Menu
What's new
By:
Filters Better Search

LGS552P Port Base VLAN Support

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

chadster766

chadster766

Very Senior Member
I had a forum user ask me about this SNB review of the LGS552P.
The LGS552P data sheet lists support for port-based VLANs, yet port-based VLANs aren't mentioned anywhere in the manual. Further, there isn't a configuration option for enabling port-based VLANs. Moreover, port-based VLANs on an 802.1Q switch (see my how to here) require ports that can be untagged members of multiple VLANs, which doesn't appear to be supported by the LGS552P.
Click to expand...
Below is the user's question:
Documentation indicating the LGS528P switch supports both port based and 802.Q VLAN tagging, however according to this review (http://www.smallnetbuilder.com/lanwan/lanwan-reviews/32496-linksys-lgs552p-52-port-managed-poe-gigab... it is an error and there is no port based VLAN support. Can someone clarify?
Click to expand...
AFAIK in 802.1Q a port can only be untagged for one VLAN. Maybe those other routers\switch aren't following the 802.1Q standard?
 
I tested trying to add a second untagged VLAN to a Cisco SG500 switch's trunk port but it isn't allowed.
 
I dont think the 802.1Q specifies that one part can only be a member of 1 untagged vlan, i believe its each port must at least be a member of an untagged vlan. Some switches have their limitations because vlans adds another layer of computation.
 
If a switch Port is untagged for two VLAN ID's than how would the next switch\router know which VLAN the packets are intended for?
 
It appears that Linksys is being somewhat liberal with their use of the term Port Based Vlans when talking about their LGS552P. On the LGS552P in order to set up a port for port based VLAN you only have one choice, that is to set the port as a "Protected Port". This will put the port in its own private VLAN. Why I say it is kind of liberal is that you cannot add any more ports to that private vlan. On my switch it is called "Port Isolation" and you can add as many ports to the isolation group as you want and they can all talk to each other.
 
abailey said:
It appears that Linksys is being somewhat liberal with their use of the term Port Based Vlans when talking about their LGS552P. On the LGS552P in order to set up a port for port based VLAN you only have one choice, that is to set the port as a "Protected Port". This will put the port in its own private VLAN. Why I say it is kind of liberal is that you cannot add any more ports to that private vlan. On my switch it is called "Port Isolation" and you can add as many ports to the isolation group as you want and they can all talk to each other.
Click to expand...
Some of this is right but not all.

Don't forget the Cisco and Linksys were once one and shared firmwares.

The LGS552 Protected Port otherwise known as PVE is the same as the Cisco switch implementation of PVE. Protected Ports are completely isolated from each other, can be members of one or more VLAN IDs and the isolation is not subject to VLAN membership.

The LGS552 has an undocumented port type of "Customer" which can't be a member of any VLAN so it's VLAN 4095. I use this port type for mirror\tapping for WireSharp packet analysis.

There is one other undocumented port type of "General" I'm not sure what the use of this port type are but it behaves like a trunk port except it can be untagged for multiple VLAN IDs and has the below options:
  1. Acceptable Frame Type: Admit All, Admit Tagged Only, Admit Untagged Only
  2. Ingress Filtering
 
Last edited:
Great discussion!

  1. The LGS552P does not have a menu option for port based VLANs. Each port can be an Access port limited to being an untagged member of a single VLAN, or a Trunk port where it can be an untagged member of a single VLAN and a tagged member of multiple VLANs. My conclusion is the LGS552P will not support port based VLANs.

  2. Does 802.1Q specify an access port can be an untagged member of only 1 VLAN? I haven’t read the complete standard. However, as I showed in my article, some 802.1Q switches permit a port to be an untagged member of multiple VLANs.

  3. How does a switch know which VLAN the packets are intended for? Answer = the PVID. In my example with the Netgear GS108T:
    1. I put the router on port 1 and made port 1 an untagged member of VLANs 1, 2, and 3, with a PVID of 1.

    2. I put PC1 on port 2 and made port 2 an untagged member of VLANs 1 and 2, with a PVID of 2.

    3. I put PC2 on port 3 and made port 3 an untagged member of VLANs 1 and 3, with a PVID of 3.

    4. When PC1 sends a packet, the switch will see it come in a port with a PVID of 2, and send it out ports that are members of VLAN2. The router is connected to port 1, which is a member of VLAN2, so the router can receive the packet. PC2 is on port 3, which is not a member of VLAN2, so PC2 cannot see traffic from PC1.

    5. When the traffic returns from the router, the switch will see it come in a port with a PVID of 1, and send it out ports that are members of VLAN1. PC1 is on port 2, which is a member of VLAN1, so PC1 can see the return traffic from the router.
I hope this helps!

Doug Reid
 
dreid said:
Great discussion!

  1. The LGS552P does not have a menu option for port based VLANs. Each port can be an Access port limited to being an untagged member of a single VLAN, or a Trunk port where it can be an untagged member of a single VLAN and a tagged member of multiple VLANs. My conclusion is the LGS552P will not support port based VLANs.

  2. Does 802.1Q specify an access port can be an untagged member of only 1 VLAN? I haven’t read the complete standard. However, as I showed in my article, some 802.1Q switches permit a port to be an untagged member of multiple VLANs.

