Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Tagged VLANs not worrking on SG-1100?

    Scheduled Pinned Locked Moved L2/Switching/VLANs
    5 Posts 2 Posters 696 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bubbagump210
      last edited by

      I am a bit flummoxed as to why tagged VLANs are not working. I have triple checked everything and it all appears correct. I am hoping someone can see an error in my work. I am trying to set up the LAN port (physical port 2) to run a VLAN as the PVID/native untagged VLAN and then have multiple tagged VLANs on the same wire. This should be a pretty typical "router on a stick" sort of interface. If even someone can confirm the pfSense side is correct I can dig into my switch deeper. Thanks!

      alt text
      alt text
      alt text
      alt text
      alt text

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by Derelict

        Tag VLAN 10 on 0t,2t in the SG-1100's switch. You are tagging it on port 2 but not on the uplink to mvnet0 so nothing will be sent there.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • B
          bubbagump210
          last edited by

          That worked, but I am not exactly sure why - though I think I have a hunch. Digging through the forum tells me that port 0 is an internal only PCIe port. So is port 0 just a "router on a stick" trunk port to the firewall plane?

          And is mvneta0 then the switch itself?

          Graphic one creates the VLAN in the firewall.

          And my second graphic is equivalent to Cisco command 'vlan 10'?

          Sorry, this combined concept takes me some time as I am used to Cisco, Force10, and PANs as separate entities - not all in one chassis stuff.

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            It is no different than any other "vlan trunk" link between a router and a switch. The patch is just made hard-wired internal to the unit between switch chip port 0 and router interface mvneta0.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            B 1 Reply Last reply Reply Quote 1
            • B
              bubbagump210 @Derelict
              last edited by

              @Derelict

              Got it. Firewall <-> mvneta router <-> switch port 0

              It's just odd knowing where the lines are between the pieces in a SoC. Thanks.

              For others - this was helpful https://www.marvell.com/documents/qc8hltbjybmpjhx36ckw/

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.