Cisco/Linksys SLM224G SWITCH: Problem with VLANs

Meson-Man · ‎12-13-2010

Hi!

I'm trying to set up VLANs in my racks. I have some knowledge about VLANs, but I still can't set it up in my way.

My situation:

I have PC which contains two virtual machines, which has to works as a routers between three networks: LAN1, LAN2, WAN. It's a bit complicated, but I'll try to draw it:

|-------------|

|----------------------------|                   |           e1|-to-eth1-VM2-----WAN
|VirtualMachine 1        eth0|---trunk-VLAN1&2---|g1         e2|-to-eth0-VM2-----LAN2
|eth0=VLAN1 eth1=VLAN2       |                   |           e3|-to-eth0-VM2-----LAN2 etc.
|                         PC |                   |   SWITCH e4|
|VirtualMachine 2            |                   |           e5|-to-eth1-VM1---wire-to-LAN2
|eth0=VLAN3 eth1=VLAN4   eth1|---trunk-VLAN3&4---|g2         e6|-to-eth0-VM1-----LAN1
|----------------------------|                   |           e7|-to-eth0-VM1-----LAN1 etc.
                                                 |-------------|

gX = Gigabit ports
eX = 100Mbit ports
VMX = Virtual machine number
wire-to = patch-cord connection between ports on the switch

Schema of routing and logical visibility:

LAN1---VM1-----VM2---WAN
|
LAN2----------|

Important note is that LAN1 and LAN2 has to be separated (visible only through routers). WAN has to be visible only through VM2 for LAN2 and through by VM1 and VM2 for LAN1. It looks easy, but VLANs which I done on that switch seems to doesn't works.

I'm doing this like that:

Step1: VLAN Management / Create VLAN...

Creating VLANs from 1, 2, 3, 4 (numbers doesn't meters right now - I now that number 1 is restricted at the switch).

Step2: VLAN Management / Port to VLAN...

Setting up VLAN1 with ports g1, e5 (both tagged or untagged? - I haven't seen difference)

Setting up VLAN2 with ports g1, e6, e7, etc...

Setting up VLAN3 with ports g2, e2, e3, etc...

Setting up VLAN4 with ports g2, e1

Step3: VLAN Management / Port Setting...

Setting up port e1 to PVID4 (frame type=all I suppose, but what with "ingress filtering"?)

Setting up port e2 to PVID3

Setting up port e3 to PVID3

etc...

Setting up port e5 to PVID1

Setting up port e6 to PVID2

Setting up port e7 to PVID2

etc...

So, on that configuration and on that switch it doesn't work for me

I know that switch is seeing MACs from VLANs which are done by PC's, because when I get in "Admin / Dynamic Address" I can see MACs on correct ports and with correct VLAN ID. So the problem is to forward VLANs on their ports, next clear frames from IDs and let packets go (and back: take clear packets, add VLAN ID and send to gigabits ports).

Showed configuration is the one of many that I tried :/ but I think this one is the best one.

Or maybe I don't know VLANs as I think and that schema is impossible? Please tell me if I' doing sth wrong.

Regards

and waiting for any suggestions,
Lucas

AndreiBoghiu · ‎12-16-2010

Hi, I have the same problem, I've got a Cisco SLM224G and I have created the VLANs, but can't figgure out how to setup the VLAN Trunk. I'm starting to believe that this switch does not support "Trunk" mode... so dissapointing , hope someone finds us a solution because without the Trunk option.... it's USELESS !!!!! and it's not quite cheap to buy another one with Trunk support...

Meson-Man · ‎12-16-2010

Hi.

Trunk is a kind of switch-to-switch connection and have been invented by Cisco (as I know), so in my case maybe I don't need "the trunk" itself. However it should works like that, but it doesn't as it is in my upper schema. And other however... everybody's saying on ethernet with many VLANs as trunk

In documentation to this switch isn't anywhere word like "trunk". So, how correctly set up VLANs there, for what they are there? :-|

Regards

Luke

David Carr · ‎12-17-2010

The port setting in the default state is like a trunk but only a member of the management vlan or just one vlan.

You can adjust the rules on the port by allowing untagged only, (Access port), or setting it to all (Trunk).

At this point, all you have to do is add the vlans to the port and if they are tagged or untagged.

If you change the pvid on a port, it makes it an access port unless you add more vlans.

Meson-Man · ‎01-13-2011

Ok, so can You (or anybody) tell what I'm doing wrong in my upper steps, where I want to divide two physical ports (4 vlans goes in) into 4 physical ports on the same switch for others computers which will not having vlans on their interfaces?

If it's not clear enough: My idea is quite simply. I want to separate two virtual routers running on one machine by making vlans on them and on the switch. Any others computers should be connected to these routers by the ports which I'll set up to which segment they belongs (I mean different interface of the routers). Everything is on schema in my first post.

Regards,

thank You for answering and any future looks on my case!

Lucas

Jo Kern · ‎01-15-2011

You need to make sure that your VirtualMachine can send tagged frames if the VMs share physical ethernet ports on the host.

I count 4 different LAN segments but you have only 2 physical ports on your PC (router).

And VM2 requires 3 physical connections according to the list below.

Depending on the virtualisation software you can maybe create the connection PVM1 to VM2 internally inside the PC (logical connection)

Are these the connections you require ?

VM1 --- LAN1

VM1 --- VM2

VM2 --- WAN

LAN2 --- VM2

Is this correct ? Will your PC, Virtualisation Software/Hypervisor tag frames with VLAn tags ?

If this is true I can help you configure the switch.

Jo