XGS1250-12, router-on-a-stick, and VLAN trunking
Options
I recently purchased the XGS1250-12 and need some help with configuring VLANs.
In short, I have a cable modem with a single multi-gig Ethernet port, which I plan to connect to port 10 on the XGS1250-12.
Then, I have a connection between port 11 and a router, that will be configured as a router-on-a-stick, to NAT Internet traffic for my LAN back to the XGS1250-12's remaining ports.
I created VLAN 100 on the XGS1250-12. Because the cable modem doesn't know anything about VLANs, I set PVID on port 10 to 100. Correct?
What else must be done on the XGS? I believe port 11 needs to be configured as a trunk port, but I don't know how that is done.
Anything else I'm missing, as far as the switch-side is concerned?
In short, I have a cable modem with a single multi-gig Ethernet port, which I plan to connect to port 10 on the XGS1250-12.
Then, I have a connection between port 11 and a router, that will be configured as a router-on-a-stick, to NAT Internet traffic for my LAN back to the XGS1250-12's remaining ports.
I created VLAN 100 on the XGS1250-12. Because the cable modem doesn't know anything about VLANs, I set PVID on port 10 to 100. Correct?
What else must be done on the XGS? I believe port 11 needs to be configured as a trunk port, but I don't know how that is done.
Anything else I'm missing, as far as the switch-side is concerned?
0
All Replies
-
Hi @ObliteRon,
Welcome to Zyxel Community.
I will help you to answer your question one by one:
For configuring the VLAN and PVID to port 10 of XGS1250-12 is correct.I created VLAN 100 on the XGS1250-12. Because the cable modem doesn't know anything about VLANs, I set PVID on port 10 to 100. Correct?I have a connection between port 11 and a router, that will be configured as a router-on-a-stick, to NAT Internet traffic for my LAN back to the XGS1250-12's remaining ports.
Do you mean that when the traffic from XGS1250 goes to the "router" to do NAT, and the traffic will back to the XGS1250 via the same cable then goes to the Internet via your modem? If it's the case, we suggest you to separate the WAN and LAN traffic between router and XGS1250 by connecting one more cable and assign different VLAN ID for them.
Please correct me if I am wrong on your scenario.Adam
0 -
Yes, I agree it would be easier if I had two connections between the router and the XGS1250, however my router only has a single SFP+ connection, plus 8 GbE connections, and I want to be able to utilize >1GbE Internet service. Hence, why I need to use the single connection.Nebula_Adam said:I have a connection between port 11 and a router, that will be configured as a router-on-a-stick, to NAT Internet traffic for my LAN back to the XGS1250-12's remaining ports.
Do you mean that when the traffic from XGS1250 goes to the "router" to do NAT, and the traffic will back to the XGS1250 via the same cable then goes to the Internet via your modem? If it's the case, we suggest you to separate the WAN and LAN traffic between router and XGS1250 by connecting one more cable and assign different VLAN ID for them.
Please correct me if I am wrong on your scenario.0 -
@ObliteRon
Thanks for your reply.
Now I understand the reason for only connecting singe link from switch to router.
If you would like to implement this scenario, you may check if your router is able to assign multiple VLANs on the same port and give each VLAN a subnet.
For our switch, it needs to create VLANs and tagged all VLANs for port 11.Adam
0 -
@Nebula_Adam
Is it enough to have VLAN1 for my LAN traffic and VLAN100 for the Internet/cable modem? Or do I need a third VLAN?
And then, how exactly should I set each port on the VLAN settings page of the XGS1250-12? I see for each port and each VLAN, I can set Non-Member, Tag Egress Member, and Untag Egress Member.
0 -
@ObliteRon,
For VLAN 1, it depends on if you need to separate your LAN traffic or not. For instance, split the traffic of voice and data on LAN. The VLAN 100 between switch and modem will not be an issue.Is it enough to have VLAN1 for my LAN traffic and VLAN100 for the Internet/cable modem? Or do I need a third VLAN?
As you can see these 3 members are differentiate by color.how exactly should I set each port on the VLAN settings page of the XGS1250-12? I see for each port and each VLAN, I can set Non-Member, Tag Egress Member, and Untag Egress Membe
- non-member is to forbidden traffic on a VLAN.
- Tag Egress Member is to make a port tagged out.
- Untag Egress Member is to make a port untagged out
Adam
0
Freshman Member
Categories
- All Categories
- 439 Beta Program
- 2.8K Nebula
- 199 Nebula Ideas
- 125 Nebula Status and Incidents
- 6.3K Security
- 495 USG FLEX H Series
- 322 Security Ideas
- 1.6K Switch
- 83 Switch Ideas
- 1.3K Wireless
- 48 Wireless Ideas
- 6.8K Consumer Product
- 286 Service & License
- 456 News and Release
- 89 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 95 Security Highlight
