Multiple vlans on a prefix

[wannagofast83]

We have a prefix that is assigned to 2 vlans(non firewalled and firewalled). Is there a way to add multiple vlans to a prefix?

[candlerb]

If it's the same subnet and broadcast domain (e.g. you have a transparent "bump in the wire" firewall, or a ton of proxy-ARP) then it's the same VLAN as far as Netbox is concerned. Netbox natively doesn't have a way to model two different VLANs which themselves are bridged together at layer 2, so they could be associated with a single prefix.

You could create a multi-object custom field from prefix to VLAN, or vice versa, but as that overlaps with the existing relationship from prefix to (single) VLAN it could be confusing.

I think you could create two identical prefixes and associate each one with a different VLAN (if these are in the global VRF then you need ENFORCE_GLOBAL_UNIQUE=False, which is the default), but that's ugly.

You could associate the prefix with a third, meta-VLAN which represents the pair of VLANs, and then have a single-object custom field from VLAN to VLAN so that the underlying VLANs are both associated with the same parent meta-VLAN (or more simply, just use a comment on the meta-VLAN to list the underlying VLANs).

You could associate the VLANs via a VLAN Group, but that means you can't use VLAN Groups for other purposes.

[mtinberg]

We had the same setup for a time before moving firewalling to L3 and the way I modeled it was to associate the prefix with the VLAN the traffic is actually routed on at the router, then I created a vlan_bridge custom_field so the bridged VLAN(s) (sometimes with L4 loadbalancing there were multiple levels of bridging) could refer to the record ID of the spanning-tree/routing root VLAN, with custom URLs that would template in if the vlan_bridge field was set on bridged VLAN, or if there were any referring VLANs from the root VLAN. That worked well enough to find, template and navigate through, better now that there are object references. — Mark Tinberg ***@***.***> Division of Information Technology-Network Services University of Wisconsin-Madison

…

________________________________ From: wannagofast83 ***@***.***> Sent: Wednesday, November 1, 2023 3:59 PM To: netbox-community/netbox ***@***.***> Cc: Subscribed ***@***.***> Subject: [netbox-community/netbox] Multiple vlans on a prefix (Discussion #14165) We have a prefix that is assigned to 2 vlans(non firewalled and firewalled). Is there a way to add multiple vlans to a prefix? — Reply to this email directly, view it on GitHub<#14165>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AAS7UM2JUB3Z2H7EBXYIWBLYCKZ4PAVCNFSM6AAAAAA6Z4C2YSVHI2DSMVQWIX3LMV43ERDJONRXK43TNFXW4OZVHAYDGMBTGA>. You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>