GS1900 tagged VLAN nodes drop off after 5 minutes

SL75
SL75 Posts: 8  Freshman Member
First Comment Friend Collector

Hello all. I have a very simple test lab set up, a GS1900-24 with a Win 10 and a Win 11 laptop continuously pinging each other. On the tagged VLAN, these pings just stop after 5 minutes, and the only way to get them talking again is to reset (change, then change back) their VLAN IDs in Windows Network adapter settings. Unplugging them from the switch and plugging them back doesn't work. This makes testing rather difficult. They do not exhibit this behaviour when plugged into non-VLAN or untagged VLAN ports - pings stay up. Is this likely a Windows behaviour or something I missed on the switch? Thanks for any tips.

«1

All Replies

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,644  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @SL75 ,

    The MAC table ages out after 5 minutes. If you’re unable to ping after that time, it may indicate an issue with your VLAN settings.
    Please refer to this article on how to configure VLANs with the GS1900.

    How to configure VLAN on GS1900? — Zyxel Community


    For your Windows 10 and Windows 11 laptops, we recommend setting the laptop to untag with the PVID. Based on our experience, directly configuring the VLAN ID on the laptop’s network adapter may require additional parameters to align, and the behavior of network adapters can vary across different models.

    Judy

    See how you've made an impact in Zyxel Community this year! https://bit.ly/Your2024Moments_Community

  • SL75
    SL75 Posts: 8  Freshman Member
    First Comment Friend Collector

    Thank you @Zyxel_Judy - I thought I was going crazy. Is there a way to change that MAC table timeout, or it's there for safety reasons? So is it recommended to not use tagged VLAN at all, regardless of OS, if the host NIC variations are the problem? That guide is exactly what I used to set up my VLAN test lab, it's very clear. The continuous pings work 100% reliably both ways, just only for 5 minutes.

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,644  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula
    edited October 25

    • To better assist you, could you please share your GS1900 VLAN configuration file along with the tagged VLAN settings for your Windows network adapter?

    On the tagged VLAN, these pings just stop after 5 minutes, and the only way to get them talking again is to reset (change, then change back) their VLAN IDs in Windows Network adapter settings. 

    How did you change the settings? For example, did you switch from a tagged VLAN to an untagged VLAN, or change from tagged VLAN 10 to tagged VLAN 20, then back to the original tagged VLAN?

    Where did you apply these changes? Were they made in the Windows network adapter's VLAN settings?

    • If possible, please capture packet data for the following two scenarios (6 minutes each from when you start pinging):
    • Case 1: Tagged VLAN on the Windows network adapter
    • Case 2: Untagged VLAN on the Windows network adapter

    Judy

    See how you've made an impact in Zyxel Community this year! https://bit.ly/Your2024Moments_Community

  • SL75
    SL75 Posts: 8  Freshman Member
    First Comment Friend Collector

    To change the settings I go to the NICs' "Properties > Configure > Advanced tab > VLAN ID: Value" then simply change the value from 3 to 2 and click OK, then from 2 back to 3 and OK.
    It's a GS1900-24 with V2.80(AAHL.1) | 08/08/2024My configuration doesn't follow your suggested guid exactly, it uses a different VLAN numbers and for the purpose of this test is a single isolated switch, nothing else connectedTagged VLAN 3 on ports 17, 19, 21Win 10 (192.168.0.16) on port 17Win 11 (192.168.0.15) on port 19
    Actually I did three tests and in all three cases the pings dropped off well before 5 minutes, the first time they stopped after about 4 minutes, then the second test after only 2 minutes. On the third test the pings stopped after 90 seconds.
    I've attached a Wireshark capture of the first test, the switch configuration file and screenshots. The pings start perfectly normal, request sent and response received. Then I get a bunch of (no response found!) errors, always in the direction of Win 11 pinging Win 10. Finally, a ZyXEL LLDP Multicast even happens, and there is only a ping attempt from Win 11 to Win 10. A few more of these happen, then another Multicast, and some more of the same, Win 11 to Win 10 ping attempts only, all with no response.

  • PeterUK
    PeterUK Posts: 3,461  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited October 25

    This sounds like a driver issue maybe with windows.

