Vlan between a windows pc and raspbian
I've just bought a GS1200-8 to start experimenting with VLANs at home.
I'm trying to make this scenario work:
- 2 host
- 1 GS1200-8 switch
I've created the VLAN 10 on the switch and assigned ports 1,2,3 and 7 to it as untagged.
Ports 3 to 8 remains on the default VLAN 1.
VLAN 10 has subnet 192.168.10.0/24
VLAN 1 has subnet 192.168.1.0/24
On windows PC I've configured the single physical interface (RTL8111H) using the realtek utility, such utility has created a new virtual interface with VLAN ID 10 (I think tagged) and left the original one untouched.
I remade the protocol bindings to assign IP 192.168.10.100 to the interface with VLAN ID 10 and 192.168.1.156 (dhcp) to the other
On Raspbian I left the existing eth0 with no tag and the static IP of 192.168.1.212 and created an eth0.10 with IP 192.168.10.10
that's the output of "ip -d a show"
what it is working are the communications using subnet 192.168.1.0/24 (ping ok, ssh ok)
nothing works on subnet 192.168.10.0/24, no ping, no arp .
what am I doing wrong?
any help will be appreciated.
Regards
All Replies
-
To route between subnets you need a router with VLAN support0
-
Hi Peter,thanks for you kind reply.I'm not trying to route btw vlans.I'm trying to reach from eth0.10 (VLAN10 - port 3) to Windows PC (VLAN10 - port 7)so the communication will be over the same subnet: 192.168.10.10 <--> 192.168.10.100I've tried from RPi with ping -I eth0.10 192.168.10.100 but with no success, even tcpdump -i eth0.10 -vv sees just the arp requests without any reply whatsoever.I know that as it is configured now eth0 does not add any tag to the frame so I leaved the PVID 1.I'm stuck figuring out if I have to make any changes on the switch config or may be something on the hosts...regards and thank you for your help.0
-
Its likely you got the wrong switch and you need Port-based VLAN then 802.1Q VLAN.
Draw out what you want done.
0 -
the diagram is above and what I'd like to do is to be able to ping from one host to the other over VLAN10.Right now it works only on VLAN1.0
-
Not sure it will work but set tag on ports 3 and 7 on the switch for VLAN10.
is the windows setup with VLAN tagging? 192.168.1.156 should be untagged
After testing here as long as both clients do tagging on the interface it will work.
0 -
Hi @grip,
Based on your diagram, VLAN 10 on port 3 and port 7 of Switch is untagged that will remove VLAN tag on the outgoing frame, then 192.168.10.10 and 192.168.10.100 couldn’t reach each other because when the packets came out of Switch, they didn’t carry with any VLAN tag and they should be dropped by end devices on both sides if the NIC can't recognize VLAN tagged. Therefore, we’d like to advise you to change VLAN 10 on port 3 and port 7 is tagged as @PeterUK suggested.
If there are any issues, please let us know.
See how you've made an impact in Zyxel Community this year!
Nami
0 -
Hi,thank you again for your time.I did what you suggested and now the situation is the followingping output to RPi on VLAN1 on windows host:Esecuzione di Ping 192.168.1.212 con 32 byte di dati:
Risposta da 192.168.1.212: byte=32 durata<1ms TTL=64
Risposta da 192.168.1.212: byte=32 durata<1ms TTL=64
Risposta da 192.168.1.212: byte=32 durata<1ms TTL=64
Risposta da 192.168.1.212: byte=32 durata<1ms TTL=64
Statistiche Ping per 192.168.1.212:
Pacchetti: Trasmessi = 4, Ricevuti = 4,
Persi = 0 (0% persi),
Tempo approssimativo percorsi andata/ritorno in millisecondi:
Minimo = 0ms, Massimo = 0ms, Medio = 0msping output to RPi on VLAN10 on windows host:
Esecuzione di Ping 192.168.10.10 con 32 byte di dati:
Richiesta scaduta.
Richiesta scaduta.
Richiesta scaduta.
Richiesta scaduta.
