<SOLVED> VLAN: broadcast and multicast packet handling on the XGS1210-12

eolo
eolo Posts: 35  Freshman Member
First Comment Friend Collector First Anniversary
edited February 2023 in Switch
I configured my XGS1210-12 with 3 VLAN, vlan 1, 17 and 835 (see attached image).

VLAN 17 is untagged on port 1-9 and tagged on port 11 and 12.
VLAN 835 is tagged on port 10, 11 and 12.
VLAN 1 in untagged on port 10, 11 and 12.

All is running as expected, but when i checked with packet capture i noticed that the VLAN 17 multicast and broadcast traffic is forwarded on all access port of other VLANs, so the untagged traffic on port 10 is the VLAN 1 traffic plus the multicast and broadcast traffic of VLAN 17. And on ports 11 and 12 the broadcast and multicast traffic of VLAN17 is present twice, tagged (correct) and untagged (forwarded on VLAN 1).

I think it's a bug, how can I request Zyxel support the bug correction?
I'm using a date firmware version (V1.00(ABTY.6)_20220928), thats solves another VLAN bug explained here: https://community.zyxel.com/en/discussion/14435/vlan-tagged-frame-handling-on-the-xgs1210-12/p1

This bug leads to security and performance issues (duplicate traffic).





Best Answers

  • Zyxel_Nami
    Zyxel_Nami Posts: 659  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Engineer Level 1 - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    Answer ✓

    Hi @eolo  

    Basing on your provided firmware version and VLAN configuration screenshots, we did a test on our XGS1210-12 between port 5 (VLAN 17) and port 10 (VLAN 1, 835) by sending broadcast packets between PC A and PC B. As we observed packet by Wireshark, there are not any packets forwarding from these two stations.  

    In order to investigate and solve your problems, we would like to send you a private message to ask about your topology, running-config and Wireshark screenshots or packet file directly.  

    Best Regards, 

    Nami  

    Nami

  • eolo
    eolo Posts: 35  Freshman Member
    First Comment Friend Collector First Anniversary
    Answer ✓
    Sorry, it was my mistake, to capture the traffic I used port mirroring without removing the monitor port from the vlan. I removed the monitor port from the vlan and now it works as expected. Thanks for the quick support.

All Replies

  • Zyxel_Nami
    Zyxel_Nami Posts: 659  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Engineer Level 1 - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    Answer ✓

    Hi @eolo  

    Basing on your provided firmware version and VLAN configuration screenshots, we did a test on our XGS1210-12 between port 5 (VLAN 17) and port 10 (VLAN 1, 835) by sending broadcast packets between PC A and PC B. As we observed packet by Wireshark, there are not any packets forwarding from these two stations.  

    In order to investigate and solve your problems, we would like to send you a private message to ask about your topology, running-config and Wireshark screenshots or packet file directly.  

    Best Regards, 

    Nami  

    Nami

  • eolo
    eolo Posts: 35  Freshman Member
    First Comment Friend Collector First Anniversary
    Answer ✓
    Sorry, it was my mistake, to capture the traffic I used port mirroring without removing the monitor port from the vlan. I removed the monitor port from the vlan and now it works as expected. Thanks for the quick support.

Categories

Switch Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)