You would expose a single port to multiple vlans, and then bind multiple addresses to that single physical interface. Each service would then bind itself to the appropriate address, rather than “*”
Comment on Should I or should I not use a VLAN? I have trouble understanding the benefits for home use
JustEnoughDucks@feddit.nl 6 months agoYes, that is why I gave an example of how i thought it worked, but i have a single physical server with *arr suite, HA, reverse proxy, and all of my other services.
If it is a near physical separation of traffic, how can 1 device with 1 MAC and 1 IP be isolated on multiple parts of the VLAN?
Dran_Arcana@lemmy.world 6 months ago
acockworkorange@mander.xyz 6 months ago
Oh, it can’t. You’d need more ETH ports. One for each VLAN a device is connected to. You can find multiport low speed expansion cards for cheap, even more so used. Many people think it’s a worthy investment. You learn a valuable skill and have a more resilient, secure network.
Of course that assumes you have spare expansion connectors on your server. I might be wrong, but I’m pretty sure you can find ETH boards for that “Wi-Fi” M.2 connector, so that’s an option if you don’t have PCI. That way you can at least segregate Internet and local traffic.
FalseMyrmidon@kbin.run 6 months ago
Yes, you create virtual nics tied to the physical one.
acockworkorange@mander.xyz 6 months ago
Thanks, I’ll look into it!