I have a couple of Lifx bulbs on a separate VLAN but the PI does not seem to find them. I have a firewall rule that allows my LAN to pass all communication to my VLAN so I was wondering if anyone had any experience with VLANs and this PI?
Announcement
Collapse
No announcement yet.
VLAN support?
Collapse
X
-
Well 17 views and no replies so I guess no one is using VLANs with Lifx. For someone else that stumbles into this issue in the future, I've managed to fix it. The solution is to configure your router to relay broadcasts across VLANs. My specific setup is a Ubiquiti USG Pro 4 router with Unifi switches. Since routers typically do not broadcast across VLANs, I had to install and configure a piece of software that would accomplish this. The details are here: https://github.com/britannic/ubnt-bcast-relay
-
Originally posted by ando1 View PostWell 17 views and no replies so I guess no one is using VLANs with Lifx. For someone else that stumbles into this issue in the future, I've managed to fix it. The solution is to configure your router to relay broadcasts across VLANs. My specific setup is a Ubiquiti USG Pro 4 router with Unifi switches. Since routers typically do not broadcast across VLANs, I had to install and configure a piece of software that would accomplish this. The details are here: https://github.com/britannic/ubnt-bcast-relay
Comment
-
Originally posted by ServiceXp View Post
Not knowing much about VLANs and Network security for that matter, that does not sound safe?
In general, it is a good practice to segment iOT devices from your main computers to reduce the attack surface of something happening. This is what I did by putting the bulbs on a separate VLAN. I also narrowed the attack surface by only allowing the 2 Lifx bulbs communicate to only the HomeSeer PC on the LAN on one UDP port. I am by no means an expert at networking, but I like to tinker and learn which is why I also have HomeSeer
Comment
-
In order to talk between a LAN and VLAN, routing is required. Once a route is established, the barrier between the LAN/VLAN is gone unless there are firewall rules in place. So, "safe" is a matter of whether you're filtering traffic or just letting everything pass between the LANs. If a route is created but there is no filtering, then there is no real reason for the VLAN to exist.
Comment
Comment