0

I'm trying to set up separate VLAN's on a new Netgear FS728FPv2 switch. I've never configured VLAN's before.

The switch works fine with the default config, with every port as UNTAGGED at VLAN 1 (default).

I have two fixed-IP devices on the same subnet (my PC and a router, DHCP turned off) for my tests, connected on ports 3 and 5. They communicate correctly.

Now I remove one of these ports from VLAN 1, and the devices stop talking, as expected. Then I also remove the other port from VLAN 1.

But then I add both ports as UNTAGGED to a new VLAN 3, and I expected the devices to start talking again (on their own "private" VLAN), but instead I can't seem to get any traffic through.

Do I need any other configuration in the switch? What could I be doing wrong?

In my intended configuration, every port will be part of a single VLAN. I just mean to use the 28-port switch as if it were 4 independent 8-port switches, no routing, no trunking. Do I need to go into configuring PVID's for this?

pgr
  • 459
  • 5
  • 16
  • Set the ports TAGGED into VLAN3, not UNTAGGED? – TessellatingHeckler Aug 28 '15 at 15:25
  • From my understanding of what TAGGED is, I don't think that is a solution... but anyway I tried what you said, made ports 3 and 5 TAGGED on VLAN 3, and still there is no communication... – pgr Aug 28 '15 at 17:08
  • From my understanding I don't think it's a solution either ... but from using stuff with not very clear and helpful interfaces, if something with two options doesn't work the way it looks like it should, trying it the other way, sometimes is a solution. You shouldn't need much configuration to do this, the first thing you tried sounds right - is there anywhere in the switch where you add a VLAN that it can be enabled/disabled? (Similar to Cisco vlan state active/suspended?) – TessellatingHeckler Aug 28 '15 at 18:01
  • @TessellatingHeckler: no, there is no enable/disable VLAN option. See below for the answer I found meanwhile... and thank you for your attempts to help! – pgr Aug 28 '15 at 19:14

1 Answers1

1

After many hours fighting this... I believe I have an answer to my own question:

In order to set up VLAN's on this switch, I had to set up two things:

  1. VLAN Membership (saying which ports belong on which VLAN, as tagged or untagged)

  2. PVID Configuration (saying which Port-VLAN-Id is assigned in each port)

So, I set both to mimic each other, and traffic is flowing as expected.

pgr
  • 459
  • 5
  • 16
  • This leaves two questions: 1. Why the confusing double-concept? 2. What is the use of ports being allowed to be on more than one VLAN (and they are), if you can only assign one PVID? – pgr Aug 28 '15 at 19:13
  • Just saw this, but I have a couple of these switches and I can confirm this is correct the answer. The way this works is that some devices may need to participate in many vlans... say servers, or wireless access points that provide service to ssids that each have their own vlan. You distinguish between these vlans on the same port using TAGs. When there is no tag for a packet, you still need to know which vlan it belongs to. Some switches handle this by automatically and completely removing membership from a vlan when a new untagged vlan is selected, while others use a PVID setting. – Joel Coel Aug 28 '15 at 19:23
  • @JoelCoel: so, if I want to use a single port (say, number 1) to "feed" Internet access for those two VLANs, what should I set things up? Port 1 would have membership in VLAN 2 and in VLAN3 as TAGGED (?), and then PVID for port 1 is... 2 or 3? – pgr Aug 29 '15 at 09:51
  • the pvid would be whatever vlan your router's internal address uses. And you'd need a router that itself either supports vlan tagging. – Joel Coel Aug 29 '15 at 16:58
  • This won't be an option for me, since I don't have a router with this ability; but the main thing is I'm starting to grasp the concepts and understanding these various ways of organizing the network structure and traffic. Thank you for your explanations! – pgr Aug 29 '15 at 17:11