  3. How does a switch know which VLAN the packets are intended for? Answer = the PVID. In my example with the Netgear GS108T:
    1. I put the router on port 1 and made port 1 an untagged member of VLANs 1, 2, and 3, with a PVID of 1.

    2. I put PC1 on port 2 and made port 2 an untagged member of VLANs 1 and 2, with a PVID of 2.

    3. I put PC2 on port 3 and made port 3 an untagged member of VLANs 1 and 3, with a PVID of 3.

    4. When PC1 sends a packet, the switch will see it come in a port with a PVID of 2, and send it out ports that are members of VLAN2. The router is connected to port 1, which is a member of VLAN2, so the router can receive the packet. PC2 is on port 3, which is not a member of VLAN2, so PC2 cannot see traffic from PC1.

    5. When the traffic returns from the router, the switch will see it come in a port with a PVID of 1, and send it out ports that are members of VLAN1. PC1 is on port 2, which is a member of VLAN1, so PC1 can see the return traffic from the router.
I hope this helps!

Doug Reid
Click to expand...
There is one other port type of "General" that can be untagged for multiple VLAN IDs and has the below options:
  1. Acceptable Frame Type: Admit All, Admit Tagged Only, Admit Untagged Only
  2. Ingress Filtering
 
chadster766 said:
There is one other port type of "General" that can be untagged for multiple VLAN IDs and has the below options:
  1. Acceptable Frame Type: Admit All, Admit Tagged Only, Admit Untagged Only
  2. Ingress Filtering
Click to expand...
The LGS552P has all the below ports:
Interface VLAN Mode—Select the interface mode for the VLAN. The options are:
  • General—The interface can support all functions as defined in the IEEE 802.1q specification. The interface can be a tagged or untagged member of one or more VLANs.
  • Access—The interface is an untagged member of a single VLAN. A port configured in this mode is known as an access port.
  • Trunk—The interface is an untagged member of one VLAN at most, and is a tagged member of zero or more VLANs. A port configured in this mode is known as a trunk port.
  • Customer—Selecting this option places the interface in QinQ mode. This enables the user to use their own VLAN arrangements (PVID) across the provider network. The switch is in Q-in-Q mode when it has one or more customer ports. See QinQ.
 
chadster766 said:
The LGS552P has all the below ports:
Interface VLAN Mode—Select the interface mode for the VLAN. The options are:
  • General—The interface can support all functions as defined in the IEEE 802.1q specification. The interface can be a tagged or untagged member of one or more VLANs.
  • Access—The interface is an untagged member of a single VLAN. A port configured in this mode is known as an access port.
  • Trunk—The interface is an untagged member of one VLAN at most, and is a tagged member of zero or more VLANs. A port configured in this mode is known as a trunk port.
  • Customer—Selecting this option places the interface in QinQ mode. This enables the user to use their own VLAN arrangements (PVID) across the provider network. The switch is in Q-in-Q mode when it has one or more customer ports. See QinQ.
Click to expand...
FYI this is the same as the Cisco higher end managed switches.
 
Last edited:
Any additional comments on whether or not the LGS552P has Port Base VLAN Support?

Will the review be updated with the current information?
 
Tim can you change the review in this regard? No need to not have an accurate review of a good product.

lgs553pvlan.PNG
 
Isn't an access untagged port about the same as a port base VLAN?

PS
I don't think you will have interface flipping because an Access port can only be a member of one VLAN just like a port based VLAN.
 
Last edited:
You must log in or register to reply here.

Similar threads

D
VLAN Config Query using pfSense and Unifi
Replies
18
Views
1K
awediohead
A
drinkingbird
Tutorial How to use VLANs on your non-pro Asus router with 386 or 388 code (no scripting required)
2
Replies
31
Views
8K
Tech9
Tech9
HELLO_wORLD
Tutorial Adding custom SSID and specific VLAN (for IOT for example)
Replies
14
Views
800
alexnev
A
SeeJayEmm
AC68 intermittently VLAN tagging
Replies
8
Views
988
drinkingbird
drinkingbird
T
AXE-160000, 9.0.0.6.102_4856, and VLAN Questions
Replies
3
Views
728
Tyrtyr
T
Similar threads
Thread starter Title Forum Replies Date
D Netgear GS305EPP Port 4 Untrusted? Switches, NICs and cabling 5
C So I'm looking at one of these - Intel X550-AT2 Based Ethernet Network Interface Card, 10GBase-T Dual-Port, PCIe 3.0 x 4, Compare to Intel X550-T2 Switches, NICs and cabling 2
J News TEG-S750 (Version v2.0R) 5-Port 10G Switch Switches, NICs and cabling 3
Background Recommendations for a 2.5G 8 port switch? Switches, NICs and cabling 15
J PLC: I need a RELIABLE 3-ethernet port unit with the British plug configuration. Switches, NICs and cabling 4
TheLostSwede News First picture of MaxLlinear's 8-port single-chip 2.5 Gbps switch Switches, NICs and cabling 5

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 780 (members: 27, guests: 753)
Top