IP ranges, do they need to match for vlans

Hi everyone.
First post here, am relatively new to networking and OpenWrt.
I have a new Switch installed and connected to a Pi4 that runs OpenWrt as my router, its only a home network, and am very happy with how it works.
The dhcp server on the Pi is handing out IP addresses to anything connected to the switch.
I now want to try out VLANS, and I am not sure what static IP my switch needs to be set to in order to work with my router in regard to VLANS.
If my Routers IP was set to 10.40.40.4 and my Switch was set to 10.70.70.70 , would they work together for VLANS.
I currently can not ping my Switch from my computer when am hardwired to my Switch, I think this is because they are not on the same IP range as shown above.
I can ping all the connected device on the switch when am hardwired to it, just not the Switch its self.
When I manually change my computers IP to be in the same range as the Switch then I can ping my switch but not my router, this is why am asking will VLANS work with the two different IP ranges I currently have.

Two more questions. .1. is it ok to change the static IP on a Swith at any time, I have it set up now and am worried if I change its IP I might break what is currently working fine. DHCP is turned off on the Switch.
.2. Is it ok to change the Static IP on a Router, will doing so break anything.

Any help would be really appreciated.

Hi,
If your switch can handle VLans my suggestion will be to assing an IP address out of the DHCP scope of the router. If the Switch does not handles Vlans them it will just pass what the router is sending.

If my Routers IP was set to 10.40.40.4 and my Switch was set to 10.70.70.70 , would they work together for VLANS.
Answer is NO, because they must be on the same network.

Try something like this:

Router 10.40.40.4
Switch 10.40.40.6

Router DHCP range from 100 to 160 will provide you with 60 internal Ips for devices.

If you want more security

Router 10.40.40.4
Vlan 100 10.50.50.4
Vlan 200 10.60.60.4

Also you will need to configure the ports on the Switch, by taggig the VLANS on the port connecting from the router to the Switch as well.
Before I forget, the Raspberry PI has only one Ethernet port, that makes things a bit tricky but is doable if you are using a module (to add more Ethernet ports) you might need to let us know making sure it has the proper drivers and is properly configure.

Thank you for posting. I can change the static IP on my switch to one within the routers range, I think this what you are suggesting.
My router currently renews the IP leases to the devices connected to the switch every few days, will this cause issues for me in the long run, for example will my router try and assign the address I chose for my switches static IP, or do routers see another device has a certain IP and avoid trying to hand it to another device, I do not yet know how to prevent this or even assign an IP to a device to avoid it all together.

There are lots of ways you can setup VLANs (in terms of logical organization and subnet size). A number of best practice methods exist, but of course each network design is different. Of course, there are things that you can do that are wrong or won't work properly -- so let's try to ensure you have a valid configuration.

One useful, but not required, best practice is to use /24 networks (254 total available addresses) with the VLAN ID being related to the 3rd octet (in bold: aaa.bbb.ccc.ddd) -- so if your VLAN ID is 53, you'd have aaa.bbb.53.ddd for the network.

[EDIT: this is also a good time to mention -- make sure you stay with RFC1918 address ranges]

You first need to think about what your VLANs are for. In many home or small business environments, the point is to provide some level of security by creating separate networks for your trusted lan, iot devices (untrusted), guests (untrusted), and maybe others. In some cases, the network used for managing the network infrastructure (router, switches, APs) will be the same as the trusted lan, and in other cases it may be a separate "management" network.

The router will necessarily have an address on every subnet (but it may or may not be accessible from the hosts on each network), but the switch (and APs) should ideally only have an address on the network that is used to manage the network infrastructure devices.

The addresses you have provided could work, but you haven't defined what networks you need and how you plan to use them.

@darkjrtk75 has already started to provide you some guidance about how you might layout your network.

That is probably true, but we don't know what VLANs you've setup, what size you've allocated for each subnet, your firewall (controlling inter-vlan routing) configuration, or even the switch brand+model (which can impact how its management surface works).

If you're simply changing your IP address, it's likely you haven't actually setup VLANs (or not properly, anyway) as VLANs are more than just simply an IP range. They involve 802.1q tags to keep the traffic separate as well as port-vlan assignments on the switch that designate which VLANs are on each port.

The switch's IP address matters only for the management of the switch itself.

It is okay, but it will (temporarily) break the network until devices either get a new DHCP lease or have their gateway updated (in the case of a manually assigned static IP address on a given host).

