VLAN Setup to Extend Home Network

anon50098793 · 2019-10-17T03:59:21.210Z

willowen100:

I can easily tag the two LAN's to the trunk port (by setting port 2 on the Netgear switch) to 'tagged' in each of the two VLAN's.

This trunk port (port 2 on the Netgear switch) is the actual WAN connection as well

Things go south at actual WAN connection.

When cisco gear was my daily bread and butter... i preferred linux... but when it comes to vlans+cisco nothing could be clearer.

On a cisco switch i'd have no problem tagging WAN on a trunk. But on consumer gear... i'm not sure i'd even attempt it. Even though the other end is probably the harder piece of the puzzle.

If I were you i'd move heaven and earth to use a dedicated switchport in access mode ( tags stripped ) directly to the wan port on your router. ( possibly splitting 4 pairs into two )

At least for initial testing....

jeff · 2019-10-17T05:06:53.872Z

on consumer “smart” switches often being stupid and recalcitrant for what should be simple tasks. That’s what drove me to Cisco SG300 (used) at home.

willowen100 · 2019-10-22T22:26:57.647Z

Hi everyone

I'm still trying to get my hear around all of this.

From my understanding I essentially have four switches. Two OpenWrt routers capable of VLANs and two Netgear managed switches.

Correct me if I'm wrong...

I would setup all three VLANs across all four switches and then untag when I need to route off to an actual device. E.g. my ONT/modem will want an untagged port and so will computers/servers using a RJ45 lead.

My analogy of VLANs is like a motorway; everyone is in their designated lane (VLAN) and heading in the same direction (trunk). When vehicles go off at a junction (untagged) they go to their chosen direction. Vehicles travelling along the motorway together might travel between different cities (switches) that interconnected via trunks.

Let me label my switches so that I can demonstrate the routes.
A) AP1/router 1
B) 24-port switch
C) 5-port switch
D) AP2/router 2

VLAN 20 runs A>B>C (terminates at ONT/modem)
VLAN 5 & 10 runs A>B>D (passes through not affecting ONT/modem)

trendy · 2019-10-22T22:40:55.091Z

That is correct.
However keep in mind that there can be junctions that frames can be tagged, if the device supports it, e.g the OpenWrt.

willowen100 · 2019-10-26T16:20:54.170Z

If I'm creating a trunk consisting of three VLANs at the 24-port switch, how do I split the WAN VLAN from the trunk at my 5-port switch allowing the two remaining VLANs to carry on as a trunk to my second access point/router?

If the trunk connects the 24-port switch to port 1 on the 5-port switch and the ONT/modem connects to port 5 also on the 5-port switch, would it be a case of creating a VLAN 20 (the WAN VLAN) and setting ports 1 (tagged) and port 5 (untagged) and finally setting both of their PVID's to 20?

In regards to the private and guest LAN they are currently coming into the 5-port switch via the trunk connection at port 1. Port 2 will go to the AP/router 2.

I want to continue this trunk to my second AP/router. How do I do this?

I'm possibly thinking do I create the VLANs for my tow LANs on the 5-port switch set port 1 and 2 to 'tagged' on each of them and set the PVID to 20 (the WAN VLAN)?

mk24 · 2019-10-26T16:47:23.893Z

This is a question about the Netgear switches then. On big Cisco switches, if you set a port as "trunk" it will accept any VLAN that comes in and send it out to all other "trunk" ports on the switch. There are ways to opt out of some VLANs but the default is to pass all. This usually does no harm because if the device on the other end of the cable doesn't recognize a VLAN it will just drop the packet.

It is exactly opposite for OpenWrt where you have to specifically define every VLAN number that you want to pass and individually connect it tagged to your trunk cable ports.

I don't know which philosophy the Netgear managed switches follow, be it one of these or something in between.

jeff · 2019-10-26T16:56:57.855Z

I intentionally only used tagged VLANs on trunked ports, set the PVID to 4095 (“blackhole”), and, if the switch permits, block untagged and non-configured VLANs (“general” on Cisco, as I recall). That provides clarity and avoids trying to work out many “what if” questions.

Note that OpenWrt switches need additional config (vid and pvid) to use VLAN tags over 15 or 127, depending on the hardware and driver. See the wiki for details.

willowen100 · 2019-10-27T09:20:53.393Z

mk24:

if you set a port as "trunk" it will accept any VLAN that comes in and send it out to all other "trunk" ports on the switch

Are you essentially saying tagged ports communicate with one another across different VLANs?

In other words if my main VLAN trunk comes in on port 1, do I set 'tagged' on that port 1 for all three VLANs I create on the 5-port switch?

If I then want the trunk to continue down another physical port for the private and guest LAN do I just set 'tagged' on port 2 (the physical port that would connect to AP/router 2)?

trendy · 2019-10-27T09:49:48.268Z

willowen100:

In other words if my main VLAN trunk comes in on port 1, do I set 'tagged' on that port 1 for all three VLANs I create on the 5-port switch?

Correct.

willowen100:

If I then want the trunk to continue down another physical port for the private and guest LAN do I just set 'tagged' on port 2 (the physical port that would connect to AP/router 2)?

Again correct.