VLAN Tagged and Untagged traffic…

  • I know this question has been brought up numerous time and the answer has always been "don't mix tagged and untagged traffic"…in my curiousity and naiveness I would like to know why?

    I have this setup and have some strange behaviour, I am wondering whether this is due to the above issue, therefore I would greatly appreciate some advice :)

    I hope this makes sense...

    Public Internet    --- WAN(em0) --- LAN(em1) ------------------->
                                    |                      |                                     
                                    |                      | --- VLAN10(em1) ------>  [Switch] –- [Wireless Network (layer2 bridged AP's)] –--> Wireless AP's = No VLAN
                                    |                                                                                                                                                      Clients with NAT'd IP's = VLAN10
                                    (bridge) ------------- VLAN20(em1) ------>                                                                                          Clients with Public IP's = VLAN20

    Basically, we have three segmented 'networks'

    • No VLAN (untagged) is our management network so we can access all the network infrastructure i.e. Wireless AP's and Switches.
    • VLAN10 for clients who ONLY require a NAT'd local IP
    • VLAN20 for clients who require a public IP which we can bridge with WAN

    The tagging for clients is done on the wireless receivers or switches behind them.

    I would like to know if there is an issue with the above method or whether there is a more efficient way of setting this up.

    If I get the setup working I'll be more than willing to write a tutorial to help others!