I connected the Pi Router to my switch via its ethernet port.
The routers internal WiFi is actually bridged to my mobile phone
to provide internet access for all the devices on the switch.
This is so I can update the devices the switch and even the router.
The router is notmally not connected to my phone other than for updates
and just works as a router the rest of the time.
I am looking to get an acces point, not yet decided on what one, and hardwire it to my switch, that way I hope to access all my devices wirelessly.
I have IP cameras I want to never be on the Internet, thus my reason for
asking about VLANS.
I should have come here before I began to set up my network, my camers
are on 192.168.1.XX from default install, I think now am going to have a hard time sorthing this out as the NVR they connect to hands out that range of IP 's, I just connected the NVR to my switch and viewed the camers that way on an offline phone, the footage is recorded regardless of whether I view it or not.

Maybe it would be good to see a diagram of your network topology and also your router configuration. A simple photo of a sketch on paper is sufficient for the diagram.

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button (red circle; this works best in the 'Markdown' composer view in the blue oval):

Remember to redact passwords, VPN keys, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

Thank you for posting.
It looks like I may need to begin again, as I have a mix of potential conflicts.
All I have done so far is install a 24 port managed switch, a D-Link 1210-28, I got it new for very little money, this is my first time with networks
switches or routers, so lots to get wrong.
I followed a video tutorial and managed to set up a Pi4 as a router, the Pi4 's onboard wifi provides internet connectivity to all devices on the switch.

I had previously installed an NVR with a few cameras, it works as planned with the NVR handing out IP addresses to the cameras in the 192.168.1.XX rage, I mention this as this too is connected to the switch, I can not see the camers now that this 10.70.70.70 Switch is installed, before that switch I had a smaller one that was in the correct IP range to view the cameras, so this needs to work with the new switch.

The first think I did with the new switch was to connect three computer to it and make sure the Pi Router was hading out IP's, and I can ping them all, copy between them all, so I achieved this goal.

The VLANS, they are really to keep the cameras off the internet, I will also want a guest VLAN and one for my three computers.

I will have to buy an AP and hardwire it to my Switch, this I will use to access all my devices, and also for guests to use when required, this AP
will also be capable of VLANS.
I have a lot to learn.

There is only one ethernet port on my Router, I did not realise I would need more, I thought the Switch would be able todo all I needed in that regard.

You can accomplish everything with the single Ethernet port. What is critical, though, is to have your switch properly configured and the the router also needs to use VLANs.

Thank you for posting.
Is your refference to Router in the below to its static IP, and are those VLAN entries also on the
Router. My Router has only one ethernet port, which I am guessing does not matter to the VLANS.

Router 10.40.40.4
Vlan 100 10.50.50.4
Vlan 200 10.60.60.4

I can not draw a diagram, sorry, my eyesight is getting worse by the day.
But I will explain what I want to do if that helps.
I have one managed Switch with three connected over ethernet.
I have one Router attached to port 22 of this switch which provides internet access.
I have an NVR that I want to connect to this Switch in order to access the footage
using a second mobile phone I carry, this phone is not connected to the internet
and I use it because it is small enough to carry from room to room or into the back yard or sheds and it allows me to view the cameras, the cameras record to the NVR regardless of the Switch as they get their own IP from the NVR and the NVR is also connected to a large monitor if I need to make any changes or view larger footage.
I will be connecting / when I get it, an AP wired to the Switch which will provide me with access to my three computers, a guest VLAN and hopefully my second phone can connect and view my cameras on another VLAN that should have no internet access at all.

Current Status, Computers > Switch > Router > Mobile phone providing Internet acess, all working fine.
No VLANS, No access to my camers, as they are on 192.168.1.XX IP 's.

To get back to the original question, the IP address the switch has is used to ping or log into the switch itself. It does not affect traffic through the switch. Unless you have configured the switch for L3 routing (an advanced feature found only in high-end switches), traffic through a switch is based only on VLAN tags and MAC addresses. A switch should not hold an IP address on a VLAN handling untrusted users and devices, as with no IP address the users cannot even try to log into the switch.

Thank you for posting, more valuable information for me to digest.
I appreciate all of your responses, am slowing getting the picture.
I have ordered an AP to complete my network setup, as a backup to
the current working setup I have, this will allow me to experiment without
destroying what I already have, the switch and router are easy to restore
to a working point in time so experementing shall begin.