<SOLVED> VLAN: broadcast and multicast packet handling on the XGS1210-12

eolo

I configured my XGS1210-12 with 3 VLAN, vlan 1, 17 and 835 (see attached image).

VLAN 17 is untagged on port 1-9 and tagged on port 11 and 12.

VLAN 835 is tagged on port 10, 11 and 12.

VLAN 1 in untagged on port 10, 11 and 12.

All is running as expected, but when i checked with packet capture i noticed that the VLAN 17 multicast and broadcast traffic is forwarded on all access port of other VLANs, so the untagged traffic on port 10 is the VLAN 1 traffic plus the multicast and broadcast traffic of VLAN 17. And on ports 11 and 12 the broadcast and multicast traffic of VLAN17 is present twice, tagged (correct) and untagged (forwarded on VLAN 1).

I think it's a bug, how can I request Zyxel support the bug correction?

I'm using a date firmware version (V1.00(ABTY.6)_20220928), thats solves another VLAN bug explained here: https://community.zyxel.com/en/discussion/14435/vlan-tagged-frame-handling-on-the-xgs1210-12/p1

This bug leads to security and performance issues (duplicate traffic).

Zyxel_Nami

Hi @eolo  

Basing on your provided firmware version and VLAN configuration screenshots, we did a test on our XGS1210-12 between port 5 (VLAN 17) and port 10 (VLAN 1, 835) by sending broadcast packets between PC A and PC B. As we observed packet by Wireshark, there are not any packets forwarding from these two stations.  

In order to investigate and solve your problems, we would like to send you a private message to ask about your topology, running-config and Wireshark screenshots or packet file directly.  

Best Regards, 

Nami  

eolo

Sorry, it was my mistake, to capture the traffic I used port mirroring without removing the monitor port from the vlan. I removed the monitor port from the vlan and now it works as expected. Thanks for the quick support.