dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1220
share rss forum feed


Trel
Good Evening
Premium
join:2002-10-08
Hillsborough, NJ

Help with vlan setup on dell powerconnect (2724) switch.

Right now I have a network with no vlans, and I'm a unfamiliar with the terminology.

What I would like to do is the following

On my switch (24 ports):
-Port 1 (router/firewall): vlans 1, 6, 7
-Ports 2-21: vlan 1 only
-Port 22: vlan 1 and 6
-Port 23: vlan 6 only
-Port 24: vlan 7 only

I know my way around the switch's interface, but I do not know what I should be putting for tagging, untagging, and membership, etc as well as any filtering.
(Assuming I have the switch setup correctly, my firewall/router can handle what to do with each vlan)

--
/chown -R us:us /yourbase

LittleBill

join:2013-05-24
kudos:1
do you have a reason for vlans?


Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:5
reply to Trel
Another way of stating Lil BIls question is please provide your requirements.
Your asking how to implement a solution instead of stating what your trying to accomplish. State your needs as if their was no switch (ie don't talk hardware or solutions)

HELLFIRE
Premium
join:2009-11-25
kudos:18
reply to Trel
said by Trel:

I'm a unfamiliar with the terminology.

Anything useful / helpful in the manual or on Dell's site? Otherwise, may I suggest hitting the Wikipedia
page for VLANs for a general overview?

Otherwise I agree with the previous posters in helping us understand your motivations / requirements for
VLANs. They're not impossible to set up or understand, but I've found it's better to know this stuff
BEFORE going out and breaking something, even if it's your own home network.

...better on your sanity, not to mention family harmony (read:why the f**k did you break the internet, and
when are you going to fix it?!)

Regards


Trel
Good Evening
Premium
join:2002-10-08
Hillsborough, NJ

2 edits
reply to Anav
said by Anav:

Another way of stating Lil BIls question is please provide your requirements.
Your asking how to implement a solution instead of stating what your trying to accomplish. State your needs as if their was no switch (ie don't talk hardware or solutions)

My goal is to understand how to setup vlans on this particular type of switch. I'm not familiar with the phrases "not a member" "tag egress" and "untag egress" as well as if I should be turning "filtering ingress" on or off, or any of the other settings.

I've been googling and I've even been reading topics such as this: »VLAN question

As I don't understand the terminology, I'm not quite getting how I should be setting up my test scenario.

EDIT: I'm trying to replicate an environment, I'm not worried about messing anything up on an existing network.
EDIT2: It looks like my confusion is coming from the Dell switch and not what I assumed was a lack of understanding.

--
/chown -R us:us /yourbase

HELLFIRE
Premium
join:2009-11-25
kudos:18
reply to Trel
Does any of the DOCs here from DELL help at all? -- »www.dell.com/support/Manuals/us/···ect-2724

said by Trel:

My goal is to understand how to setup vlans on this particular type of switch.

Fair enough... tho my 00000010bits, make sure this is TRUELY a lab environment and doesn't have
anything hanging off of it that needs a stable internet access. As I've said, I've been there
when I want to learn something on my home gear that has other family members' stuff hanging off that leads to World War IV

Best of luck learning, OP!

Regards


Trel
Good Evening
Premium
join:2002-10-08
Hillsborough, NJ
Well it looks like I couldn't get the setup I was trying to do to work because of the switch model itself.

I'll try again on a different one.

If I did do it at home on my 'production' network, it wouldn't be the end of the world. I currently have the same switch in managed mode with no config, so I'd need only reset it with a paperclip to undo everything. (5 minutes downtime)
--
/chown -R us:us /yourbase


shdesigns
Powered By Infinite Improbabilty Drive
Premium
join:2000-12-01
Stone Mountain, GA
It would help if you said what you were trying to do.

I have a 3024 that the VLAN setup is similar. I have 3 VLANs here with no problems.


mackey
Premium
join:2007-08-20
kudos:12

1 edit
reply to Trel
said by Trel:

but I do not know what I should be putting for tagging, untagging, and membership, etc as well as any filtering.

A VLAN tag is a header inserted into packets between the MAC addresses and packet payload.

Basically if the device plugged into a port understands VLAN tags then the port should be egress tagged. Otherwise it should be untagged as devices which don't understand VLAN tags will ignore any packet with a tag. ("untagged" means the switch removes the VLAN tag before a packet leaves the port) Although some newer switches have tricks to get around this, a port should only have 0 or 1 untagged VLAN or confusing behavior may result. A port can have 0 or more tagged VLANs however as there is no limit to the number of tagged VLANs (except whatever your switch supports).

Membership is which VLANs are allowed to come in on that port; if a port is not a member of, say, VLAN 5, then any packet received which is tagged with VLAN 5 will be dropped. The PVID is the VLAN ID assigned to untagged packets which come in on that port (PVID = Port VLAN ID).

/M


mackey
Premium
join:2007-08-20
kudos:12

1 edit
reply to Trel
said by Trel:

I'm not familiar with the phrases "not a member" "tag egress" and "untag egress" as well as if I should be turning "filtering ingress" on or off, or any of the other settings.

Example time!

Say you're looking at switch port 6. If, say, a broadcast packet is being transmitted on VLAN 5, then:
If port 6 is "not a member" of VLAN 5 then the packet does NOT go out port 6.
If port 6 is "tag egress" on VLAN 5 then the packet goes out port 6 with the VLAN header still attached.
If port 6 is "untag egress" on VLAN 5 then the packet goes out port 6 after the switch strips off the VLAN header.

With "filtering ingress," if an already-tagged packet (say VLAN 5 again) is received on a port set to "not a member" for that VLAN then that packet is dropped.

/M


Trel
Good Evening
Premium
join:2002-10-08
Hillsborough, NJ
reply to shdesigns
The 30xx series allow for what I was trying to do.
My issue was an issue specific to the 20xx models that are web managed only.
All of my confusion with understanding those terms was due to the way the 20xx were operating.

(vlan1 can't be included in a trunk, and web management can only occur on vlan1)

I'll be attempting to set up a 3024 as soon as I have a free weekend.
--
/chown -R us:us /yourbase