Can't get VLAN's working across uplink between GS110EMX switches

Netgear does confusingly push four VLAN configuration variants on these routers Web UI - be reminded only use the same each and every time. This applies to all Netgear Smart Managed Plus / Click / Gaming / Gaming Pro and Smart Managed Pro / Insight Managed series.

This is all you should ever use for a real world 802.1Q config:

VLAN -> 802.1Q -> Advanced -> VLAN Configuration / VLAN Membership / Port PVID 

Here an example - Port 10 is used as a Trunk, VLAN ID 1 and VLAN ID 10 are configured tagged. That's all (put the PVID e.g. to PVID 1 or a "catch all" if you might not want untagged (and unwaned) traffic on a trunk. Port 1..9 serve VLAN ID 1 untagged access ports, Port #8 is used as a dedicated access port for VLAN 250, Port #1 does also carry VLAN 250 tagged. No rocket science.

---

@Username000 wrote:

On switch number 1, Port 9 is used for services by a 10Gbe NIC on an office NAS on one switch, and on switch nunber 2 port 9 is used for a video editing workstation. 

 

... but I cannot find a setting in the "advanced" VLAN section that actually allows VLAN tagged traffic to traverse the uplink from switch 2 to devices connected to switch 1.

 

Currently I have just two VLANs,1 and 50.  Port 10 is set for PVID 1, untagged VLAN 1, tagged vlan 50 on both switches.  
If I plug into a port that allows tagged 50 on switch 1 and ping the management interface for the NAS on port 7 that is also on tagged vlan 50, it works. If I plug into a port that supports tagged vlan 50 on switch 2 and attempt to ping the same NAS management interface, it fails.

---

Wait. Unless your NAS and/or the worksation (or wireless AP, ...) does support multiple interfaces with tags, a normal NAS or Worksation wiht a flat interface does always connect to an purt configured for untagged VLAN. See the example above - the VLAN ID 250 does run tagged on a trunk (Port #10), while the same VLAN 250 can be accessed on port #8.

The very similar config does run on two GS110EMX by the way - and the main intention is very similar to your VLAN 50 - having a second VLAN (here the ID 250) available direct on the Port #8 (Need dedicated GbE only, Note: VLAN ID 250 Untagged on both ends, PVID 250, no memeber of the VLAN ID 1), while the trunk does run the VLAN ID 250 tagged.

Suspect just the underlined part of your config is wrong, this should be Untagged for your VLAN 50, PVID 50, and _no_ membership for VLAN ID 1.

This is your VLAN 50 :

NAS <-> #9 VLAN 50 [U]ntagged, PVID 50, VLAN 1 [ ]nomember <-> #10 Trunk with VLAN ID 50 [T]agged <-trunk-link-> #10 Trunk with VLAN ID 50 [T]agged <-> #9 VLAN 50 [U]ntagged, PVID 50, VLAN 1 [ ]nomember <-> Video Workstation

This is your VLAN 1:

Firewall, others, ... <-> #1..#8 VLAN 1 [U]ntagged, PVID 1, VLAN 50 [ ]nomember <-> #10 Trunk with VLAN ID 1 [T]agged <-trunk-link-> #10 Trunk with VLAN ID 1 [T]agged <-> #1..9 VLAN 1 [U]ntagged, PVID 1, VLAN 50 [ ]nomember <-> others

Yeah I have a lot of stacked M4300's etc at other sites, these much smaller switches leave a lot to be desired. I use separate physical interfaces on the NAS and ASA for management and I don't want to get into that aspect of the setup as it is not relevant to the issue at hand except to say that they exist.

In the attached graphic, switch 1 is on top, switch 2 is on the bottom.

If I plug in a laptop configured for VLAN 50 to port 5 on Switch 2 and ping a device on port 2 Switch 1 and get no response.  If I unplug the laptop with it still attempting to ping and carry it to switch 1, then plug into port 5 on switch 1, it gets responses. 

Leaving alone that I have zero trust in many NIC drivers in their basic features - the amount of problems we see popping up on major OS and distros is overwhelming (problems with basic speed negotiation, flaky performance, not honouring config settings, ...) regardless if we talk Linux or Microsoft validated drivers - I can't see why one should use tagging in plain network interfaces ... configure the port to the VLAN untagged & the same PIVD.

To understand the effective issue, there are simply to many unknown variables. Trying to connect from a client interface supposedly tagging (bad policy for what should be a flat interface IMHO), connected to an switch interface connecting into two VLAN (one properly untagged/PVIDed for 1, one tagged for 50), through a trunk (which looks OK, having a trunk fully tagged is my preference but for simplicity one might do the primary VLAN untagged), to a destination port having both VLANs 1 and 50 tagged connecting to an unknown device where obviously both VLANs just be tagged.

Consider to restart your test with plain simple and clear untagged test devices run on an untagged/PVIDed port into the VLAN 50. Can't see why this should not work and allow connectivity through the trunk (both on the port #10).

That's all yet another community member can do for you.