Feature request: PVID 0 = drop non tagged incoming packet
I'm currently testing GS1200 serie switches.
Let's pretend I wanted Port 1 to be connected to another switch and transport VLANS 100,200,300
The configuration is straight forward, just tagging egress packets for the 3 vlans on Port 1 does the work.
BUT the web interface still require us to define the PVID for port 1 which I understand is the default VLAN for untagged packets.
BUT I dont want any untagged packets to enter the switch on that port, this should not happen in my scenario and it is scary to know that the switch will allow untagged packets and map them to a vlan.
I found a work around by creating an isolation VLAN like VLAN 666 with no port member and defined it as the PVID for port 1
But that's cumbersome.
My feature request:
If we set the PVID as 0 for a port, it will reject any untagged packet.
Accepted Solution
-
Hello @Himred
Currently, Zyxel does not support the use of VLAN 0 as a PVID for dropping non-tagged incoming packets, as this is not aligned with the standard VLAN configurations which do not include VLAN 0.
As you mentioned, the workaround is to configure a separate VLAN that is not in use for any other purpose and set it as the PVID on the ports where you want to drop non-tagged packets. This way, any incoming untagged packets will be assigned to this isolated VLAN, effectively segregating them from your main network traffic.
If you have any further questions, feel free to reach out.
Thanks!
Engage in the Community, become an MVP, and win exclusive prizes!
Nami
0
Zyxel Employee
All Replies
-
Hello @Himred
Currently, Zyxel does not support the use of VLAN 0 as a PVID for dropping non-tagged incoming packets, as this is not aligned with the standard VLAN configurations which do not include VLAN 0.
As you mentioned, the workaround is to configure a separate VLAN that is not in use for any other purpose and set it as the PVID on the ports where you want to drop non-tagged packets. This way, any incoming untagged packets will be assigned to this isolated VLAN, effectively segregating them from your main network traffic.
If you have any further questions, feel free to reach out.
Thanks!
Engage in the Community, become an MVP, and win exclusive prizes!
Nami
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
