What's new

Intra-VLAN visibility GS724T switches

  • Thread starter Deleted member 36463
  • Start date
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

D

Deleted member 36463

Guest
I have been asking and researching this VLAN issue for some time on this forum and elsewhere. I have configured my test network as shown in the attachment.

1. I can see from VLAN 5 out to the Internet no problem.
2. Any device outside VLAN 5 cannot be seen from outside the VLAN 5 and vice versa - that is fine also

PROBLEM: I cannot see from VLAN 5 on 1 switch to VLAN 5 on another switch.

I have not configured any Inter VLAN routing and would prefer not to do so. When I communicated to Netgear they tried to tell me that the only way to do this was to have Inter-VLAN routing configured and all VLANs on separate subnets ... which doesn't make sense to me. And eventually they said they would have to go research it further.

Any help greatly appreciated.
 

Attachments

  • NVLAN.JPG
    NVLAN.JPG
    55.4 KB · Views: 719
1U,5U doesn't make sense. When frames enter the switch untagged, how does the switch know what VLAN to assign to the frame?

Switch 1 (172.16.0.57):
Port 1: Access port, VLAN 5
Port 24: Trunk port, PVID 1, VLAN 5 tagged

Switch 2 (172.16.0.61):
Port 13: Access port, VLAN 5
Port 24: Trunk port, PVID 1, VLAN 5 tagged

Switch 3 (172.16.0.60):
Port 1: Trunk port, PVID 1, VLAN 5 tagged
Port 13: Trunk port, PVID 1, VLAN 5 tagged

That will span the VLAN 5 broadcast domain across all switches. Assuming you want Internet access for VLAN 5 and the router only accepts untagged frames, you will need to set Switch 3>port 24 to either an access port on VLAN 5 or a trunk w/ PVID 5.

If you are able to hit the Internet on VLAN 5 using the router, it sounds like 1 and 5 are co-mingled, which should be corrected.
 
Yes I understand what you are saying but when I tried making the VLAN 5 ports TAGGED members of VLAN 5, then I lost all visibility from those ports to anywhere. I could not even see the router (172.16.0.1). The reason I had that basic configuration in the first place was because of the attached diagram. I have that at my smaller site (but it is only a single switch). But it works great.

So I was using that as the basic starting configuration for this larger site I'm working on now. It has more VLANS but I was trying to just work to get a single VLAN work properly across switches at the larger site and then I thought I could replicate the configuration for a 2nd and 3rd VLAN.

I am using VLAN 1 as the VLAN that can access the Internet (i pulled this configuration from another posting in the forum by dreid)

a. How do I make a port an 'access' port on a GS724T?
b. If I have multiple VLANs do I have to make the port on SW3 (0.60) that connects to the router an access port for all VLANs (I mean for all VLANs that I want to be able to access the Internet)?
 

Attachments

  • WorkingSIteVLANS.jpg
    WorkingSIteVLANS.jpg
    64 KB · Views: 695
Yes actually - this was exactly the article I used in order to do the configuration for the small site where I used just the one switch. And it worked great! :)

I'll read it again to see if I missed anything. I've looked at both this article and the part 2 that you wrote but I can't see where I'm going wrong.
 
If you want to connect Vlan5 on one switch to Vlan5 on another switch without routing or using a trunk connection you need to physically connect the VLans with a CAT5E cable. Just plug in a CAT cable into a Vlan5 port on one switch and plug the other end into a Vlan5 port on the other switch. It should work fine.
I assume the IP addressing is compatiable between both Vlan5s on both switches.
 
Last edited:
To coxhaus: I have a backbone switch that I use to connect all the switches in the IDFs (although the diagrams I have posted above only show 3 switches, I in fact have 12 switches all connected to a single back bone switch). They are all GS724 T. Yes my IP address range is common across all VLANs and switches.

This being said, I implemented VLANs on the critical portion of my (live) network this morning and it went well. The key seems to be that the for a given VLAN x, the configuration that worked for me was as written by dreid in his articles.

VLAN port membership (1=default VLAN), 1U, xU, PVID=x
Trunk port from IDF switch to Backbone - both ports need to match [1U, xT], PVID=1
and (since I am not yet doing inter VLAN routing) - The trunk port from the Back bone switch to the router is set to:
1U,xU, PVID=1

I still in the beginning Test phases saw some anomalous behavior but on implementation day all seemed fine. The only problem I still have is a management VLAN access issue but I will make that a separate post.

Thanks to all for your helpful comments.
 
Similar threads
Thread starter Title Forum Replies Date
D VLAN Config Query using pfSense and Unifi Switches, NICs and cabling 18

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top