dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
15
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to zacron

MVM

to zacron

Re: Help with VLANs

"Set up port 26 as a trunk" would be the answer. Exactly HOW is the million dollar question.
Does the device's manual happen to specify anything zacron See Profile.

As a dumb thought, what's clicking on "IEEE 802.1Q VLAN" bring up?

Regards

zacron
Premium Member
join:2008-11-26
Frozen Hoth

zacron

Premium Member

Click for full size
Click for full size
Here they are lol.

I still can't get my head around it. lol.

shdesigns
Powered By Infinite Improbabilty Drive
Premium Member
join:2000-12-01
Stone Mountain, GA
(Software) pfSense
ARRIS SB6121

1 edit

shdesigns

Premium Member

Port 26 would be set to tagged, all others untagged.

Ports 1- 4 would have PVID set to 1
Port 24 would have PVID set to 2.

Port 26 is set to "tagged". That passes the VLAN info to the pfsense box.

The PVID adds a tag to the incoming ports so it gets put in the proper VLAN.

Data coming in ports 1-4 have PVID of 1 added to the packet. If they go out again though 1-4, the tag is removed (ports are set as untagged.) If they go out port 26, this tag is left on so the pfsense box can decode it.

Similar for port 24.

The pfsense box would be sending tagged packets. Port 26 would see that and put the packets in the appropriate VLAN.

What is not clear is incoming packets. Your switch seems to have just "tagged" or "untagged" for each ports. Other switches have this separate as options in a list:

Rx:
1. accept tagged packets only
2. accept untagged packets only
3. accept both

Tx:
1 send tagged
2. send untagged

I have a pfsense box using an Alix board. It only has 1 ethernet port so I use VLANs the same as you are (except I have about a dozen ports in each VLAN.)

Jahntassa
What, I can have feathers
Premium Member
join:2006-04-14
Conway, SC

Jahntassa to zacron

Premium Member

to zacron
You need to create VLAN IDs via that screen that match the VLAN IDs you're creating in pfSense. Then on Port 26, make sure each one of those VLANs is set to tagged. Voila, trunked port.

Then on your switch, if you aren't using VLAN sensitive gear, you need to go to each VLAN ID via the drop-down, set the ports you want on that network to Untagged. Then, go to the PVID list, and set the PVID for those ports to that same VLAN ID.

The Netgear does sort of have the options that shdesigns See Profile is referring to, but it does it on a VLAN by VLAN basis. If you have a port set as Untagged for one VLAN, and 'Not Member' for every other VLAN, it will only pay attention to untagged traffic, and ignore any VLAN tags coming into it. Similarly, it will not send any VLAN tags.

If you have a port that is Untagged for one network (with matching PVID), and set another VLAN to be tagged, it will send both the tagged and untagged packets, as well as accept both. This would be useful if you have a VOIP phone with a computer on the passthrough port. The VOIP could be on its separate VLAN, while the computer is on its own network.