Best practice regarding inter-VLAN-connectivity?


I am using OpenWrt 21.02.0 on TP-Link Archer C7 v5.
I have just started setting up a few VLANs and while my devices within the VLANs can talk to each other I am not sure what the best practice is regarding giving a client access to multiple VLANs.

As an example: I would like to run Home Assistant in a Proxmox VM and it should have access to almost all the other VLANs (especially the IOT VLAN of course).

I could add a virtual NIC with the right VLAN-tag to the Home Assistant VM for every VLAN Home Assistant should have access to. But (if I am understanding it correctly) I could also write a forward rule to forward packets between Home Assistant and the other devices.
Now I am wondering what's the best way of allowing inter-VLAN-connectivity.

This is probably a very basic question and I am sorry, but I am unsure what's the best solution here.

If I should do something else I am fine with that too, I'd just like to avoid having to redo my VLANs/setup later on.

Any help is appreciated, thanks!

It is better to use native routing, than adding the overhead of port forwarding.

Thanks, @trendy

That means using virtual NICs over firewall rules, right?

Virtual NICs are better as long as you configuring routing and firewall on the server additionally.
What I meant was having one interface and using only firewall rules to allow the necessary traffic from lan to the server.

Sorry that I have to ask again, but I am new to all this. I really appreciate your patience.

Where possible I'll leave the OpenWrt config as is and use multiple NICs and firewall rules on the proxmox server, correct?
But that also means that with devices that can't have multiple (virtual) NICs and are in separate VLANs I need to use OpenWrts firewall rules (Firewall->Traffic Rules), right?

Yes, that is correct.

1 Like

Again, thank you very much!

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.