Hi.

Here is a diagram of my setup :

rv042 wan1 -------------- sg200 port 1

rv042 wan2 -------------- sg200 port 5

rv042 lan1 ---------------- sg200 port 11

rv042g wan1 -------------- sg200 port 2

rv042g wan2 -------------- sg200 port 6

rv042g lan1 ---------------- sg200 port 31

isp1 --------------------------sg200 port 3

isp2 --------------------------sg200 port 7

internal lan 1 ---------------sg200 port 12

internal lan 2 ---------------sg200 port 32

on sg200 :

vlan1 - port 1 2 3 4

vlan2 - port 5 6 7 8 9 10

vlan3 - port 11 - 30

vlan4 - port 31 - 48

all untagged.

on vlan1 i should have isp1 and wan1 from both routers

on vlan2 i should have isp2 and wan2 from both routers

on vlan3 i should have internal network 1

on vlan4 i should have internal network 2

Rv042 /G have (at leat display)  different  MAC Addresses for WAN1 and WAN2 (setup - network - mac address clone) and also on LAN (setup - network - under lan settings), so should not make loops.

Best regards,

Catalin

If this is your desired set up, you may disable spanning tree globally and filter the bpdu.

-Tom
Please mark answered for helpful posts

Hi.

I can do some things, like using 4 switches instead of 4 vlans, but this is not my point or solution: I cannot see anything wrong in setup, but I still can't get it to work. One of equipments, router or switch , is not doing what was supposed to do.

Don't get me wrong, I have in function more than 500 rv042 /G (each with vpn tunnel to HQ) for more that 3-4 years, I know those devices. Problems started with RV042G (vpn tunnel in backup mode not get back to primary connection when available)  and becomes more sensitive when paired RV042 /G with SG200-50.

At this moment I am using 2x 5 port gigabit switch , cheap , no management , to isolate wan1 / wan2 connections. You can say this "solution" , but in reality it is not.

Best regards,

Catalin

Hi Catalin, the SG200 doesn't support multiple spanning tree or PVST. The switch is not a router, it is a switch. If you need fundamental understanding of how the switch is behaving, please read about 802.1q, 802.1d.

The purpose of 802.1d, spanning tree is to prevent network loops (you have a lot of them). 802.1d was later amended to 802.1q. 802.1q states that regardless of vlans, there will be only 1 spanning-tree instance.

The SG200 does not support MSTP (802.1s).  Therefore your only work around is to disable spanning tree and create network loops or use the switch in a more appropriate way.

Those lan segments should not be connecting to the switch if the router WAN connections are.

The difference in your statement above, an unmanaged switch doesn't do anything but provide electrical connections, it doesn't care about broadcast storms, network loops, etc.

-Tom
Please mark answered for helpful posts

Hi.

All you say is correct if, a big IF, you consider RV042 /G WAN1, WAN2 and LAN a "switch". But, as long as there are 3 MAC Addresses for each port, why WAN1 and WAN2  and LAN connected into SG200 would make a network loop (first question) , and more to this , WAN1, WAN2 and LAN are going into different VLANs , why loop again(second question)?

Yes, 802.q states one spanning tree instance, but here should be none. What  VLANs  do in this case - if not to isolate traffic  (third question)?

Best regards,

Catalin

Hi Catalin, it is not really any big if because there is 1 system ID. There is a network loop because it is not spanning tree per vlan, it is spanning tree per 802.1q Vlans isolate traffic but they do not isolate spanning tree instances.

-Tom
Please mark answered for helpful posts