XS 1930 no policy route in ACL?

user456

HI

I am trying to setup a classifier and policy route as from the Zyxel tutorial below to forward traffic from one vlan to the other, or deny from one vlan to the other.

it was easy to setup the classifier, but then in policy rules, there is no sequence or next hop to define where to send the traffic. So, maybe the nomenclature is changed in XS1930, can you please help how to setup a rule configuration as in the Zyxel example below?

many thanks!!

===zyxel tutorial: Article ID 011483

e. Create profile name on "Policy Routing" page named "Routing".

f. Click "Rule Configuration".

g. Set up Sequence as 1.

h. Choose classifier "Office A to NAS".

i. Set up next hop as 192.168.30.1 then click "Add" to add the rule.

j. Set up sequence as 2.

k. Chose classifier "Office B to NAS".

l. Set up next hop as 192.168.30.1 then click "Add" to add the rule.

n. Set up sequence as 3.

m

Zyxel_Melen

Hi @user456,

Since the XS1930 is a lite-L3 switch, it does not support the policy route function but only the static route function.

However, your purpose “forward traffic from one vlan to the other, or deny from one vlan to the other.” could be done by the classifier and policy rule. You don't need to set a policy route.

You could reference this FAQ to set up. Please feel free to ask if there have any questions.

user456

hi would this be included in the additional L3 license pack? thanks!

user456

And additionally: our problem is that the switch does not give access between the different VLans. Thus, with classifier and policy rule, we can just configure how some traffic will be blocked, but how to configure that the VLans can see each other?

Zyxel_Melen

Hi @user456,

To access different VLANs, you need the inter-VLAN route function. However, the XS1930 switch does not support this function. You will need a router/firewall to route the traffic between different VLANs.

Furthermore, the access L3 license pack does not include the policy route or inter-VLAN route functionality. You could check our datasheet or XS1930 features page for more information about what function does access L3 license support.

user456

hi, too bad, but thanks. do you have a recommendation for a L3 switch who support this basic inter-VLAN route functionality? I thought it's kind of standard nowadays…
BTW: I don't know why but the VLANs can see each other now without any additional router. How can this be explained if the switch does not have this functionality? many thanks!

mMontana

Hi @user456, would you please describe what “basic inter-VLAN route functionality” means?
AFAIK static inter-VLAN route functionality is already on the switch. Currently the policy is what you're looking for.

So i don't understand what “basic” should mean.

Zyxel_Melen

Hi @user456

Apologize for the misleading.
I confirm again and found that XS1930 supports the inter-VLAN route.

Please feel free to setup the VLAN IP interface and configure the VLAN IP as your client's default gateway IP address.

sp2001

Hi, I've configured vlan routing, but performance is very bad, something like 30mbit/s is this normal ?

If those are the expected performance it is unusable.

let me know

best regards

SP

Zyxel_Melen

Hi @sp2001,

Could you share your configuration and the test method (like your PC's OS and the adapter information) with me to clarify?

Zyxel_Melen

Hi @sp2001,

I did a local test and found that the file transfer speed is about 80 MB/s in 1G link speed.

Could you share how did you test the performance?