Community discussions

 
sparrow
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 52
Joined: Wed Jul 11, 2012 10:59 am

2 untagged VLAN same interface

Fri Nov 16, 2018 12:07 pm

Hi to everyone,
I would to know if there is a way to have 2 vlan as an access port (untagged) on a single interface in 6.42.9 (new swtich implementation)
Thanks for support!
MTCNA - MTCRE - MTCWE
 
User avatar
k6ccc
Member
Member
Posts: 480
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)

Re: 2 untagged VLAN same interface

Fri Nov 16, 2018 3:04 pm

No. No way to know which LAN a packet is part of if they are both I tagged.



Sent from a $&@#% iPhone using Tapatalk
RB750Gr3, RB750r2, CRS326-24G-2S (in SwitchOS), CSS326-24G-2S, CSS106-5G-1S, RB260GS
Not sure if I beat them in submission, or they beat me into submission


Jim
 
anav
Forum Guru
Forum Guru
Posts: 3120
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: 2 untagged VLAN same interface

Fri Nov 16, 2018 5:05 pm

What are you trying to accomplish, without discussing solution space or design space or switch functionality.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
pcunite
Forum Veteran
Forum Veteran
Posts: 945
Joined: Sat May 25, 2013 5:13 am
Location: USA

Re: 2 untagged VLAN same interface

Fri Nov 16, 2018 5:14 pm

How would you know which untagged packet needs to be tagged to which VLAN? What some do, is use MAC based VLAN. Thus, for example, packets with a MAC range of 000B82, (GrandStream phones), get put into VLAN 20.

/interface ethernet switch rule
add switch=switch1 ports=ether7 src-mac-address=00:0B:82:00:00:00/FF:FF:FF:FF:FF:FF new-vlan-id=20
 
anav
Forum Guru
Forum Guru
Posts: 3120
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: 2 untagged VLAN same interface

Sat Nov 17, 2018 7:49 pm

So pcunite, without knowing the ops scenario but using the dare to speculate (mkx tact), lets assume he has two PCs or two devices that are going to be connected to an etherport (acting like an access port). The only way that can happen is via an unmanaged switch.

If so, what does etherport see in terms of MAC traffic?
Can it see the mac addresses associated with the devices, or does it see the mac addresses of the switch ports where the devices are connected or does it see the mac address of the switch port that connects to ether4????

I dont see how on my mikrotik devices to differentiate by mac address.
A quick look at SwOS and I see hosts and static hosts which detail mac addresses which could apply??
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
pcunite
Forum Veteran
Forum Veteran
Posts: 945
Joined: Sat May 25, 2013 5:13 am
Location: USA

Re: 2 untagged VLAN same interface

Sat Nov 17, 2018 8:47 pm

Via an unmanaged switch, what does the ether port see in terms of MAC traffic? Would it see mac addresses associated with local devices, or would it see mac addresses of the switch ports of locally connected devices, or would it see the mac address of the its own switch port connected to ether4?

I don't see a way, on my MikroTik devices, to differentiate by mac address.

Great question and points. I think that until the OP states his goals, my statement can still be a valid option if the goal is to support the scenario of plugging and unplugging things into an Access port. The MAC is therefore changing and you can respond to that in a dynamic way. Whether or not this is a good idea is up for debate.

Regarding your point about where a device MAC address might appear across switches, broadcast packets do send out the MAC address to every switch in the VLAN. But I don't know if there is a way to respond at the physical port level when that happens.
 
sparrow
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 52
Joined: Wed Jul 11, 2012 10:59 am

Re: 2 untagged VLAN same interface

Mon Nov 19, 2018 10:07 am

What are you trying to accomplish, without discussing solution space or design space or switch functionality.
I need to reach two different subnet with different vlanID on same broadcast domain, I need to do that temporarily before to route the subnet. I've read on some cisco forum that someone has achived this solution.
Many thanks anyway
MTCNA - MTCRE - MTCWE
 
Buckeye
just joined
Posts: 13
Joined: Tue Sep 11, 2018 2:03 am

Re: 2 untagged VLAN same interface

Thu Nov 22, 2018 10:24 am

I need to reach two different subnet with different vlanID on same broadcast domain, I need to do that temporarily before to route the subnet. I've read on some cisco forum that someone has achived this solution.
I wouldn't call that a solution, I would call it a misconfiguration.

Isn't that what happens when someone makes a mistake and connects a cable between two access ports configured in different vlans on two different switches?

For example, if sw1 port 1 has vlan 10 untagged and sw2 port 5 has vlan 20 untagged, and someone connects a cable between sw1 port 1 and sw2 port 5. Then sw1 port 1 thinks untagged frames received from vlan 20 belong in vlan 10, and sw2 port 5 thinks untagged frames received from vlan 10 belong to vlan 20.

I don't recommend doing this, especially if there are any possible loops in your ethernet.
 
User avatar
docmarius
Forum Guru
Forum Guru
Posts: 1219
Joined: Sat Nov 06, 2010 12:04 pm
Location: Timisoara, Romania
Contact:

Re: 2 untagged VLAN same interface

Fri Nov 23, 2018 2:36 am

There are no untagged "vlans" on an interface, only THE untagged vlan (singular, only one, assimilated to vlan 1). For a packet to make use of vlans, it has to have vlan info in it, and that info is called a tag. A port could be virtually associated to a vlan by the router or switch, so that its traffic is handled internally as part of that vlan, but on the wire itself, it is still the untagged vlan, without vlan info in it.
Torturing CCR1009-7G-1C-1S+, RB450G, RB750GL, RB951G-2HnD, RB960PGS, RB260GSP, OmniTIK 5HnD and NetMetal 922UAGS-5HPacD + R11e-5HnD in my home network.
 
Alestrix
newbie
Posts: 34
Joined: Mon May 15, 2017 9:37 pm

Re: 2 untagged VLAN same interface

Tue Jan 29, 2019 11:59 pm

Isn't that what happens when someone makes a mistake and connects a cable between two access ports configured in different vlans on two different switches?
Wouldn't this be the solution? Take two unused ports, configure their untagged vids to the two vids in question, and then bridge them with an ethernet cable? This would forward each vlan's traffic to the other one. It's a dirty hack, but the OP mentioned it being only temporary anyway.

EDIT: "Independent VLAN Lookup" might have to be enabled since the same MAC addresses would show up on different VLANs.
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1435
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: 2 untagged VLAN same interface

Wed Jan 30, 2019 12:40 am

If I understand the OP correctly, the closest you will get to this is called hybrid vlan config. This is where you have a port configured for vlan trunking i.e. tagged vlan (vlan 10 as ex) and same port also configured as an access port for vlan 20 untagged
MTCNA, MTCTCE, MTCRE & MTCINE
 
User avatar
sebastia
Forum Guru
Forum Guru
Posts: 1790
Joined: Tue Oct 12, 2010 3:23 am
Location: Antwerp, BE

Re: 2 untagged VLAN same interface

Wed Jan 30, 2019 12:59 am

To OP initial question: it can be done and is being done, and is based on mac based vlan assignment
see viewtopic.php?t=143692

Who is online

Users browsing this forum: No registered users and 2 guests