1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Need help with 802.1Q tagging

Discussion in 'Tomato Firmware' started by kthaddock, Mar 7, 2012.

  1. kthaddock

    kthaddock Network Guru Member

    I’m setting up Vlan with 802.1Q and need som help

    - I have tagged port 3 in router to Vlan 1(br0), 2(wan) and 3(br1) and feed my Netgear GS-105E switch.
    - In switch I want: port 1 to br0, port 2and3 to br1, port 4 to wan, port 5 from router.
    - Now the tricky bit comes, I’m not sure I’m doing right.
    - GS-105E config is:

    Vlan ID ............Port member
    VLAN 1(br0) = 1U and 5T.
    VLAN 2(wan) = 4U and 5T.
    VLAN 3(br1) = 2U, 3U and 5T.
    U=untagged T=Tagged

    Port 1 = Pvid 1.
    Port 2 = Pvid 3.
    Port 3 = Pvid 3.
    Port 4 = Pvid 2.
    Port 5 = Pvid 2 and feeded from router. What Pvid shoul’d I use here ?

    - I can’t get br0 on port 1 and port 4 on wan to work.
    What should I expect coming out from port 4 wan?
    Any help with this would be appreciated.

    kthaddock
     
  2. teaman

    teaman LI Guru Member

    I don't have access to a GS-105E, but I did spend quite a while trying to figure out how to configure a 802.1q trunk between my WRT54GL and a Cisco/Linksys SLM2008... until I ran across this post:
    http://homecommunity.cisco.com/t5/Switches/HOW-TO-SLM2005-SLM2008-802-1q-Trunk-Port/m-p/153361

    Once I read that post, things started to make sense... but still not working :( - that is, until I eventually found this one :)
    https://www.jarmanator.net/KB/SLM2008VLAN.HTM

    NOTE1: I'd like to have posted these links before... if I had them (found them just a few moments ago, in an old backup from my bookmarks!)

    NOTE2: I'm aware the links/posts mentioned above are not exactly about your particular switch/model, but those might contain related/relevant information and/or might give some sort of hint/tip/idea/clue that could be... useful ;)

    NOTE3: There's also another possibility to be considered... what if the internal switch on your particular model... does not support 802.1q tagging, only port-based VLANs? There's a reason I'm mentioning this idea: I've struggled for quite a while to configure such thing on a WRT54G v2 and kept thinking I was doing something wrong and/or missing some step - afterall, it was working just fine on the WRT54GL, which is supposed to be pretty much the same HW - except that I eventually figured out what was actually 'wrong': the WRT54G v2 simply doesn't support 802.1q tagging, only port-based VLANS! ;) See this (incomplete) table:
    http://www.dd-wrt.com/wiki/index.php/VLAN_Support

    NOTE4: There are some router models out there (but I'm not sure exactly which models) that have two separate/distinct connections to internal switch (one for the WAN port, another for the LAN ports), which could mean... problems when/if we try to reassign/reconfigure VLANs and member ports :(
    http://www.dd-wrt.com/wiki/index.php/VLAN_Support#General_Information
    http://www.dd-wrt.com/phpBB2/viewtopic.php?t=62838

    Best of luck!
     
  3. kthaddock

    kthaddock Network Guru Member

    Thank you !
    Now I have some things to test :rolleyes: There is some config to test.
     
  4. kthaddock

    kthaddock Network Guru Member

    Okey It's working now, problem was:

    The first thing you must do is set the port on the switch you are linking to as a trunked port:

    Code:
    vlan0ports=
    vlan1ports=2t 3 4 8*
    vlan2ports=0 2t 8
    vlan3ports=1 2t 8 
    If I delete 192.168.2.113 from "dhcp-host" then I get IP from br0, br1 and wan.
    So GS-105E switch is fully working. with 802.1q with Asus RT-N16. You can't Bound IP-address to MAC-address

    Thank you Teaman :D :rolleyes:

    kthaddock
     
  5. kthaddock

    kthaddock Network Guru Member

    This set up working superb. What I have in mind now is: can this trunk/vlan tagging be set up over openvpn?
    I use TAP/TCP, level 2 network", and I think it gone work, haven't teseted yet. I plan to do that soon.

    Have you tested Teaman ?

    kthaddock
     
  6. teaman

    teaman LI Guru Member

    As far as I know, pretty much anything could be encapsulated into some other protocol - so that would be the good news :)

    In fact, this particular thing seems to be possible with OpenVPN. Did some googling and found this:
    https://community.openvpn.net/openvpn/ticket/6

    However, the not-so-good news is: I'm not sure those features are available in the OpenVPN code currently in Tomato :/
     

Share This Page