Stuck with Vendor-ID-based-VLAN
I think what I am trying to do is not too complicated but I am stuck at a 90% mark
I want to have ports splitting what comes in on its ports from the default VLAN 1 (which has a DHCP server) to VLAN 400 based on the Vendor Mac. From the MAC tables, I have what appears to work but there is no communication between devices on the Vendor vlan (its Dante)
Right now this is the config
Firmware Version = V4.70(ABPI.5) | 10/25/2022
no cloud center discovery
vlan 1
name 1
normal ""
fixed 1-6
forbidden ""
untagged 1-6
ip address default-management dhcp-bootp
exit
vlan 400
name Dante
normal 1-6
fixed ""
forbidden ""
untagged 1-6
exit
interface vlan 1
ipv6
ipv6 address autoconfig
ipv6 address dhcp client ia-naexit
interface vlan 400
ipv6
ipv6 address autoconfig
exit
timesync server 1.pool.ntp.org
timesync ntp
pwr mode consumption
vendor-id-based-vlan name "" source-mac 00:1d:c1:00:00:00 mask ff:ff:ff:00:00:00 vlan 400 priority 3
mac-based-vlan name DM3DanteCntrl source-mac ac:44:f2:a2:c3:38 vlan 400 priority 4
wizard ignore
What happens is that the devices get split as expected and comms on vlan 1 are as expected. Nothing happens on vlan 400 however. Devices can't talk to each other on 400, its like the vendor macs get split off correctly but end up in a no-mans land.
Mac table looks fine
GS1350# show mac address-table all
Port VLAN ID MAC Address Type1 400 00:1d:c1:25:38:00 Dynamic2 400 00:1d:c1:29:50:34 Dynamic5 1 28:76:10:14:b0:9a Dynamic5 1 88:53:95:2a:c6:5d Dynamic2 1 ac:44:f2:a2:c3:37 Dynamic2 400 ac:44:f2:a2:c3:38 Dynamic
The Number of VLAN : 2
Idx. VID Status Elap-Time TagCtl
1 1 Static 0:16:32 Untagged :1-6
Tagged :
2 400 Static 0:16:32 Untagged :
Tagged :
GS1350#
Any one able to advise on why my devices won't talk to each other? All pointers gratefully received
Best Answers
-
Hi @dazey77,
The vendor-ID-based-VLAN and MAC-based-VLAN configuration is correct. But you forgot to fix the uplink port. This causes your device not to get an IP address from the DHCP server and cannot communicate with each other.
Please reference the below configuration, I used port 6 as the uplink port for example:
GS1350(config)# vlan 400
GS1350(config-vlan)# fixed 6
GS1350(config-vlan)# no untagged 6Here's the VLAN table:
GS1350# show vlan
The Number of VLAN : 2
Idx. VID Status Elap-Time TagCtl 1 1 Static 0:16:54 Untagged :1-6
Tagged :
2 400 Static 0:02:29 Untagged :
Tagged :6In addition, if the device is VLAN-unaware, please configure this port with below configuration:
GS1350(config)# vlan 400
GS1350(config-vlan)# fixed 1
GS1350(config-vlan)# untagged 1Hope it helps.
P.S. Once the untagged packet's source MAC is matched with Vendor-ID-based-VLAN or MAC-based-VLAN, the switch will not add port VLAN ID(PVID) but the Vendor-ID-based-VLAN or MAC-based-VLAN ID to this packet. So, you don't need to change the PVID.
Zyxel Melen0 -
Wow, that works! Thanks a lot for the help, was just the lines I was missing and I just couldn't get there myself!
0
Zyxel Employee
All Replies
-
Hi @dazey77,
The vendor-ID-based-VLAN and MAC-based-VLAN configuration is correct. But you forgot to fix the uplink port. This causes your device not to get an IP address from the DHCP server and cannot communicate with each other.
Please reference the below configuration, I used port 6 as the uplink port for example:
GS1350(config)# vlan 400
GS1350(config-vlan)# fixed 6
GS1350(config-vlan)# no untagged 6Here's the VLAN table:
GS1350# show vlan
The Number of VLAN : 2
Idx. VID Status Elap-Time TagCtl 1 1 Static 0:16:54 Untagged :1-6
Tagged :
2 400 Static 0:02:29 Untagged :
Tagged :6In addition, if the device is VLAN-unaware, please configure this port with below configuration:
GS1350(config)# vlan 400
GS1350(config-vlan)# fixed 1
GS1350(config-vlan)# untagged 1Hope it helps.
P.S. Once the untagged packet's source MAC is matched with Vendor-ID-based-VLAN or MAC-based-VLAN, the switch will not add port VLAN ID(PVID) but the Vendor-ID-based-VLAN or MAC-based-VLAN ID to this packet. So, you don't need to change the PVID.
Zyxel Melen0 -
Wow, that works! Thanks a lot for the help, was just the lines I was missing and I just couldn't get there myself!
0 -
Hi @dazey77,
It's happy to hear your problem has been solved.
Since you mentioned you have Dante devices in your network, I would like to let you know that GS1350 is not quite suited for the Dante Network. We have some switch models that are suited for Networked AV applications which include Dante Netwok. You may reference the link below for more detailed information.
Zyxel Melen0
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 152 Nebula Ideas
- 101 Nebula Status and Incidents
- 5.8K Security
- 296 USG FLEX H Series
- 281 Security Ideas
- 1.5K Switch
- 77 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 254 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 76 Security Highlight
