Vlan between a windows pc and raspbian

grip
grip Posts: 10  Freshman Member
First Comment Friend Collector First Anniversary
edited January 2023 in Switch
Hi,
I've just bought a GS1200-8 to start experimenting with VLANs at home.

I'm trying to make this scenario work:
- 2 host 
- 1 GS1200-8 switch

I've created the VLAN 10 on the switch and assigned ports 1,2,3 and 7 to it as untagged.
Ports 3 to 8 remains on the default VLAN 1.
(see image)

Windows PC connected on port 7
Raspbian Raspberry Pi connected on port 3

VLAN 10 has subnet 192.168.10.0/24
VLAN 1   has subnet 192.168.1.0/24

On windows PC I've configured the single physical interface (RTL8111H) using the realtek utility, such utility has created a new virtual interface with VLAN ID 10 (I think tagged) and left the original one untouched.
I remade the protocol bindings to assign IP 192.168.10.100 to the interface with VLAN ID 10 and 192.168.1.156 (dhcp) to the other

On Raspbian I left the existing eth0 with no tag and the static IP of 192.168.1.212  and created an eth0.10 with IP 192.168.10.10 

that's the output of "ip -d a show" 

 eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 68 maxmtu 9000 numtxqueues 1 numrxqueues 1 gso_max_size 8824 gso_max_segs 65535
    inet 192.168.1.212/24 brd 192.168.1.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::/64 scope link
       valid_lft forever preferred_lft forever
eth0.10@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 0 maxmtu 65535
    vlan protocol 802.1Q id 10 <REORDER_HDR> numtxqueues 1 numrxqueues 1 gso_max_size 8824 gso_max_segs 65535
    inet 192.168.10.10/24 brd 192.168.10.255 scope global noprefixroute eth0.10
       valid_lft forever preferred_lft forever
    inet6 fe80::/64 scope link
       valid_lft forever preferred_lft forever


what it is working are the communications using subnet 192.168.1.0/24 (ping ok, ssh ok)

nothing works on subnet 192.168.10.0/24, no ping, no arp .

what am I doing wrong?

any help will be appreciated.

Regards


«1

All Replies

  • PeterUK
    PeterUK Posts: 3,389  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited January 2023
    To route between subnets you need a router with VLAN support
  • grip
    grip Posts: 10  Freshman Member
    First Comment Friend Collector First Anniversary
    Hi Peter,
    thanks for you kind reply.

    I'm not trying to route btw vlans.

    I'm trying to reach from eth0.10 (VLAN10 - port 3) to Windows PC (VLAN10 - port 7)
    so the communication will be over the same subnet: 192.168.10.10 <--> 192.168.10.100

    I've tried from RPi with ping -I eth0.10 192.168.10.100 but with no success, even tcpdump -i eth0.10 -vv sees just the arp requests without any reply whatsoever.

    I know that as it is configured now eth0 does not add any tag to the frame so I leaved the PVID 1.

    I'm stuck figuring out if I have to make any changes on the switch config or may be something on the hosts...

    regards and thank you for your help.
  • PeterUK
    PeterUK Posts: 3,389  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Its likely you got the wrong switch and you need Port-based VLAN then 802.1Q VLAN.

    Draw out what you want done.


  • grip
    grip Posts: 10  Freshman Member
    First Comment Friend Collector First Anniversary



    the diagram is above and what I'd like to do is to be able to ping from one host to the other over VLAN10.
    Right now it works only on VLAN1.


  • PeterUK
    PeterUK Posts: 3,389  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited January 2023

    Not sure it will work but set tag on ports 3 and 7 on the switch for VLAN10.

    is the windows setup with VLAN tagging? 192.168.1.156 should be untagged

    After testing here as long as both clients do tagging on the interface it will work. 


  • Zyxel_Nami
    Zyxel_Nami Posts: 656  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Engineer Level 1 - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    edited February 2023

    Hi @grip,

    Based on your diagram, VLAN 10 on port 3 and port 7 of Switch is untagged that will remove VLAN tag on the outgoing frame, then 192.168.10.10 and 192.168.10.100 couldn’t reach each other because when the packets came out of Switch, they didn’t carry with any VLAN tag and they should be dropped by end devices on both sides if the NIC can't recognize VLAN tagged. Therefore, we’d like to advise you to change VLAN 10 on port 3 and port 7 is tagged as @PeterUK suggested. 

    If there are any issues, please let us know. 

    241015_Speak-up,-Win-WiFi-7_Community-CSO-signature_1920x200.jpg

    Share your feedback through our survey, make your voice heard, and win a WiFi 7 AP!

    https://bit.ly/2024_Survey_Community

    Nami

  • grip
    grip Posts: 10  Freshman Member
    First Comment Friend Collector First Anniversary
    Hi,
    thank you again for your time.
    I did what you suggested and now the situation is the following



    ping output to RPi on VLAN1 on windows host:

    Esecuzione di Ping 192.168.1.212 con 32 byte di dati:
    Risposta da 192.168.1.212: byte=32 durata<1ms TTL=64
    Risposta da 192.168.1.212: byte=32 durata<1ms TTL=64
    Risposta da 192.168.1.212: byte=32 durata<1ms TTL=64
    Risposta da 192.168.1.212: byte=32 durata<1ms TTL=64

    Statistiche Ping per 192.168.1.212:
        Pacchetti: Trasmessi = 4, Ricevuti = 4,
        Persi = 0 (0% persi),
    Tempo approssimativo percorsi andata/ritorno in millisecondi:
        Minimo = 0ms, Massimo =  0ms, Medio =  0ms

    ping output to RPi on VLAN10 on windows host:

    Esecuzione di Ping 192.168.10.10 con 32 byte di dati:
    Richiesta scaduta.
    Richiesta scaduta.
    Richiesta scaduta.
    Richiesta scaduta.

