D-Link Enterprise > DGS-1100-Series
DGS 1100-16 Overlapping VLANs possible?
Armin:
Hi,
not sure, if that could work . . .
I would like to create several VLANs for different purposes, like data, media, voip, raspberry aso. Every device should be able to talk to the dsl-router on eth0. All devices in one VLAN can talk to each other in the same VLAN. Everything ok so far.
Now the additional request. Some of my media devices should additionally be able to talk to some data devices, like a special PC or laptop. Some of the RPIs as well. And, some of the RPIs to data and media. At the moment no device uses tagged data.
Is this setup possible? And if, how?
Could I use trunk ports with untagged data and ingress checking disabled? Most of the connected devices are not VLAN aware. But I do not know . . .
Sorry to say, but the manual is not very helpful. And the WEBGUI could also be improved. My know how as well, I know.
Anyway, any help appreciated.
Thanks,
Armin
FurryNutz:
We don't get a lot of posts or views for switches. This post seems to be a specific kind of configuration. I don't have experience with this switch or much on VLANs.
I recommend that you phone contact your regional D-Link support office and ask for help and information regarding this. We find that phone contact has better immediate results over using email.
PacketTracer:
You explicitely use VLANs in order to subdivide a layer 2 domain into disjoint (= there is no "overlapping") smaller domains. Hence, at least at network layer 2 (that is at Ethernet level) two devices belonging to different VLANs cannot communicate to each other.
The only way to allow controlled communication between selected devices within different VLANs is at layer 3 (that is at IP level), where your router, which is connected to any VLAN, could provide IP routing between those VLANs (depending on your DSL router's capabilities). To allow routing only between selected devices inside your VLANs, your router must additionally provide firewall functionality (e.g. iptables, if it is a Linux box), so that you can define a ruleset that fits your internal inter-vlan communication needs.
If your router provides (or if you want to use) only one physical interface (eth0) vor LAN connectivity to all VLANs, your router must be capable to define subinterfaces (one per VLAN) that share this physical interface. The switch port you want to use to connect to the router must be configured as a VLAN trunk port.
FurryNutz:
Thank you for posting information PT. ;)
Armin:
Hi,
thank you for your information. I know that an OSI Layer 2 switch can only handle Ethernet or better said is only aware of MAC addresses. And VLANs are more or less broadcast domains. I understand now that the DGS 1100 cannot provide me with the intended functionality.
However, I read that CISCO switches support the concept of a Multi-VLAN-Port. So the concept could work. I do really not have the deep understanding of "switching" but lets assume that the switch would maintain (beside the FDB) a database of VLANs and associated MAC addresses and port numbers. Then, in case of a broadcast, the switch could lookup the database and send the packets to all VLAN-MAC related ports. We could maybe even think of virtual bridge VLANs. But all this nice models will fail instantly, because all connected devices need to talk to the dsl-router and hence would have in their database an identical VLAN number and so always be able to talk to all. More sophisticated approaches would be necessary. For example, somehow a "directional"-aware switching. If a device on ethX, member of VLAN Y would sent something to VLAN 1 (with the router connected to that), then only the router should receive the package but not the other members of VLAN 1. In the case that the dsl-router would send a package into the switch then all VLAN1 port members should receive that package. But I understand that such functionality is not implemented.
The result of this thoughts is that for my configuration (Every device connected to the DSL router) the DGS 1100 series smart switches VLAN capability is useless. The only way for a meaningfull setup would be to have a Layer 3 switch or a VLAN aware router (with a trunk port) as upstream device. Or the usage of a DGS 1100 as a subswitch.
What a pity. But anyway. Thank you for your answer.
Best regards
Armin
Navigation
[0] Message Index
[#] Next page
Go to full version