Port-based VLANs

User avatar
sporkman
Member
 
Posts: 86
Joined: Mon Jul 27, 2015 7:03 pm
Location: New York, NY
Has thanked: 8 times
Been thanked: 11 times

Port-based VLANs

Wed Mar 07, 2018 3:47 pm

Possible?

I just want to use a wisp switch for power and not have it touch anything.

For example: port 1 has AP1, port 5 goes to another switch, port 2 has AP2, port 6 goes to another switch. Port 1 and 5 are just a transparent bridge, port 2 and 6 are a separate transparent bridge, etc.

I suspect it's possible, but I'm just not seeing it.

I'll also add, I've seen this, and this is not port-based VLANs:

viewtopic.php?f=6&t=2589&p=18218&hilit=port+based+vlan#p18218

Maybe it's not possible, it looks like all the VLAN-related stuff deals with permitting/denying tagged/untagged and there's not really a "dumb pipe between two ports" options that would pass anything, tagged or not.

Also, totally random, but I'm really on the fence with continuing to buy used cisco switches for routing at PoPs. They handle traffic well, but they are not very fun to work with when you try to go all standards-based and not automagic vlans and the like. Offhand, I can't think of anything other than Miktrotik that can do basic OSPF and stuff, and I'm not a giant fan of their stuff either...

Julian
 

Re: Port-based VLANs

Wed Mar 07, 2018 4:15 pm

Do you need to preserve existing VLAN tags between AP and other switch? if so, just add both ports to an exclusive 'q' VLAN, you should be fine.. so ports 1 and 6 would be 'q' on VLAN 121, 2 and 7 would be 'q' on VLAN 122, etc..

User avatar
sporkman
Member
 
Posts: 86
Joined: Mon Jul 27, 2015 7:03 pm
Location: New York, NY
Has thanked: 8 times
Been thanked: 11 times

Re: Port-based VLANs

Wed Mar 07, 2018 8:06 pm

Thanks! "Q" is normally used for QinQ setups? What does it do with untagged frames?

User avatar
mike99
Associate
Associate
 
Posts: 837
Joined: Tue Nov 25, 2014 10:53 am
Location: Quebec, Canada
Has thanked: 95 times
Been thanked: 245 times

Re: Port-based VLANs

Wed Mar 07, 2018 9:37 pm

Pass through the Q-in-Q just like vlan. If you don't need vlan, you can use U instead of Q but Q leave you the option to pass vlan throuth AP and uplink port.

User avatar
sporkman
Member
 
Posts: 86
Joined: Mon Jul 27, 2015 7:03 pm
Location: New York, NY
Has thanked: 8 times
Been thanked: 11 times

Re: Port-based VLANs

Fri Jun 08, 2018 5:02 am

Not really having any luck with this. I'm basically kind of trying to turn the Netonix into not much more than a managed mid-span POE injector.

I tried the "pick a VLAN ID, and then put the ports i want to tie together into that VLAN" method, both with "U" and "Q" and no matter what I did, traffic was not making it through the Netonix. One one side, a UBNT AP at 192.168.4.178, port 4 of Netonix (and a CPE bridged beyond that as well @ 192.168.4.179). On the other side a port on a Cisco 3750 configured first as a switchport in a VLAN with the IP 192.168.4.177 (mode switchport, switchport access vlan xxx) and then as a routed interface, also with that IP, just to make the config as simple as possible.

To be clear, neither device, the cisco nor the ubiquiti were configured with any trunking. Just a device with an IP and no tags.

Some pics below, perhaps that will explain this better:

Screen Shot 2018-06-08 at 4.36.39 AM.png
UBNT config - no VLANs setup


Screen Shot 2018-06-08 at 4.24.43 AM.png
Cisco config - as basic as possible, and no VLANs - not a trunk port


Screen Shot 2018-06-08 at 4.24.59 AM.png
Netonix VLAN config - just trying to put ports 4 and 12 in the same VLAN, don't want any tags, just a dumb pipe between those ports


Screen Shot 2018-06-08 at 4.26.18 AM.png
Cisco sees its own MAC, but no others


Screen Shot 2018-06-08 at 4.22.43 AM.png
Netonix sees UBNT MACs on port 4, Cisco MAC on port 12, even sees the IPs. But devices on either side of Netonix don't see each other


This should be easy, but I'm at a loss here. Am I totally not getting how port-based vlans work on these units?

