12-13-2010 12:20 PM
Hi!
I'm trying to set up VLANs in my racks. I have some knowledge about VLANs, but I still can't set it up in my way.
My situation:
I have PC which contains two virtual machines, which has to works as a routers between three networks: LAN1, LAN2, WAN. It's a bit complicated, but I'll try to draw it:
|-------------|
|----------------------------| | e1|-to-eth1-VM2-----WAN
|VirtualMachine 1 eth0|---trunk-VLAN1&2---|g1 e2|-to-eth0-VM2-----LAN2
|eth0=VLAN1 eth1=VLAN2 | | e3|-to-eth0-VM2-----LAN2 etc.
| PC | | SWITCH e4|
|VirtualMachine 2 | | e5|-to-eth1-VM1---wire-to-LAN2
|eth0=VLAN3 eth1=VLAN4 eth1|---trunk-VLAN3&4---|g2 e6|-to-eth0-VM1-----LAN1
|----------------------------| | e7|-to-eth0-VM1-----LAN1 etc.
|-------------|
gX = Gigabit ports
eX = 100Mbit ports
VMX = Virtual machine number
wire-to = patch-cord connection between ports on the switch
Schema of routing and logical visibility:
LAN1---VM1-----VM2---WAN
|
LAN2----------|
Important note is that LAN1 and LAN2 has to be separated (visible only through routers). WAN has to be visible only through VM2 for LAN2 and through by VM1 and VM2 for LAN1. It looks easy, but VLANs which I done on that switch seems to doesn't works.
I'm doing this like that:
Step1: VLAN Management / Create VLAN...
Creating VLANs from 1, 2, 3, 4 (numbers doesn't meters right now - I now that number 1 is restricted at the switch).
Step2: VLAN Management / Port to VLAN...
Setting up VLAN1 with ports g1, e5 (both tagged or untagged? - I haven't seen difference)
Setting up VLAN2 with ports g1, e6, e7, etc...
Setting up VLAN3 with ports g2, e2, e3, etc...
Setting up VLAN4 with ports g2, e1
Step3: VLAN Management / Port Setting...
Setting up port e1 to PVID4 (frame type=all I suppose, but what with "ingress filtering"?)
Setting up port e2 to PVID3
Setting up port e3 to PVID3
etc...
Setting up port e5 to PVID1
Setting up port e6 to PVID2
Setting up port e7 to PVID2
etc...
So, on that configuration and on that switch it doesn't work for me
I know that switch is seeing MACs from VLANs which are done by PC's, because when I get in "Admin / Dynamic Address" I can see MACs on correct ports and with correct VLAN ID. So the problem is to forward VLANs on their ports, next clear frames from IDs and let packets go (and back: take clear packets, add VLAN ID and send to gigabits ports).
Showed configuration is the one of many that I tried :/ but I think this one is the best one.
Or maybe I don't know VLANs as I think and that schema is impossible? Please tell me if I' doing sth wrong.
Regards
and waiting for any suggestions,
Lucas
12-16-2010 07:28 AM
Hi, I have the same problem, I've got a Cisco SLM224G and I have created the VLANs, but can't figgure out how to setup the VLAN Trunk. I'm starting to believe that this switch does not support "Trunk" mode... so dissapointing , hope someone finds us a solution because without the Trunk option.... it's USELESS !!!!! and it's not quite cheap to buy another one with Trunk support...
12-16-2010 09:51 AM
Hi.
Trunk is a kind of switch-to-switch connection and have been invented by Cisco (as I know), so in my case maybe I don't need "the trunk" itself. However it should works like that, but it doesn't as it is in my upper schema. And other however... everybody's saying on ethernet with many VLANs as trunk
In documentation to this switch isn't anywhere word like "trunk". So, how correctly set up VLANs there, for what they are there? :-|
Regards
Luke
12-17-2010 05:22 AM
The port setting in the default state is like a trunk but only a member of the management vlan or just one vlan.
You can adjust the rules on the port by allowing untagged only, (Access port), or setting it to all (Trunk).
At this point, all you have to do is add the vlans to the port and if they are tagged or untagged.
If you change the pvid on a port, it makes it an access port unless you add more vlans.
01-13-2011 05:53 PM
Ok, so can You (or anybody) tell what I'm doing wrong in my upper steps, where I want to divide two physical ports (4 vlans goes in) into 4 physical ports on the same switch for others computers which will not having vlans on their interfaces?
If it's not clear enough: My idea is quite simply. I want to separate two virtual routers running on one machine by making vlans on them and on the switch. Any others computers should be connected to these routers by the ports which I'll set up to which segment they belongs (I mean different interface of the routers). Everything is on schema in my first post.
Regards,
thank You for answering and any future looks on my case!
Lucas
01-15-2011 12:01 PM
You need to make sure that your VirtualMachine can send tagged frames if the VMs share physical ethernet ports on the host.
I count 4 different LAN segments but you have only 2 physical ports on your PC (router).
And VM2 requires 3 physical connections according to the list below.
Depending on the virtualisation software you can maybe create the connection PVM1 to VM2 internally inside the PC (logical connection)
Are these the connections you require ?
VM1 --- LAN1
VM1 --- VM2
VM2 --- WAN
LAN2 --- VM2
Is this correct ? Will your PC, Virtualisation Software/Hypervisor tag frames with VLAn tags ?
If this is true I can help you configure the switch.
Jo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide