First Vlan Tryout Setup

After having borked the router last time when I was trying to set up a vlan, I am now going to be a little more cautious. To that end, I am going to list out all of the steps and the proper sequence so that I don't get into trouble. My first tryout is to set up a vlan from a VMware Stack through two managed switches, and then to the final router. The following steps will be necessary:

1. Setup the Stack to connect through vlan8.
2. Setup the Mac Mini to put vlan8 out as a tagged stream.
3. Setup the Mac Mini to be able to get to any system in vlan8, but not the other way around (iptables equiv.).
4. Setup the first switch to accept vlan8 packets on the same port as the Mac Mini.
5. Setup the first switch to pass the tagged vlan8 to the second switch on a trunk.
6. Setup the second switch to receive the tagged vlan8 packet on the trunk and pass it as a tagged packet to the port on which the router resides.
7. Setup the router to receive the tagged vlan8 packet on the trunk line and pass it on through the NAT firewall to the outside.
8. The router should be set up so that it does not allow cross communication between vlan8 and any other vlan on the router.
9. Setup the router with a port forward to the VMware stack.

That is basically what I need to accomplish, now on to figuring out the particulars of each.

Update: 12/3/2012 - I have performed steps 4, 5, and 6 with the two switches.  That was the easy part of this sequence.  I have decided to make the subnets reflective of the vlan number by using the vlan number as one of the 4 octets.  Not sure whether to use C, B, or A addressing scheme.  I have also performed step 2 to have the vlan8 output as a tagged stream.  When I went to perform step 1 I set the Stack to the vlan that I had created in step 2, I encountered no problems.  When I changed the DHCP address to the new vlan8 subnet that is when the problems began.  More later.


- LW