Intra-switch VLANs Netgear
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
Posted by amattina@layer8group.com on September 8, 2006, 3:53 pm
Please log in for more thread options So if I have one port linnking the two switches together, this port has to be a member of all vlans that I want sent accross the link, correct? This port needs to be a tagged member of all those vlans correct? Thanks for the help, I think we can figure this out. Walter Roberson wrote: >
> [netgear GSM7324] > > >That document is endlessly confusing...
>
> >Isn't the point of having a layer 3 switch and vlans to be able to
> >route between the vlans? That is what I'm trying to do here, not have > >certain ports accessable by multiple vlans. >
> You were using multiple ports to communicate between the devices > because Netgear told you there was no trunking facility... but there > is. So you only need one cable between the two devices, and you want > the ports set up to carry all the VLANs needed to trunk between the two. > > > >I should be able to do that
> >at layer 3, not 2. Each vlan should contain the broadcast domain at > >layer 2, all requests to outside subnets should go to the virutal > >router interface and then routed to another vlan on the switch after > >passing the ACLs into that other subnet. Is my thinking totally out of > >whack or does this product not seem to do that? >
> Look in Chapter 5 "IP Routing Services" of the manual, and in > particular at the section "VLAN Routing". > > I draw particular attention to the command section of Example 2, > which enables routing on the vlans, ending in "show ip vlan". The > explanatory main text after that says, > > This returns the logical interface IDs that will be used instead of > slot/port in subsequent routing commands. Assume that VLAN 10 is > assigned ID 3/1 and VLAN 20 is assigned ID 3/2. > > What this is hiding is the fact that when you configure routing on > a VLAN interface, there is no predetermined interface name that will > be used to refer to the VLAN. For example, if you enable routing on > VLAN 179, then there is NO interface created named anything like > "vlan179" or "3/179", or any other fixed predictable interface name. > Instead, what you get is the next available interface number in the > 3 series on card 1, which is to say the next available number > in the series starting 1/3/ . So the first VLAN created is > 1/3/1, the second is 1/3/2, and so on, no matter what the VLAN tag > numbers are. And those are the names you have to use to configure IP > addresses and so on against. > > Yes, this -does- mean that you cannot automate VLAN additions without > using an "expect" script [or equivilent] smart enough to > "show ip vlan" and pick out the interface numbers already in use and > carefully fill in the holes. You have to pay close attention to > "show ip vlan" because that's the only way to determine the interface > number you have to configure the layer 3 information against. > > > If you want some real fun, try measuring the performance of vlan routing. > Or better yet, run some multicasting... | |||||||||||||||||||||||||||||||||||||||||||||||||
|
Posted by Walter Roberson on September 8, 2006, 4:41 pm
Please log in for more thread options >> You were using multiple ports to communicate between the devices
>> because Netgear told you there was no trunking facility... but there >> is. So you only need one cable between the two devices, and you want >> the ports set up to carry all the VLANs needed to trunk between the two. >So if I have one port linnking the two switches together, this port has
>to be a member of all vlans that I want sent accross the link, correct? Right. > This port needs to be a tagged member of all those vlans correct?
Not necessarily: one of them could be the 'native' VLAN for the port, which would be sent across untagged. It isn't uncommon to run into problems if the native vlan is left at 1 (the usual default) -- vlan 1 tends to be the one used for management traffic (some of which should not be leaking all over the LAN), and vlan 1 tends to be the one used when lower quality switches get confused about which vlan something should be put in (and if your switches are confused, you probably don't want the data getting very far.) Some people want to be sure that everything that goes across the link is tagged. The proper way to do this is not Linksys's control statements that force everything to be tagged: the proper way is to use a native VLAN that is otherwise unused (so no traffic can be sourced into it, and no traffic will flow out of it on the other side if somehow traffic does get sourced into it.) | |||||||||||||||||||||||||||||||||||||||||||||||||
|
Posted by amattina@layer8group.com on September 8, 2006, 9:20 pm
Please log in for more thread options
> Not necessarily: one of them could be the 'native' VLAN for the port,
Okay. I think I'm understanding this. Right now we're worrying about
> which would be sent across untagged. getting functionality out of this damn thing. Again, two ports on the 7324 in different VLANs, and four ports on the 726 with two in different vlans. IE. ############# # 7324 # ############# | | -----------------Port3, PVID3, VLAN3, Server Machine II Port 3 ------ Port17, PVID17, VLAN17, Server Machine PVID 3 VLAN 3 | | ########### # 726 # ########### | | | | PVID3 PVID17 Need to have PVID 3 needs to talk to PVID3 on both switches. So what I THINKI need to do is the following: Include Port 3 on both VLANS on both switches. Make this port tagged on both switches in both VLANS. Will that get the two VLANS talking to each other accross the switches? Once I can do this to just the two vlans I have about 8 other vlans to 'transport' aaccross this 'trunk' link. Let me know what you think. Thanks for your help Walter. - Adama Walter Roberson wrote: >
> >> You were using multiple ports to communicate between the devices
> >> because Netgear told you there was no trunking facility... but there > >> is. So you only need one cable between the two devices, and you want > >> the ports set up to carry all the VLANs needed to trunk between the two. >
> >So if I have one port linnking the two switches together, this port has
> >to be a member of all vlans that I want sent accross the link, correct? >
> Right. > > > This port needs to be a tagged member of all those vlans correct?
