1. Home
  2. Ethernet LAN
  3. VLAN with intel adapter on XP

VLAN with intel adapter on XP

I have setup two VLANs on a laptop with an PRO/100VE compatible onboard adapter (latest proset/driver): 99 tagged and one untagged. It connects to a switch port which is setup for VLAN 99 tagged and VLAN

10 untagged, default VLAN 10. The untagged VLAN connection works fine: it gets an IP address via DHCP and can send and receive. The 99 tagged connection however does not work. The packet counts on the connection status shows that the connection does not receive any packets.

I have looked into what is happening with ethereal. The laptop successfully sends the DHCP request through the 99 VLAN but the DHCP offer comes in on the untagged connection only although it went through the 99 VLAN and came from the 99 VLAN DHCP server. I turned on monitormode on the adapter to capture the VLAN tags in ethereal: ethereal shows that the DHCP offer received on the physical interface does have the 99 VLAN tag. However, still the packet ends up on the untagged virtual interface and not on the 99 VLAN connection.

I have a Linux box with the same VLAN setup, same port configuration and it connects fine on both VLANs.

What else can cause this? Has anyone setup two or more VLANs with one untagged and does it work properly? I get it to work only if I configured both VLANs tagged on the laptop and the switch but then I cannot plug in the laptop into a unmanaged switch without reconfiguring it...

Thanks a lot,

Gerald

Reply to
Gerald Vogt
Loading thread data ...

You have the correct idea of how 802.1q VLANs work, and how tagged and untagged can be in principle mixed on the same port.

Unfortunately, the real world does not comply. E.g. Cisco configurations use VLAN 1 to mean untagged - they cannot really handle tagged VLAN 1. Etc. and so on. Lots of weirdness in different implementations.

Punch line: for port based VLANs, set ports up for untagged (in a given VLAN), or tagged.

And make sure that your switches have the same idea about spanning tree being one tree per VLAN, or one for all. And be extremely careful if trying to prune VLANs (having some VLANs only be on a subset of your switches).

Wrolf

Reply to
Wrolf

I have never run into a Cisco IOS device or software version that could not tag vlan 1, provided that the "native" VLAN was set to something other than 1. (IEEE mandates that the native vlan for a port be sent untagged.) There is a possibility that a PIX running an early 6.3 software release might not have been able to create a tagged vlan 1; if so then that's probably been fixed since.

Do you have specific examples of Cisco devices that could not tag vlan 1? I've been following comp.dcom.sys.cisco for years and do not recall anything like this mentioned.

Reply to
Walter Roberson

Wrolf, thanks for your answer.

Sure. But after a few more tests I am pretty sure that the packets arrive correctly on the laptop, i.e. all packets in VLAN 99 are correctly tagged while the packets on the other VLAN are untagged. Still the packets with the 99 tag won't make it to the VLAN 99 interface but end up on the untagged interface instead. This does not look like weirdness to me but rather a bug.

"weirdness" would be if the intel would except untagged packets to have some VLAN 0 or 1 tag instead of being untagged and thus would discard it. But instead all tagged incoming traffic ends up on the untagged interface while all outgoing traffic which goes through the tagged interface is correctly tagged.

Yes. Seems to be the only way to get this working at the moment. The switch handles the untagged/tagged mix correctly as it works with my Linux box...

Well, currently it is only a single switch... ;-)

Gerald

Reply to
Gerald Vogt

Yes. What I should have said is that by default Cisco IOS devices use VLAN 1 to refer to untagged packets (native VLAN), but can be configured to use another number to refer to it, and then VLAN 1 will refer to packets tagged as VLAN 1; and that this is confusing and leads to configuration errors. ;-P

Which is why I still tell people to avoid using VLAN 1.

Try

formatting link
for some hands on type info.

Reply to
Wrolf

I eventually found the problem: the physical interface was bound to the "Deterministic Network Enhancer" which comes with the Cisco VPN client. After I removed the binding from the physical interface (not from the virtual VLAN interfaces) all tagged packets arrive on the correct interface...

Gerald

Reply to
Gerald Vogt

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.