NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
GS308EPP new firmware 2.0.0.11 bug?
Hi all,
I updated my firmware from 2.0.0.5 to 2.0.0.11 on 2 of 4 switches. On both switches i can not acces the web ui, And the switch is not responding on ping....
Anyone else having the...
I have 4 switches connected to each other. All ports are using vlan and trunk ports.
Hello Chris,
First tell us a little bit more about your network. Understand you have a series of VLANs, all different from VLAN VID 1. And all are connected over direct Ethernet links, acting as a trunk. With each VLAN configured [T]agged.
If i put a port to pvid1 i can access the management webui. However i do not use this (Pvid1) i use different pvid config.
This makes the computer you are connecting (without a special VLAN config) assigning all frames -from- the connected device to the VLAN 1 on your network:
Is the same port also configured to participate in the VLAN 1?
Can you reach all switches over this VLAN 1, or do you have to repeat this on each switch?And since the intro of 2.0.0.11 on the GS308EPP/GS308EP (or 2.0.0.10 on GS305EPP/GS305EP) - introducing a Management VLAN - you can no longer ping or reach these nice switches anymore. What system or router had delivered the IP config before? On which VLAN did this happen?
Before the update, these switches were connected "flat" direct to a (V)LAN like a mobile phone on the Wi-Fi, connecting to a certain SSID. I assume there is no specially configured multi-SSID and VLAN capable wireless access point, where the SSID would be associated to a certain VLAN - the uplink from the AP does make up a trunk with tagged VLAN(s). When you use a wireless device (like a PC), you usually got an IP address. Does this IP and subnet come from your ISP router, or from a security appliance, a bigger, more complex multi VLAN and multi-subnet capable device?
This subnet - likely operated on one of your VLANs - is what you use as your Management Network!
All you have to do now is define that specific Management VLAN VID on the switch in the Advanced Dot1Q config. Now the switch(es) Management interface is yon the VLAN you desire, and no longer on the VLAN with the VID 1.
If everything is working after that, remove the ports where you had temporarely defined the PVID 1 from the VLAN 1.
You still have not answered my question if the field for the Management VLAN is empty (probably causing the problem!), or if there was a number configured.
Happy Saturday!
-Kurt
Negative, all my GS308EP and EPP came back online after the firmware update from 2.0.0.5 to 2.0.0.11, the network config was supplied by the local DHCP server on the LAN.
Worth mentioning: The update took reasonably more time than what we had ben used before.
Wait until the login page does come up again on the Web browser you use for the firmware upload!
Are your GS308EPP using DHCP or did you had static IP configs in place?
Tell the community a little bit more about the previous VLAN config in place on your GS308EEPs. Before the update, there was no explicit management VLAN in the advanced mode. Had e.g. a DCHP server behind a trunk before the update for example?
Attempted a cold boot already?
Have no idea what do do in that case, the old tricks enabling and using NSDP were obsolete, this code does no longer exist. So no idea on how to force a firmware upload. MarcinS do you have some new ideas or how-to's on how to recover from update failures for your customer?
Hi,
Thanks for your reply. Well i think it has to do something with the vlan config. I resett one switch and it came back online. I use vlan advance 802.1Q
The default vlan 0 i did not mess with.
I use vlan ids 10,11,20,40,50,60,100
The switch has a static ip adress.
You Menton that in the new firmware the management uses a vlan. What vlan does it use in the new firmware?
The default vlan 0 i did not mess with.
The switch WebUI should not allow VLAN 0. The VID 0 is designated in Dot1q for special use only, specifically for adding a Priority Code Point (PCP) for signalling a class of traffic towards the next bridge.
You mention that in the new firmware the management uses a vlan. What vlan does it use in the new firmware?
The management VLAN is - according to the Web UI at least - not predefined. It can be set in the advanced VLAN mode controls.
This does ring a bell to me: Never had the VID 1 undefined on my playground switches here - I was never involved in any kind of Beta testing the last years, or specifically on these GS108EP, GS108EPP, GS308EP, GS308EPP switches, too.
Might be Netgear does have a default management VID 0 (unlikely), or implicitly using VID 1 - this is what switch makers are using on models with Spanning Tree Protocol (STP) with the standards defined Common Spanning Tree (CST) that only assumes one spanning tree instance for the entire bridged network, regardless of the number of VLANs.
So "what-if" there is a VLAN config like yours not including VID 1?
Might happen they implicitly using VLAN 1 in the default value for the management VLAN as introduced with 2.0.0.10/.11 firmware - and you had no VID 1 in the config, so the complete IP stack became inaccessible.Maybe MarcinS has some further ideas what went wrong, starting from a random existing VLAN config, not covering VID 1, before the update. Probably worth a remark in the release notes for defining a working and accessible VLAN 1 before deploying the update?
Sorry,
My mistake vlan 0 is not used. It is vlan 1 that is default. And i leaved it that way. Indeed when i do the uograde the management interface is not reachable and i can not ping the switch. However everything keeps running. So data is arriving averywhere.
... Indeed when i do the upgrade the management interface is not reachable and i can not ping the switch. However everything keeps running. So data is arriving everywhere.
Yes, exactly what I was understanding from your posts - this is why I've started brainstorming on what potentially went wrong.
You started from an appropriate and perfectly working VLAN advanced config for your use case with the VIDs 10, 11, 20, 40, 50, 60, 100. After the update from .5 to .11 - where the Management VLAN was introduced - switching continued working as configured - but any kind of management access was lost. After some experimenting on a GS308EPP, reverting to 2.0.0.5, factory defaulting, and deploy some random config with a handful VLANs in advanced mode, similar to your VID list. Updating to 2.0.0.11 showed the same effect: The switch management is no longer accessible.
Classic programmer bug, not properly initializing the variable where the Management LAN ID is supposed to be stored? Suspect somehow the in the Management VLAN, showing in the Web UI "empty" does have a kind of valid VID internally - wild guess it became 0 or 1. And there it goes, the management access.
MarcinS can you push this thread to the GS308EP/EPP and GS108EP/EPP RD and QA team please? This is very likely a bug, or at least an unintended mishap!
Sorry,
My mistake vlan 0 is not used.No, nothing to sorry, you have opened my eyes: You have discovered a potential code issue!
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