User avatar
sirhc
Employee
Employee
 
Posts: 7347
Joined: Tue Apr 08, 2014 3:48 pm
Location: Lancaster, PA
Has thanked: 1597 times
Been thanked: 1317 times

Re: Port-based VLANs

Fri Jun 08, 2018 8:53 am

I use midspan just like your going here and it works great for me. In fact EVERY switch/tower I have relies on midspans for every backhaul.

You can see my config here: viewtopic.php?f=30&t=452#p2961
And you can see it live in the video I posted: https://www.youtube.com/watch?v=8JvBEAD4MFM

If your using U and U then you can only pass Untagged packets.
If you use Q and Q you can pass both Untagged and Tagged but never tried it as I do not run VLANs between towers.
Support is handled on the Forums not in Emails and PMs.
Before you ask a question use the Search function to see it has been answered before.
To do an Advanced Search click the magnifying glass in the Search Box.
To upload pictures click the Upload attachment link below the BLUE SUBMIT BUTTON.

User avatar
mike99
Associate
Associate
 
Posts: 837
Joined: Tue Nov 25, 2014 10:53 am
Location: Quebec, Canada
Has thanked: 95 times
Been thanked: 245 times

Re: Port-based VLANs

Fri Jun 08, 2018 4:33 pm

The config seem fine. If you plug the ubnt AP, via PoE brick, directly to the Cisco, can those communicate togheter ? Have you try to set an IP address on the netonix VLAN to check if the Netonix can ping any of the devices ? To add an IP address, click on the gear between the vlan description and VLAN config by port.

User avatar
sporkman
Member
 
Posts: 86
Joined: Mon Jul 27, 2015 7:03 pm
Location: New York, NY
Has thanked: 8 times
Been thanked: 11 times

Re: Port-based VLANs

Fri Jun 08, 2018 5:26 pm

Hmmm. So I am doing it right then - and in this case (not using any trunks) it should work with either "Q" or "U". And the VLAN ID in this use case is really just anything I want, right, it just has to be something that's unique.

In the "working" case, I can tell you that putting setting this so that the UBNT AP remains "U", AND a trunk port back to the cisco is set to "T", AND the VLAN on the cisco is moved from the access port and to an "allowed vlan" on the trunk port, communications is A-OK. That is the current, working setup. Not sure what that tells you other than to confirm that the UBNT is untagged.

Are there any other settings that I might be missing here? Should I need to fiddle with disabling RSTP on these ports? Anything else? I'm on 1.4.9.

I'll try this after business hours tonight again and try the ping shenanigans.

User avatar
sirhc
Employee
Employee
 
Posts: 7347
Joined: Tue Apr 08, 2014 3:48 pm
Location: Lancaster, PA
Has thanked: 1597 times
Been thanked: 1317 times

Re: Port-based VLANs

Fri Jun 08, 2018 5:56 pm

sporkman wrote:Hmmm. So I am doing it right then - and in this case (not using any trunks) it should work with either "Q" or "U". And the VLAN ID in this use case is really just anything I want, right, it just has to be something that's unique.

In the "working" case, I can tell you that putting setting this so that the UBNT AP remains "U", AND a trunk port back to the cisco is set to "T", AND the VLAN on the cisco is moved from the access port and to an "allowed vlan" on the trunk port, communications is A-OK. That is the current, working setup. Not sure what that tells you other than to confirm that the UBNT is untagged.

Are there any other settings that I might be missing here? Should I need to fiddle with disabling RSTP on these ports? Anything else? I'm on 1.4.9.

I'll try this after business hours tonight again and try the ping shenanigans.


PLEASE UPGRADE TO v1.5.0 FINAL
Support is handled on the Forums not in Emails and PMs.
Before you ask a question use the Search function to see it has been answered before.
To do an Advanced Search click the magnifying glass in the Search Box.
To upload pictures click the Upload attachment link below the BLUE SUBMIT BUTTON.

Return to General Discussion

Who is online

Users browsing this forum: No registered users and 28 guests