NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Torch24's avatar
Torch24
Guide
Feb 29, 2024

GS308T

GS308T s/w 1.0.5.12  - one port connected router-on-a-stick; other ports to various clients. It is unclear from the manual what is the order/priority of Mac-based VLANs and protocol-based VLANs.  Ar...
Torch24's avatar
Torch24
Guide
Feb 29, 2024

I don't know what either of those acronyms mean (other than looking them up :-), but I did quote from the switch manual and under MAC-based VLAN (pg.120) it also mentions This implies that you can configure a MAC address mapping to a VLAN that you did not yet create on the switch.  The documentation on an HPE switch (that I do not own) says ...the port selects a VLAN for the frame in the order of MAC-based VLAN, protocol-based VLAN, and port-based VLAN...  It would be helpful if the manual for the GS308T was as clear.

 

Thanks.

schumaku's avatar
schumaku
Guru - Experienced User
Feb 29, 2024

In my reading, the VLAN is created along when adding a MAC Address and a VLAN ID in an authenticated admin session - anything else would bring a massive security issue in absence of GVRP and GARP:

 

 

 

No idea if this UI would allow to define multiple MAC based VLANs for the same VLAN ID.

 

Well, I'm just yet another user here, and can be wrong. Yes, we have some deployed switches from a big competitor in the field, supporting GVRP and/or GARP. 8-)

  • Torch24's avatar
    Torch24
    Guide
    Feb 29, 2024

    I agree - I don't think the switch allows multiple MAC-based VLANs.

    If I create a MAC-based VLAN, a Protocol-based VLAN and a Port-based, how would be a packet be tagged if it (in theory) qualifies for all three?  I suspect it would be MAC, Protocol or Port; in that order.  The switch manual is unclear, thus my request for a logic diagram.

    • schumaku's avatar
      schumaku
      Guru - Experienced User
      Mar 01, 2024
      Torch24 wrote:

      ... I don't think the switch allows multiple MAC-based VLANs.

      Strongly doubt. Not a GS308T, but another Broadcom based MS510TXUP for example:

       

      • Torch24's avatar
        Torch24
        Guide
        Mar 03, 2024

        I now understand more about the various VLANs.

        MAC-based VLANs allow a device (MacBookAir in my case) to connect from anywhere on the network that is connected to a port on the switch and be assigned a VLAN dynamically.  Because MAC-based VLAN assignment is a) across all ports and b) assigned before any protocol- or port-based VLAN, the packet gets a VLAN tag and is then processed in the switch bypassing any protocol- or port-based VLAN assignment. 

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More