    Statistiche Ping per 192.168.10.10:
        Pacchetti: Trasmessi = 4, Ricevuti = 0,
        Persi = 4 (100% persi),

    arp -a on windows host:

    Interfaccia: 192.168.10.100 --- 0x30
      Indirizzo Internet    Indirizzo fisico      Tipo
      192.168.10.255        ff-ff-ff-ff-ff-ff     statico
      224.0.0.22            01-00-5e-00-00-16     statico
      224.0.0.251           01-00-5e-00-00-fb     statico
      224.0.0.252           01-00-5e-00-00-fc     statico
      239.255.255.250       01-00-5e-7f-ff-fa     statico
      255.255.255.255       ff-ff-ff-ff-ff-ff     statico

    ping output to Windows on VLAN1 on RPi host:

    PING 192.168.1.156 (192.168.1.156) 56(84) bytes of data.
    64 bytes from 192.168.1.156: icmp_seq=1 ttl=128 time=0.614 ms
    64 bytes from 192.168.1.156: icmp_seq=2 ttl=128 time=0.490 ms
    64 bytes from 192.168.1.156: icmp_seq=3 ttl=128 time=0.480 ms
    64 bytes from 192.168.1.156: icmp_seq=4 ttl=128 time=0.482 ms
    64 bytes from 192.168.1.156: icmp_seq=5 ttl=128 time=0.497 ms
    64 bytes from 192.168.1.156: icmp_seq=6 ttl=128 time=0.465 ms
    64 bytes from 192.168.1.156: icmp_seq=7 ttl=128 time=0.480 ms
    64 bytes from 192.168.1.156: icmp_seq=8 ttl=128 time=0.520 ms

    --- 192.168.1.156 ping statistics ---
    8 packets transmitted, 8 received, 0% packet loss, time 7304ms
    rtt min/avg/max/mdev = 0.465/0.503/0.614/0.044 ms

    ping output to Windows on VLAN10 on RPi host (using -I eth0.10):

    PING 192.168.10.100 (192.168.10.100) from 192.168.10.10 eth0.10: 56(84) bytes of data.
    From 192.168.10.10 icmp_seq=1 Destination Host Unreachable
    From 192.168.10.10 icmp_seq=2 Destination Host Unreachable
    From 192.168.10.10 icmp_seq=3 Destination Host Unreachable
    From 192.168.10.10 icmp_seq=4 Destination Host Unreachable
    From 192.168.10.10 icmp_seq=5 Destination Host Unreachable
    From 192.168.10.10 icmp_seq=6 Destination Host Unreachable

    --- 192.168.10.100 ping statistics ---
    7 packets transmitted, 0 received, +6 errors, 100% packet loss, time 6257ms

    arp -e on RPi host:

    192.168.10.100                   (incomplete)                              eth0.10
    192.168.1.156            ether   xx:xx:xx:xx:xx:xx   C                     eth0

    so nothing is changed from before, ping on VLAN10 still does not get through.

    Any ideas?!

    Regards







  • Zyxel_Nami
    Zyxel_Nami Posts: 656  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Engineer Level 1 - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @grip,

    In reference to the first message specifying vlan protocol 802.1Q id 10 on eth0.10@eth0 part, we believe that Raspbian Raspberry Pi can support VLAN tag and can send VLAN tag packet. Therefore, we would like to check on Windows if NIC RTL8111H is really possible to add VLAN tag or not, so could you please change PVID into PVID 10 and untagged VLAN 10 on port 7?  

    If 192.168.10.10 and 192.168.10.100 can ping each other after the test above, please check your configuration for VLAN 10 tagged on Realtek utility.  

    By the way, would you share us more information about the Realtek utility you mentioned early such as name or download link are all appreciated? We would like to reproduce similar environment if there still are problems after you test PVID 10 and check on Realtek utility.

    241015_Speak-up,-Win-WiFi-7_Community-CSO-signature_1920x200.jpg

    Share your feedback through our survey, make your voice heard, and win a WiFi 7 AP!

    https://bit.ly/2024_Survey_Community

    Nami

  • grip
    grip Posts: 10  Freshman Member
    First Comment Friend Collector First Anniversary
    Hi Nami,
    I also have doubts that the Windows system is correctly tagging packets but I don't know how to verify this.

    I did what you suggested with PVID but nothing changed



    The Realtek utility is the one you can download from this page https://www.realtek.com/en/component/zoo/category/network-interface-controllers-10-100-1000m-gigabit-ethernet-pci-express-software

    and the file name is "Diagnostic Program for Win7/Win8/Win10/Win11"

    Hope you will find something useful to solve this behaviour.

    Regards
  • Zyxel_Nami
    Zyxel_Nami Posts: 656  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Engineer Level 1 - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    edited January 2023
    Hi @grip

    Thanks for your sharing. We will reproduce the environment with the information of Realtek utility you provided. While waiting for our test, we advise that you may check the packet frame by Wireshark on both hosts to see if the packets sending from these two hosts are really added VLAN 10 tags or not. 

    In addition, you can give a try on port 3 settings that changing into PVID 10 and untagged VLAN 10, then the configuration of VLAN 1 and VLAN 10 will be the same.

    After that, if VLAN 10 hosts can ping each other, the configuration on RPi's eth0.10@eth0 should be looked over, therefore please also provide us the configuration step of VLAN on this interface.

    Best Regards

    241015_Speak-up,-Win-WiFi-7_Community-CSO-signature_1920x200.jpg

    Share your feedback through our survey, make your voice heard, and win a WiFi 7 AP!

    https://bit.ly/2024_Survey_Community

    Nami

Categories

Switch Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)