IP Settings
- DHCP Server Options
- Virtual LAN & Multiple Subnet
Router's LAN Interface
A router usually has two types of interface, one is WAN (Wide Area Network) interface, the other is LAN (Local Area Network) interface. While WAN is the interface for connecting to the ISP and the Internet, LAN is the interface for communicating with the private network. Vigor Router usually have more than one LAN port, but keep in mind that all of the LAN ports are sharing the same MAC address, and they should be regarded as a single interface. Without the VLAN (Virtual LAN) settings, there is no difference between the LAN ports.
On LAN >> General Setup >> LAN 1 Details page, the IP settings can be changed, Network Administrators may use any IP subnet that is preferred, as long as it does not conflict with the WAN IP settings. By default, Vigor Router uses the subnet 192.168.1.0/255.255.255.0 for the LAN interface and the LAN IP address is 192.168.1.1. With such configuration, to access the router from its LAN, the network interface of the PC should be configured with an IP address also in the 192.168.1.0/255.255.255.0 subnet.
DHCP Server Options
The IP configuration on the LAN hosts can be done by DHCP (Dynamic Host Configuration Protocol). This is a very common protocol which allows a DHCP server on the network to distribute the necessary configuration to the DHCP clients automatically, thus reduce the need to configure the settings on LAN clients manually.
Vigor Router is by default enabled to act as a DHCP Server, so if a PC has its network interface configured as “Obtain an IP address automatically”, it will get an IP address from the router when it connects to the router's LAN. On Diagnostics >> DHCP Table page, Network Administrator may check the IP addresses which has been assigned and the MAC address of the device which is using the IP address.
On the router, the DHCP Server Configuration can be customized at LAN >> General Setup >> LAN 1 Details page, the network administrator may specify the range of IP address to be allocated by configuring “Start IP Address” and “IP Pool Counts”, other common DHCP server options, such as the Gateway IP, Lease Time, and DNS Server can also be configured on the same page. For advanced options, they can be configured at LAN >> General Setup >> Advanced Page by identifying the option number, data type, and the value. (Visit How to configure DHCP options for DHCP clients? for some examples.)
Bind-IP-to-MAC (DHCP Reservation)
The IP address obtained by DHCP is dynamic, since the DHCP lease has an expiration time, and the obtained IP address will be reclaimed by the DHCP server and may be allocated to other devices when the lease expires. However, Vigor Router supports “Bind-IP-to-MAC” which allows Network Administrator to reserve an IP address for certain MAC address, and to make the IP address be excluded from being assigned to other devices; on the other hand, the device with that certain MAC address will always obtain the reserved IP address., therefore can get a fixed IP address through DHCP. This is useful when there's service-critical devices on the network, such as a printer, which may need a fixed IP address but does not have the interface for manual configuration. To set up Bind-IP-to-MAC, go to LAN >> Bind IP to MAC, select “Enable” and add entries into the “IP Bind List”. (For more details, visit What is Bind IP to MAC?)
On LAN >> General Setup >> LAN 1 Details page, Network Administrator may turn off the router's DHCP Server function by selecting “Disable Server”. If DHCP Server is disabled, the hosts will need to manually configure an IP address to join the LAN network. Vigor Router can also be configured as a DHCP Relay Agent. When “Enable Relay Agent” is enabled, the router will not reply the DHCP requests, instead, it will forward the DHCP requests to the DHCP Server specified at “DHCP Server IP Address”.
Virtual LAN & Multiple Subnet
Virtual LAN (VLAN) is commonly implemented on the local network to partition the network and divide the broadcast domain. By adding a VLAN tag to the packets and indicate the VLAN ID, traffic from or to certain VLAN can be differentiated, therefore we are able to logically separate the LAN clients who physically are on the same network. This allows the network administrator to control the access to certain part of the network while allowing connection from both authorized and unauthorized clients. For example, we may create a VLAN for the staff and another for the guests, then we can allow both the staff and guests to be connected to the same network but ensures that the guests will not have the access to the staff-only resources. Yet another important benefit of setting up VLAN is to partition the broadcast domain, this will reduce the nodes that the broadcast packets can reach and thus prevent too much broadcast traffic among the network.
Vigor Router is compatible with 802.1Q VLAN; moreover, it supports multiple subnets, which means the router can use different TCP/IP and DHCP settings to communicate with clients from different VLANs. With multiple subnets, we not only can separate the LAN clients into multiple groups but also use different IP subnet for each group; this helps Network Administrator to apply policies on a certain client group efficiently, since many of the router's applications (e.g., Firewall, QoS, Policy-based Routing) can be configured base on the IP subnet.
On Vigor Router, we may divide the router's LAN ports into different VLANs. For the cases that a LAN port will be connecting to only one VLAN, we just need to specify which VLAN does the LAN port belong to, then the router can differentiate the traffic by which port it receives them. This is also known as “port-based VLAN”.
However, if there is a VLAN-supported device on the network, for example, a switch, the router may actually connect to more than one VLAN through a single LAN port, then that LAN port should be members of multiple VLANs. In this case, network administrator will need to specify the VLAN tag of each VLAN (one of them can be untagged) and make sure the traffic received by the router still have the VLAN tag kept so that the router can differentiate the traffic by the VLAN ID on their VLAN tag. This is also known as “tag-based VLAN”.
To create VLAN on Vigor Router, go to LAN >> VLAN,
- Check “Enable” to enable VLAN configuration on the router.
- Choose an available VLAN, select the physical port member (and SSID members for Wi-Fi models) of this VLAN.
- Select a LAN Subnet, this determines which IP settings should be used by the router on this VLAN.
- Enable VLAN Tag and enter a number as VLAN ID (VID) if necessary. This is required if one of the port members is also a member of another VLAN.
- Click “OK” to save the settings.
6. If a Subnet other than LAN1 is used, go to LAN >> General Setup page to enable the LAN Subnet that has been selected. You may also configure its TCP/IP and DHCP configurations in “Details Page”. (Visit How to set up multi-subnet with port-based VLAN? and How to set up multi-subnet with tag-based VLAN? for some configuration examples.)
Note that the clients belong to different VLAN are not able to access each other by default. However, to allow traffic across VLAN, we can enable “Inter-LAN Routing” on the bottom of LAN >> General Setup page, this is an option when the VLAN was created to separates the IP subnet but not to block the LAN clients from each other.
In summary, on LAN >> General Setup >> Details page, the TCP/IP settings can be configured, as well as the DHCP server options. Vigor Router is a DHCP server by default, it can be turned off or configured as a DCHP relay agent to forward the DHCP request to another DHCP server. Vigor Router is compatible with 802.1Q VLAN, we can have either port-based VLAN or tag-based VLAN setup on the router, and multiple subnet is supported that allows us to have different TCP/IP settings and DHCP server configuration for each VLAN.