how to assign tagged VLAN on LAN interface to be untagged on another Netgat interface?
-
I just upgraded from a SG-2220 to a 4200 Max. I have two VLANs that are tagged on the LAN that go to a managed L2 switch. To support some slow transitioning I want to assign those two VLANs also to my two unused interfaces on the 4200 as untagged. I conceptually understand what I want to do (correct me if I'm wrong), but I don't quite understand how to achieve it in pfSense. Looking for any pointers. Thank you
-
@scottlindner you want to move your vlan to another interface and change it to untagged.
Or you want to add another interface to the same vlan but have it untagged.. Where vlan X would be tagged on lan, but also untagged on optx ?
The 4200 doesn't have switch ports, they are discrete interfaces.. Such a setup seems far from optimal even if possible. You could in theory create a bridge - but not sure if you can tag one side of the bridge and native on the other side.
How would this help you in your transition to?
What problem are you seeing that you're wanting to mitigate exactly - there are always multiple ways to skin a cat.
-
@johnpoz said in how to assign tagged VLAN on LAN interface to be untagged on another Netgat interface?:
@scottlindner you want to move your vlan to another interface and change it to untagged.
Or you want to add another interface to the same vlan but have it untagged.. Where vlan X would be tagged on lan, but also untagged on optx ?
Add another interface to the same VLAN that is also tagged on the LAN interface.
The 4200 doesn't have switch ports, they are discrete interfaces.. Such a setup seems far from optimal even if possible. You could in theory create a bridge - but not sure if you can tag one side of the bridge and native on the other side.
How would this help you in your transition to?
What problem are you seeing that you're wanting to mitigate exactly - there are always multiple ways to skin a cat.
I have a 1Gbe managed switch and two 1Gbe unmanaged PoE switches for WAPs and security cameras. Getting a 48 port fanless PoE 2.5Gbe switch is SPENDY compared to getting a 8 port 2.5Gbe unmanaged switch to plug my WAPs into as I slowly upgrade them to WiFi7 2.5Gbe APs. It is purely a practical financial consideration.
Given the bridge suggestion you gave and that this is deemed impractical or inefficient. Perhaps my solution is to get a managed 8 port 2.5Gbe PoE switch to achieve what I'm looking for and leave the 48 port managed 1Gbe switch in place for the bulk of what it is already doing.
-
@scottlindner if the goal is leverage 2.5ge connection - yeah a small 2.5ge seems like a good solution.
You could then if enough ports on this new switch - leverage lacp from the 1 gig switch to provide for more bandwidth to the router.
This wont help with a single connection, but it would provide for more bandwidth for multiple devices on the 48 port to the router interface through the 2.5ge switch.
Yeah a 48 port 2.5ge managed is prob not all that cheap ;)
You could then also move a vlan or both off your current lan interface onto their own 2.5ge interface. Maybe a 16 port 2.5ge switch price is more budget friendly? This would give you plenty of ports to work with - you could have 3 different uplinks for your networks, and then 2 or more as lacp to your 1 ge switch, and leave plenty of ports for 2.5ge APs into the new switch. Or maybe 8 port is enough?
