XS1930 VLAN Trunk, Access, PVID

Options
knebb
knebb Posts: 7
First Anniversary First Comment

Hi,

I am using my XS1390-10 with a SFP module to access the fibre conneection of my provider. I need to send the VLAN-ID 1120 with the DHCP request.

So I configured (in Nebula) my port 10 as follows:

Trunk, PVID1120, Allowed VLAN 1120

When I counter-check on the local admin interface of the switch I see the port 10 as "Untagged"! This is not what is to be expected.

Above configuration should transmit every packet with the VLAN-ID of 1120 to my provider. But the port being "Untagged" the switch obviously sends the packets untagged :(
Why does it untag?

As soon as I configure the PVID to a different VLAN (ie 42) I see 42 untagged and 1120 tagged.

I want to have only a single VLAN (1120) where it sends all packets tagged. No other VLNAs should be allowed! Even if an untagged packet comes in it is mapped to 1120 according to my understanding of PVID it will handle untagged packets and tag them if needed.

So is it not possible to have a single tagged VLAN on my port? I have to create. dummy VLAN42 and use it as PVID?

Strange….

/KNEBB

All Replies

  • Zyxel_Melen
    Zyxel_Melen Posts: 1,639  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    edited January 17
    Options

    Hi @knebb,

    Thanks for bringing this to our attention.

    Above configuration should transmit every packet with the VLAN-ID of 1120 to my provider. But the port being "Untagged" the switch obviously sends the packets untagged :(
    Why does it untag?

    This is because the port VLAN ID (PVID) will be set as an untagged VLAN member in current design.

    For more information, please reference this FAQ.

    So is it not possible to have a single tagged VLAN on my port? I have to create. dummy VLAN42 and use it as PVID?

    The current workaround is just like what you find, you need to change the PVID to another VLAN and change the allowed VLAN.

    In addition, to avoid any traffic from this VLAN being forwarded to your network, please configure the allowed VLAN of other ports from "all" to "specific VLANs without this PVID". Therefore, this VLAN will only have one port member and cannot access your network.

    By the way, do you have any suggestions about the VLAN configuration UI/UX? If yes, please share your idea with us.

    Zyxel Melen