|
Posted by amattina@layer8group.com on September 6, 2006, 1:46 pm
If you were Registered and logged in, you could reply and use other advanced thread options
I've been going over and testing this vlan problem for a long time now
and still can't get too far. I've read up a significant amount on how
this should work and I'm mainly getting confused between Netgear and
Cisco's interpretations of what each feature does. Here is a diagram
of what I think I should have. Ideally, I have a GSM7324 switch with a
whole class C cut up among it. This core switch feeds into (right now
just one) layer 2 switch which has corresponding vlans. These switches
talk to each other and out the gateway. The vlans right now can talk to
each other via routing on the switch which is okay. I can do those ACLs
after this step is completed. Here is an image of the basic structure:
http://157.238.136.5/cage-fixup.jpg
The main problem is that I cannot get the two switches uplinked to each
other. I need machines on vlan 17 to be able to talk to the layer 3
switch and therefore every other subnet on the layer 3 switch. If I
uplink them as diagramed things start to act like a broadcast storm on
the layer 3 switch. This shouldn't be the case because the ports that
are uplinked are different and on different vlans. Netgear told me that
there wasn't a feature like 'Cisco Trunking' on the switches so thats
why the multiple uplinks. If there is a way to do it with one uplink
cable that is obviously the preferred method. Everything on the layer 2
switch in vlan #3 can get to the layer 3 switch and the Internet. If I
plug my laptop directly into vlan #17 on the layer3 switch that works
as well. Let me know any ideas or thoughts on how I could have this
wrong and make it right.
Thanks,
Adam
|
 
| |
Posted by Walter Roberson on September 6, 2006, 2:36 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>Ideally, I have a GSM7324 switch with a
>whole class C cut up among it.
>The main problem is that I cannot get the two switches uplinked to each
>other. I need machines on vlan 17 to be able to talk to the layer 3
>switch and therefore every other subnet on the layer 3 switch. If I
>uplink them as diagramed things start to act like a broadcast storm on
>the layer 3 switch. This shouldn't be the case because the ports that
>are uplinked are different and on different vlans. Netgear told me that
>there wasn't a feature like 'Cisco Trunking' on the switches so thats
>why the multiple uplinks.
It is documented as supporting trunks.
ftp://downloads.netgear.com/files/gsm7312_gsm7324_fsm7326p_adminguide.pdf
Chapter 3, examples #2 and #3
Also, the introduction in Chapter 3 says specifically,
"A given port may handle traffic for more than one VLAN, but
it can only support one default VLAN ID."
If you cannot get the GSM7324 to handle multiple VLANs on the same
port using the procedures documented there, then get a refund on the
switch.
(Oh wait, this is Netgear, it is corporate policy that you *can't* get
a refund on the switch; the most you can do is exchange in endless
succession hoping that -eventually- you will get one that they have fixed
the feature on.)
|
|
Posted by amattina@layer8group.com on September 6, 2006, 2:55 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Thanks for your response. Trust me, I know the frustration of working
with half-ass quality equipment and poor documentation. This document
you linked to didn't exist when this problem started. Its just time to
get back around to solving this one now. I'll check it out.
|
|
Posted by amattina@layer8group.com on September 6, 2006, 3:12 pm
If you were Registered and logged in, you could reply and use other advanced thread options
That document is endlessly confusing...
The pictures don't match the commands...the interfaces are totally
different and they don't mention what the configuration should be like
on the other end of the switch. What about the layer 2 switch
configuration? Its a near miracle that I got the IP configuration on
this switch correct and that its actually routing inbetween the subnet
interfaces.
Isn't the point of having a layer 3 switch and vlans to be able to
route between the vlans? That is what I'm trying to do here, not have
certain ports accessable by multiple vlans. I should be able to do that
at layer 3, not 2. Each vlan should contain the broadcast domain at
layer 2, all requests to outside subnets should go to the virutal
router interface and then routed to another vlan on the switch after
passing the ACLs into that other subnet. Is my thinking totally out of
whack or does this product not seem to do that?
amattina@layer8group.com wrote:
> Thanks for your response. Trust me, I know the frustration of working
> with half-ass quality equipment and poor documentation. This document
> you linked to didn't exist when this problem started. Its just time to
> get back around to solving this one now. I'll check it out.
|
|
Posted by Walter Roberson on September 6, 2006, 5:03 pm
If you were Registered and logged in, you could reply and use other advanced thread options
[netgear GSM7324]
>That document is endlessly confusing...
>Isn't the point of having a layer 3 switch and vlans to be able to
>route between the vlans? That is what I'm trying to do here, not have
>certain ports accessable by multiple vlans.
You were using multiple ports to communicate between the devices
because Netgear told you there was no trunking facility... but there
is. So you only need one cable between the two devices, and you want
the ports set up to carry all the VLANs needed to trunk between the two.
>I should be able to do that
>at layer 3, not 2. Each vlan should contain the broadcast domain at
>layer 2, all requests to outside subnets should go to the virutal
>router interface and then routed to another vlan on the switch after
>passing the ACLs into that other subnet. Is my thinking totally out of
>whack or does this product not seem to do that?
Look in Chapter 5 "IP Routing Services" of the manual, and in
particular at the section "VLAN Routing".
I draw particular attention to the command section of Example 2,
which enables routing on the vlans, ending in "show ip vlan". The
explanatory main text after that says,
This returns the logical interface IDs that will be used instead of
slot/port in subsequent routing commands. Assume that VLAN 10 is
assigned ID 3/1 and VLAN 20 is assigned ID 3/2.
What this is hiding is the fact that when you configure routing on
a VLAN interface, there is no predetermined interface name that will
be used to refer to the VLAN. For example, if you enable routing on
VLAN 179, then there is NO interface created named anything like
"vlan179" or "3/179", or any other fixed predictable interface name.
Instead, what you get is the next available interface number in the
3 series on card 1, which is to say the next available number
in the series starting 1/3/ . So the first VLAN created is
1/3/1, the second is 1/3/2, and so on, no matter what the VLAN tag
numbers are. And those are the names you have to use to configure IP
addresses and so on against.
Yes, this -does- mean that you cannot automate VLAN additions without
using an "expect" script [or equivilent] smart enough to
"show ip vlan" and pick out the interface numbers already in use and
carefully fill in the holes. You have to pay close attention to
"show ip vlan" because that's the only way to determine the interface
number you have to configure the layer 3 information against.
If you want some real fun, try measuring the performance of vlan routing.
Or better yet, run some multicasting...
|
| Similar Threads | Posted | | NetGear WGU624 | March 16, 2006, 6:37 pm |
| Voyager 205 and Netgear FS605 | May 6, 2005, 3:00 pm |
| Dead Netgear PE-102s | March 29, 2006, 6:09 pm |
| Netgear and Cisco Trunk | May 3, 2007, 4:04 am |
| Re: Netgear powerline extenders | May 12, 2008, 4:25 pm |
| Netgear router setup problem | January 7, 2006, 7:56 pm |
| Netgear router setup problem | January 7, 2006, 7:56 pm |
| Allied Telesyn vs Cisco vs netgear | March 24, 2006, 4:02 pm |
| Third Party SFPs in Netgear Switches | September 24, 2006, 2:27 pm |
| wireless connection only stay up for 2 min./NetGEAR WGT624 | February 21, 2005, 5:04 pm |
|
|
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map