    I use tag VLAN on my windows but I use the windows Hyper-V

    here how you do it
    Control Panel\All Control Panel Items\Programs and Features
    Click Turn windows features on or off
    enable all of “Hyper- V” but uncheck “Hyper-V Hypervisor”
    run PowerShell in admin
    New-VMSwitch -Name "External_network" -NetAdapterName "Ethernet"
    Add-VMNetworkAdapter -ManagementOS -Name VLAN3 -SwitchName External_network
    Set-VMNetworkAdapterVlan -ManagementOS -VMNetworkAdapterName VLAN3 -Access -VlanID 3

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,644  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @SL75 ,

    Upon reviewing the packet capture provided, we observed that the ASUS device continues to perform ARP requests when it cannot ping, which suggests a potential issue with the switch’s MAC table.

    To proceed, could you please ask the customer to perform the following:

    • Collect a Tech Support file from the switch when the devices are able to ping each other.
    • After five minutes, when the ping fails, collect another Tech Support file again.

    Additionally, you can check the switch’s MAC table when the ping is successful and again when it is not, to see if the entries are correct.

    Judy

    See how you've made an impact in Zyxel Community this year! https://bit.ly/Your2024Moments_Community

  • SL75
    SL75 Posts: 8  Freshman Member
    First Comment Friend Collector
    edited November 6

    Thank you @Zyxel_Judy, I have attached before and after logs. Actually, the pings now stop well before 5 minutes.


    For comparison, I have an identically configured GS1900-48, running the same firmware. On here, the pings stay solid and consistent (<= 1ms) for over 1.5 hours, but, still the ping test stops and doesn't come back until I toggle the VLAN ID on the hosts away from 3 then back to 3. The main difference is that this switch is isolated, it only has the two laptops pinging, and a third PC acting as a configuration console. The MAC table shows correctly three hosts and the switch itself.


    The GS1900-24 that is having trouble, is uplinked to a live LAN (via the pass-through port of a NWA1123-AC PRO) for configuration purposes. It only has my test laptops connected. Its MAC table showed 21 hosts including my test laptops, and the rest were from other devices on the LAN, except for 4 hosts I could not find using Advanced IP Scanner. When I cleared the MAC table, only 17-18 hosts appear (but still a few unexplained MACs), but the ping test still drops after just a minute or two.


    For a test, I disconnected the GS1900-24 from the LAN to be isolated just like the GS1900-48, and the ping test then also stays solid for over 1.5 hours, but again also stops working in less than 5 minutes.


    Thank you also @PeterUK - I need to make this work with real Windows hosts and don't yet dabble with Hyper V but will bear that in mind.

    MAC table while ping working

    MAC table after ping not working

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,644  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @SL75 ,

    For a test, I disconnected the GS1900-24 from the LAN to be isolated just like the GS1900-48, and the ping test then also stays solid for over 1.5 hours, but again also stops working in less than 5 minutes.

    Could you tell us what happens after the ping stops working in less than 5 minutes? Does the ping not return at all, or does it automatically resume and continue steadily for 1.5 hours?

    Judy

    See how you've made an impact in Zyxel Community this year! https://bit.ly/Your2024Moments_Community

  • SL75
    SL75 Posts: 8  Freshman Member
    First Comment Friend Collector
    edited November 7

    Apologies @Zyxel_Judy, I made a mistake with that sentence. Correction: When the GS1900-24 is isolated, the pings drop after about 1.5 hours and do not return at all. When the switch is connected to a LAN with other devices on it, then the pings drop in less than 5 minutes and also do not return at all - until I change the test laptops' VLAN ID away from 3 then back to 3 (same for when the switch is isolated). Hope that's clearer.

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,644  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @SL75 ,

    After reviewing the SW MAC table, it appears to be functioning correctly. Could you please perform the following steps for further investigation:

    1. When the ping is successful, run arp -a on both ASUS and HP computers and take screenshot of the ARP table.
    2. When the ping fails, run arp -a again on both ASUS and HP computers to observe any changes and take screenshot of the ARP table.

    Additionally, you can set up port mirroring on Port 17 (the port connects to ASUS) to monitor if the switch is correctly forwarding packets.
    On the ASUS computer, please enable Wireshark (before ping) to check if the packets are being received, which will help pinpoint the issue.
    All packets and screenshots, you can share with us to check.

    If they have an external network adapter or another computer available for testing, please try to test with the same scenario.

    Alternatively, you can connect the ASUS and HP computers directly, without going through the GS1900-24 switch. Then, you can perform a ping test to observe whether the issue occurs.

    Judy

    See how you've made an impact in Zyxel Community this year! https://bit.ly/Your2024Moments_Community