NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
VLAN Puzzle
I would appreciate assistance diagnosing a VLAN problem. Now that many homes have Ethernet cables installed from most rooms to a central patch panel, some users find that the patch panel is not a gre...
I have reproduced the puzzle using TP-Link managed switches. Same results:
- In router mode, a satellite connected to the router using an 802.1Q tagged VLAN port behaves normally.
- In AP mode, a satellite connected to the router using an 802.1Q tagged VLAN fails to support Guest WiFi devices.
What I am looking for is an explanation or a suggestion for how to document "what is happening?"
My naive understanding of managed switches is:
- When a packet comes into an untagged port, the switch inserts a 802.1Q Header into the frame with the PVID assigned to that port***:
- If the packet is sent out a "tagged" port, this Header remains in the frame. (even if it passes through dozens of Ethernet switches on its way through the network).
- Eventually the packet comes out an untagged port and that Header is removed.
- i.e. "what goes in, comes back out."
*** PVID:
* What does "not already addressed (tagged)" mean? Do untagged ports accept tagged packets?
What if..... when the Orbi is put into AP mode, it treats the link to the satellite as a tagged VLAN link? Some packets are "tagged" for special treatment. This (somehow?) gets mangled by the managed switch and these frames just disappear. Or, when they come out the other end, both their original 802.1Q Header and the switch 802.1Q Header have beeen stripped and the packet is not recognized as coming from an Orbi unit?
Or....maybe..... When in AP mode, the switch puts an 802.1Q Header on some frames and the managed switch (a) replaces them with the PVID or does not put the PVID on them and thus those frames are part of a VLAN that is not defined on the managed switch?
Annoys me no end that a knowledgeable Netgear engineer could answer this is five minutes. "No, dummies. THIS is why a managed switch messes up AP mode." (sigh. They are not being paid to talk to customers.)
It looks like the way to check out this theory is to snoop on both the router LAN port and the satellite LAN port to record what is "going in" and "coming out" on both ends. This requires more managed switches to mirror those two Ethernet links and two Ethernet adapters to get the data into a computer running Wireshark. Going to be an enormous tangle of cables.
The VLAN config looks about right in the scheme on the initial post.
Since you are using some ports as a tagged trunk, I assume this config is not the simple port based one, much more the advanced VLAN config with the appropriate PVID set for each VLAN so untagged frames incoming are sent to the right VLAN.
A possible difference in AP mode is that the Orbi WAN and LAN port are bridged, and the Loop Protection will (read: must!) jump in, and close some ports, since the "loop test" frames the switch does send-out are coming back on a different port - some port will be disabled, and the relevant LEDs will flash.
Worth disabling the Loop Detection to start with?
However: From the IT network professional view, I still can't understand what should make a difference on the Orbi Systems AP mode WAN and LAN port, and why Netgear (and trusted senior community members like CrimpOn and FURRYe38 - hello friends - insist) there seems to be some difference. Reminds me somehow to the NTGR Nighthawk Mesh systems obviously using some other, IEEE standards compliant Mesh protocol - which are also badly fail on any kind of Plus (renamed to == Easy Smart Managed), Smart Managed, Fully Managed switches. Probably again that Layer 2.5 abstraction layer introduced along with IEEE 1905.1 or something proprietary serving a similar purpose?
Something similar must apply to the Orbi Guest network (or any Orbi Router <-> Satellite for wireless) on the wire level.
Had never been involved in any Orbi or Orbi Pro systems Beta, and have sold off my second hand Orbis due to that poorly documented (or at least rarely explored) behaviour, prohibiting correct interoperability with business class and business standards. This is why I keep my mouth usually shut on the Orbi community 8-)
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