>
> Not necessarily: one of them could be the 'native' VLAN for the port, > which would be sent across untagged. > > It isn't uncommon to run into problems if the native vlan is left at 1 > (the usual default) -- vlan 1 tends to be the one used for management > traffic (some of which should not be leaking all over the LAN), and > vlan 1 tends to be the one used when lower quality switches get > confused about which vlan something should be put in (and if your > switches are confused, you probably don't want the data getting very far.) > > Some people want to be sure that everything that goes across the link > is tagged. The proper way to do this is not Linksys's control statements > that force everything to be tagged: the proper way is to use a native VLAN > that is otherwise unused (so no traffic can be sourced into it, and no > traffic will flow out of it on the other side if somehow traffic does > get sourced into it.) | |||||||||||||||||||||||||||||||||||||||||||||||||
|
Posted by anoop on September 8, 2006, 11:23 pm
Please log in for more thread options
amattina@layer8group.com wrote: > Need to have PVID 3 needs to talk to PVID3 on both switches. So what
> I THINKI need to do is the following: > > Include Port 3 on both VLANS on both switches. Make this port tagged on > both switches in both VLANS. Will that get the two VLANS talking to > each other accross the switches? Once I can do this to just the two > vlans I have about 8 other vlans to 'transport' aaccross this 'trunk' > link. I think you would do fine if you configured port 3 as follows: - PVID 3 on both ends of the link - Untagged for VLAN 3 - Member of VLAN 17 and tagged for that VLAN In this way, VLAN 3's traffic gets around all over untagged while VLAN 17 is untagged on the access ports (at the bottom switch) and goes across the trunk link tagged. Any other VLANs that you want to add to the inter-switch link must also be tagged. Anoop | |||||||||||||||||||||||||||||||||||||||||||||||||
|
Posted by Walter Roberson on September 8, 2006, 11:31 pm
Please log in for more thread options
>Again, two ports on the
>7324 in different VLANs, and four ports on the 726 with two in >different vlans. >-----------------Port3, PVID3, VLAN3, Server Machine II
> Port 3 ------ Port17, PVID17, >VLAN17, Server Machine >
>Need to have PVID 3 needs to talk to PVID3 on both switches. And PVID 17 as well. >So what
>I THINKI need to do is the following: >Include Port 3 on both VLANS on both switches. Make this port tagged on
>both switches in both VLANS. Will that get the two VLANS talking to >each other accross the switches? That's not right: port 3 on the 7324 should be an untagged port that is only in PVID3. The port that needs to be a member of both PVID 3 and PVID 17 is the port which is the link from the 7324 to the 724, and on the 724 the port that would need to be in both would be the one that links to the 7324. [I can't tell from your earlier diagram or this one which ports are being used for the links, so I can't give exact port numbers.] >Once I can do this to just the two
>vlans I have about 8 other vlans to 'transport' aaccross this 'trunk' >link. >Let me know what you think.
On each switch, the port the links across to the other switch should be a trunk which is a member of all the PVIDs that are to be carried across the link. Usually only the trunk ports are tagged ports; the other ports are access ports that are members only of the PVID appropriate for the device connected to them. | |||||||||||||||||||||||||||||||||||||||||||||||||
| Similar Threads | Posted |
| Intra-switch VLANs Netgear | September 6, 2006, 1:46 pm |
| Netgear FS526T | January 25, 2005, 8:48 pm |
| NetGear WGU624 | March 16, 2006, 6:37 pm |
| Netgear WGT624 V2 Router | July 7, 2004, 2:28 pm |
| Voyager 205 and Netgear FS605 | May 6, 2005, 6:00 pm |
| Dead Netgear PE-102s | March 29, 2006, 6:09 pm |
| Netgear and Cisco Trunk | May 3, 2007, 4:04 am |
| Re: Netgear powerline extenders | May 12, 2008, 4:25 pm |
| Netgear GSM72224 VLAN config | November 8, 2004, 12:49 pm |
| Netgear router setup problem | January 7, 2006, 6:56 pm |
| Netgear router setup problem | January 7, 2006, 6:56 pm |
| Allied Telesyn vs Cisco vs netgear | March 24, 2006, 4:02 pm |
| Third Party SFPs in Netgear Switches | September 24, 2006, 2:27 pm |
| Bizarre interaction between macbook pro and Netgear WGT624v2 | January 10, 2007, 5:52 pm |
| wireless connection only stay up for 2 min./NetGEAR WGT624 | February 21, 2005, 8:04 pm |
> because Netgear told you there was no trunking facility... but there
> is. So you only need one cable between the two devices, and you want
> the ports set up to carry all the VLANs needed to trunk between the two.