Reply

GS108PEv3 VLAN issue?

sniffs
Follower

GS108PEv3 VLAN issue?

So I recently bought this switch to power 2 POE Access points and I'm having some weirdness that I dont know how to fix.. I'm not an network engineer or super familiar with VLANS but I know enough..

 

Since there's no uplink port on this switch, the first port you plug in gets DHCP, which then you can assign a static IP.

 

So I plugged port 5 of this switch into port 5 of my UDMPro, then on my UDMPro assigned port 5 to my IOT VLAN. I then went back onto the switch and configured port based VLAN between port 1 and 5. Everything works perfectly fine, everything connecting to my POE AP gets an IP from the DHCP scope assigned to it from the UDMPro.

 

Now I have another AP plugged into port 2. I want to plug port 8 of this switch into port 8 of my UDMPro and create another, separate subnet and on the switch VLAN port 2 and 8 together.

 

When I do this, the switch becomes extremely slow and starts dropping packets left and right. It "works" in the sense that everything on this second VLAN is getting a proper IP from the scope but it's so unresponsive and everything connecting to this second POE AP drops wifi constantly.. the moment I unplug the cable from port 8 on the switch, boom, performance goes back to normal.

 

Sorry for the long thread.. any ideas on how I can fix this, if it's even possible with this switch?

Model: GS108v3|ProSafe 8-Port Gigabit Ethernet Desktop Switch
Message 1 of 2
schumaku
Guru

Re: GS108PEv3 VLAN issue?

Up front, very simple and obvious: With the second link between the security appliance and the switch, you created a network loop. 

 


@sniffs wrote:

I'm not an network engineer or super familiar with VLANS but I know enough..


That's overly optimistic - errare humanum est, preservare diabolicum...  networking is a constant learning, we never know enough.

 


@sniffs wrote:

Since there's no uplink port on this switch, the first port you plug in gets DHCP, which then you can assign a static IP.


So called "uplink ports" are known from unmanaged switches where higher bandwidth, higher priority, and the like. In the world of configurable and managed switches, marketeers sometimes define the fastest ports [typically the SFP, SFP+, ..] as uplink ports. Effectively, the admin does define which port or LAG does act as an uplink (and downlink in a multi-tier network). On it's own, this does not limit where the DHCP config comes from, resp. where the management core does talk to. In the managed world, it would be the where a management VLAN can be defined (Managed, or Smart Managed Pro Switches) - on the Smart Managed Plus Switch (GSxxxE[x[x]]) there is no such thing, the tiny management controller does listen on all VLANs - so be aware that in a multi VLAN environment with dedicated DHCP servers it's almost mandatory to put up a fixed IP config.

 


@sniffs wrote:

Sorry for the long thread.. any ideas on how I can fix this, if it's even possible with this switch?


What you need to be aware is that 802.1q VLANs make logical networks, but all are operating on the same physical network. The switch and your security appliance are switches, everything is on the same physical network. RSTP (and the legacy STP) would span the complete network, and if supported (the GS108PE does offer a simple loop prevention, don't know about your security appliance which almost certainly is built using a configurable switch internally similar to the Smart Managed Plus switches) it would shut down a port to break the loop. This does then break your network design - this would be only permitted if you have fully managed/business class devices configured to MST where every VLAN has it's dedicated "RSTP" then. 

 

The correct way is to configure a trunk, carrying multiple VLANs over the same port [all tagged, or one untagged/native and all other tagged], if more bandwidth is required configure a LAG. This does not only apply to the security appliance to switch connection, but very similar to wireless access points serving multiple SSID/VLANs.

 

This is of course not a subject "GS108PEv3 VLAN issue", and not a problem like "if it's even possible with this switch" at all. The switch is an industry standard device. The problem is keyboard-chair. And the devil mentioned is the network loop.

 

Once you made the next step on the network learning - it's Q.E.D.

 

Enjoy!

 

Regards,

-Kurt

Model: GS108PEv3|ProSafe Gigabit Plus switch with PoE
Message 2 of 2
Top Contributors
Discussion stats
  • 1 reply
  • 623 views
  • 0 kudos
  • 2 in conversation
Announcements