GS1900 port VLAN ingress filtering vs trunk options
Hi,
I have an GS1900-8 with which I have been very satisfied.
However, I have read the manual and searched the forums and I'm uncertain on one thing. Does ingress filtering negate effects of enabling trunk?
AIUI:
- trunk enabled: permits the port to pass unknown VLAN tags.
- ingress filtering enabled: disallows packets with a vlan tag not associated in any way with the port concerned.
What is the outcome of both these options enabled on a port/lag?
Any help much appreciated!
Thanks.
0
All Replies
-
Hi @darcey,
Welcome to Zyxel Community!VLAN Trunking
1. VLAN trunk also known as VLAN trunking that helps your switch receives and forwards unknown VLAN, for example:- Settings: Enable VLAN trunking on port 1 & port 2 of Switch-B.
- Task: Switch-A sends a frame with VLAN 20 tag to Switch-C.
- Explanation: When Switch-B receives a frame containing tagged VLAN 20 from Switch-A, it will forward the frame directly to Switch-C although Switch-B has no VLAN 20 in its VLAN table.
2. Given another instance is that if you aware of other switch brand has "allowed VLAN 1-4094" command in switchport setting, enabling VLAN trunking can reach the same goal.Ingress Filtering
Ingress filtering also known as Ingress Check that verifies every single frame receives from a switchport to see if VLAN tag in the frame is matched with port PVID.- If so, then pass.
- If not, then drop.
Kindly provide our new online help description, it might give you better understanding regarding Ingress Filtering and VLAN Trunk.Ingress Filtering
If set, the Switch discards incoming frames for VLANs that do not have this port as a member.VLAN TrunkEnable VLAN Trunking on ports connected to other switches or routers (but not ports directly connected to end users) to allow frames belonging to unknown VLAN groups to pass through the Switch.Hope it helps.Adam
0 -
Thanks Adam.So it seems to me that 'Ingress check' and 'VLAN trunk' are mutually exclusive. i.e. It does not make sense to enable both, at the same time, for a given port. Would that be right?Also, if this is the case and you did enable both, what is the resultant behaviour of the port/switch?I realise I could set up a test to answer this question myself. However, I'm struggling to devise one due to lack of knowledge or hardware.0
-
Hi @darcey
We can help to setup a test and check it out, please log a ticket on Support for this action:
https://support.zyxel.eu/hc/en-us/requests/new?ticket_form_id=114093996354
Regards,
Tobias0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight