Apologies for radio silence after you've been so helpful - I couldn't find the right time to do this without causing any downtime, so I've ordered a managed switch. I'll let you know.
Sledgehammer or fire for the procurve?
The behavior of VLANs through an unmanaged switch is undefined, by nature. Some switches do appear to pass VLANs without issue (I have tested with a handful of unmanaged switches that I have on hand, all seemed to pass traffic). However, it is plausible that it is not efficiently handling the traffic (rather than intelligently switching the traffic, it could do a broadcast like an old-school hub). In some cases, it is possible that the VLAN tags could be stripped and then the networks could be mixed as multiple untagged networks on a single unmanaged switch (bad!), or they could not be passed at all. It depends on the switch chip (general capabilities) and any configuration that is part of the unmanaged switch firmware/circuitry (or burned into the chip).
Regardless, it is not possible to manage the port VLAN memberships, so at best all ports appear as trunk ports, and at worst, things start to fail in all sorts of ways.
Fortunately, managed switches are relatively inexpensive for 5-16 port models.-- only a small premium over the unmanaged equivalents.
The T1500G-8T I ordered arrived today, and I've been trying to get this set up again.
I tried at first doing nothing other than giving the switch a static IP, disabling dhcp, and pointing it to my firewall gateway. No dice seeing the openwrt VLAN from the managed switch or pfsense.
The LAN from pfsense is going straight into the managed switch, as well as the openwrt access point.
So I tried creating a VLAN 5 with the openwrt port untagged and the pfsense lan port tagged as the trunk, still no dice. I'm concerned now that I've added complexity with the extra managed switch.
Do I need to replicate the VLAN setup on this managed switch, or do I need to somehow just allow those VLAN tags through?
Port 2 & 3 - identical openwrt aps
Port 8 - pfsense LAN
The VLANs on the switch need to be configured the same way as the devices to which they are connected. Make sure that the switch port connecting to the openwrt device has the same definition of tagged and untagged networks as the port on openwrt. And the same with your pfsense box.
1 Like
Sorted.
I created a VLAN 5 and tagged the port going to the pfsense LAN, and the port going to the openwrt AP. Restarted the interface in unmanaged mode and I was able to connect and get an IP.
Thank you so much @trendy and @psherman for your help!
Edot: Solved by @trendy pointing out that my unmanaged switch wasn't passing through the VLAN tags.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.