• March 28, 2024, 06:55:18 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: [Newbie] Problem with conflicts between VLANS  (Read 7391 times)

ezraherman

  • Level 1 Member
  • *
  • Posts: 4
[Newbie] Problem with conflicts between VLANS
« on: January 23, 2010, 08:49:14 PM »

I'm trying configuring the D-Link DGS-1224T to support three separate subnets and I can't get it to work. As this is my first stab at working with VLANs I'm probably making a newbie mistake.

Here's the situation: I've got a /29 public IP range coming into a SonicWall T190. I'm taking two of those addresses and sending them to different networks by configuring the ports on the SonicWall so that one goes to network A and one goes to network B. I know this is working because I can hook up two different physical switches to the two live ports on the SonicWall and everything works fine.

Enter the D-Link DGS-1224T switch. This has 24 ports which I attempted to split into three VLANs. VLAN1, which I'm using for network A, works fine. VLAN2, which I'm using for network B, only works properly if I unplug the cable linking VLAN1 and the SonicWall port. Furthermore, when VLAN1 is connected and I try to ping the SonicWall from network B, I usually time out but not always (maybe 95% of the pings will time out). In addition, if both are hooked into the SonicWall then intra-network communication is disrupted between devices in network B. Some packets appear to get through, most don't.

Here's how I set up the D-Link. I have very little previous knowledge of VLAN configuration and just worked from the documentation.

   1. Under the 802.1Q configuration tab, I enabled Asymmetric VLANs.
   2. The default VLAN was named VLAN 1 and had all 24 ports as members and had a VID of 1
   3. I removed ports 9-24 from VLAN1 membership
   4. I created VLAN2 and VLAN3 with VIDs of 2 and 3 respectively
   5. I made ports 9-16 members of VLAN2 and ports 17-24 members of VLAN3
   6. I then changed the PVID of ports 9-16 to 2 and 17-24 to 3

As I said, in testing everything worked as expected. Devices in each VLAN could see each other but could not see devices in other VLANs. The problem, as I stated before, is that when VLANs 1 and two are both connected to the SonicWall, VLAN2 gets crippled.

Any and all suggestions welcomed.

Thanks,

Ezra Herman
Babel Consulting, Inc.
Logged

Fatman

  • Poweruser
  • Level 9 Member
  • ****
  • Posts: 1675
Re: [Newbie] Problem with conflicts between VLANS
« Reply #1 on: January 26, 2010, 10:34:18 AM »

Asymmetric VLANs are a real pain to configure and to troubleshoot, I would avoid them if at all possible.  Therefore my first question is whether or not your LAN ports on the SonicWall can be configured for traffic segmentation or as distinct interfaces.  If so we can avoid having to go asymmetric.
Logged
non progredi est regredi

ezraherman

  • Level 1 Member
  • *
  • Posts: 4
Re: [Newbie] Problem with conflicts between VLANS
« Reply #2 on: January 26, 2010, 11:31:41 AM »

Fatman ( ???)-

Thanks for the reply. I'm not sure what you mean by traffic segmentation, but the ports on the SonicWall can be configured as separate interfaces and that's how I have them set up. One interface is set to 192.168.111.1 and the other is 192.168.112.1. I'm allowing traffic to flow unrestricted between the two interfaces via the SonicWall.

As I mentioned, I set up 3 VIDs with ports 1-8 on VLAN1, 9-16 on VLAN2 and 17-24 on VLAN3. I made all the respective ports of each VID untagged and the rest 'not members'. I set up PIDs correspondig the VIDs.

I've got the first SonicWall interface plugged into port 8 and the second plugged into port 16 on the 1224.

I hope this makes sense.

Regards,

Ezra Herman
Logged

Fatman

  • Poweruser
  • Level 9 Member
  • ****
  • Posts: 1675
Re: [Newbie] Problem with conflicts between VLANS
« Reply #3 on: January 26, 2010, 12:53:22 PM »

Are they set up as separate interfaces or separate networks.  Because if you can set them up as separate interfaces you don't need to use Asymmetrical VLANs and you can just make every port on each VLAN untagged on it's own VLAN with a PVID of it's own VLAN and everything should be groovy.
Logged
non progredi est regredi

ezraherman

  • Level 1 Member
  • *
  • Posts: 4
Re: [Newbie] Problem with conflicts between VLANS
« Reply #4 on: January 26, 2010, 01:45:54 PM »

They are set up as separate interfaces. However, I can't see how to set configure PVIDs without having Asymmetric VLANs enabled. Am I missing something?

Regards,

Ezra Herman
Logged

Fatman

  • Poweruser
  • Level 9 Member
  • ****
  • Posts: 1675
Re: [Newbie] Problem with conflicts between VLANS
« Reply #5 on: January 26, 2010, 01:58:15 PM »

You should only have to configure PVIDs if asymmetric VLANs is enabled, I was just covering bases.  You will notice that without asymmetrical VLANs the PVIDs are set correctly for you, even if they aren't, as long as asymmetric VLANs aren't enabled you should be fine.
Logged
non progredi est regredi

ezraherman

  • Level 1 Member
  • *
  • Posts: 4
Re: [Newbie] Problem with conflicts between VLANS
« Reply #6 on: January 26, 2010, 09:24:09 PM »

Fatman-

That did it! Thanks so much for your help.

Regards,

Ezra Herman
Logged