FLEX 700h and VLAN

Rösti

Hello there,

Setting up fresh Flex700H and stuck with VLAN basics.

Just have added a new VLAN IF (physical interface is added automatically under general section). Below are screenshots from Network Status - Interface and Network - Interface section. Why the first screenshot does not show port member as it is setup on the second one?

I'm trying to use this VLAN and it's DHCP server to obtain in-band management IP for XS3800, but sniffing packets on FW shows DHCP requests are landing on general interface and not the vlan one. Due to the display issue above I'm unsure whether setup is wrong on FW or switch sides. SW side is obviously configured with the same VLAN/VID.

Actually I did exactly the same setup back in the days with older Zyxel generation hardware and there were no issues.

Any hints?

Thank you

PeterUK

Likely just a display bug for VLAN types but VLAN's do work

Zyxel_Melen

Hi @Rösti

May I know:

1. If the port on XS3800 that connect to USG FLEX 700H is VLAN 200 tagged?
2. Did you add VLAN 200 interface in the management interface of the XS3800?

Since VLAN interfaces receive and send tagged frames, the switch side needs to set tagged for this VLAN.

Update:

The member info of VLAN interface lack issue on page Network Status - Interface and Network is a bug and will be fixed in the future firmware release.

Rösti

Found the problem, but, boy, why it is so complicated?

So long story short: configured management vlan on usg flex. Configured management (dhcp) IP in the same vlan on the switch (and it required me to create static vlan first). I set uplink port of the switch as trunk, assuming it is usual trunk behavior and no igress filtering applied.

But it seems the switch does not allow frames over trunk port for static vlans, which are explicitly created and for which trunk port is not a fixed member of.

Is it usual behavior and I need to update my knowledge of trunks or is it something specific to Zyxel?

PeterUK

It seems lots of people think trunk setting dose it all not that I have ever used a trunk so maybe I'm wrong in when to use or need it.

My understanding of truck is say you have three switches

switch1 > switch2 > swich3

You have VLAN's on switch1 you want over at switch3 this is were you trunk the ports on switch2

Rösti

Trunk is "to allow frames belonging to unknown VLAN groups to pass through the Switch" - from Zyxel manual. This is to reduce configuration timing in a case of a big amount of VLANs or switches, which, otherwise, one would need to configure consistently one by one for every VLAN expected to pass through and on every unit in chain. And ticking off trunk option on both peers' ports really shall does it all. But in Zyxel case seems with an exception as I described above. Likely because having management static vlan makes it being "known" to switch and so is excluded form the definition scope of Zyxel trunk port.