Statistiche Ping per 192.168.10.10:
Pacchetti: Trasmessi = 4, Ricevuti = 0,
Persi = 4 (100% persi),arp -a on windows host:Interfaccia: 192.168.10.100 --- 0x30
Indirizzo Internet Indirizzo fisico Tipo
192.168.10.255 ff-ff-ff-ff-ff-ff statico
224.0.0.22 01-00-5e-00-00-16 statico
224.0.0.251 01-00-5e-00-00-fb statico
224.0.0.252 01-00-5e-00-00-fc statico
239.255.255.250 01-00-5e-7f-ff-fa statico
255.255.255.255 ff-ff-ff-ff-ff-ff staticoping output to Windows on VLAN1 on RPi host:PING 192.168.1.156 (192.168.1.156) 56(84) bytes of data.
64 bytes from 192.168.1.156: icmp_seq=1 ttl=128 time=0.614 ms
64 bytes from 192.168.1.156: icmp_seq=2 ttl=128 time=0.490 ms
64 bytes from 192.168.1.156: icmp_seq=3 ttl=128 time=0.480 ms
64 bytes from 192.168.1.156: icmp_seq=4 ttl=128 time=0.482 ms
64 bytes from 192.168.1.156: icmp_seq=5 ttl=128 time=0.497 ms
64 bytes from 192.168.1.156: icmp_seq=6 ttl=128 time=0.465 ms
64 bytes from 192.168.1.156: icmp_seq=7 ttl=128 time=0.480 ms
64 bytes from 192.168.1.156: icmp_seq=8 ttl=128 time=0.520 ms
--- 192.168.1.156 ping statistics ---
8 packets transmitted, 8 received, 0% packet loss, time 7304ms
rtt min/avg/max/mdev = 0.465/0.503/0.614/0.044 msping output to Windows on VLAN10 on RPi host (using -I eth0.10):PING 192.168.10.100 (192.168.10.100) from 192.168.10.10 eth0.10: 56(84) bytes of data.
From 192.168.10.10 icmp_seq=1 Destination Host Unreachable
From 192.168.10.10 icmp_seq=2 Destination Host Unreachable
From 192.168.10.10 icmp_seq=3 Destination Host Unreachable
From 192.168.10.10 icmp_seq=4 Destination Host Unreachable
From 192.168.10.10 icmp_seq=5 Destination Host Unreachable
From 192.168.10.10 icmp_seq=6 Destination Host Unreachable
--- 192.168.10.100 ping statistics ---
7 packets transmitted, 0 received, +6 errors, 100% packet loss, time 6257msarp -e on RPi host:192.168.10.100 (incomplete) eth0.10192.168.1.156 ether xx:xx:xx:xx:xx:xx C eth0so nothing is changed from before, ping on VLAN10 still does not get through.Any ideas?!
Regards
0 -
Hi @grip,
In reference to the first message specifying vlan protocol 802.1Q id 10 on eth0.10@eth0 part, we believe that Raspbian Raspberry Pi can support VLAN tag and can send VLAN tag packet. Therefore, we would like to check on Windows if NIC RTL8111H is really possible to add VLAN tag or not, so could you please change PVID into PVID 10 and untagged VLAN 10 on port 7?
If 192.168.10.10 and 192.168.10.100 can ping each other after the test above, please check your configuration for VLAN 10 tagged on Realtek utility.
By the way, would you share us more information about the Realtek utility you mentioned early such as name or download link are all appreciated? We would like to reproduce similar environment if there still are problems after you test PVID 10 and check on Realtek utility.
See how you've made an impact in Zyxel Community this year!
Nami
0 -
Hi Nami,
I also have doubts that the Windows system is correctly tagging packets but I don't know how to verify this.
I did what you suggested with PVID but nothing changed
The Realtek utility is the one you can download from this page https://www.realtek.com/en/component/zoo/category/network-interface-controllers-10-100-1000m-gigabit-ethernet-pci-express-software
and the file name is "Diagnostic Program for Win7/Win8/Win10/Win11"
Hope you will find something useful to solve this behaviour.
Regards0 -
Hi @grip
Thanks for your sharing. We will reproduce the environment with the information of Realtek utility you provided. While waiting for our test, we advise that you may check the packet frame by Wireshark on both hosts to see if the packets sending from these two hosts are really added VLAN 10 tags or not.
In addition, you can give a try on port 3 settings that changing into PVID 10 and untagged VLAN 10, then the configuration of VLAN 1 and VLAN 10 will be the same.
After that, if VLAN 10 hosts can ping each other, the configuration on RPi's eth0.10@eth0 should be looked over, therefore please also provide us the configuration step of VLAN on this interface.
Best Regards
See how you've made an impact in Zyxel Community this year!
Nami
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight