Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    TP-LINK Smart Switches anyone?

    Scheduled Pinned Locked Moved Hardware
    239 Posts 54 Posters 194.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H Offline
      heper
      last edited by

      untagging multiple vlans on the same port is seldom a good idea.

      vlan trunks generally use tagging…..

      1 Reply Last reply Reply Quote 0
      • T Offline
        trumee
        last edited by

        Ok. This is how i got this working. Had to change Port 8 to tagged. And now the laptop is able to get the ip address.

        1 Reply Last reply Reply Quote 0
        • jahonixJ Offline
          jahonix
          last edited by

          When you have multiple VLANs on one port they all should be tagged, making it a trunk.
          If you need a VLAN untagged then it should be the only VLAN on that port (and PVID).

          1 Reply Last reply Reply Quote 0
          • K Offline
            kk003
            last edited by

            Hi all,
            I have this setup:

            1    x.x.x.x/24 public pool (I get to the internet through a ethernet port on the rack that is connected to the switch)
            1    tp-link TL-SL2428 switch
            7    pcs (this machines change the ip from time to time)
            2    servers (mail, web, ssh, etc)

            all using the referred x.x.x.x/24 public pool

            All this runs ok, I just plug the ethernet wires to the switch and have no problem

            Now they are asking me to add a new /24 pool to use with the same hardware (or add more machines) so lets call the new
            range y.y.y.y/24 which It would be provided through a different ethernet port

            My idea is:

            Plug a wire from a free port of the switch to the new rack's port that it provides the new y.y.y.y/24 public range
            Let the wire for the x.x.x.x/24 as it is (plugged)

            So with this setup when I configure a machine's ip, gateway, etc according to range  y.y.y.y/24 it should get out to the internet
            in the same way it does x.x.x.x/24.

            Am I right?

            I think I do not even need vlans right?

            If I am and that works I have a few more doubts I'd like to ask.
            Thank you.

            1 Reply Last reply Reply Quote 0
            • R Offline
              robi
              last edited by

              Don't do that.
              x.x.x.x/24 and y.y.y.y/24 are different networks, they must never be on the same layer II segment.

              Those switches are inexpensive. Just buy another one if you don't want to mess with VLANs and have free space in the rack.
              If not, make 3 VLANs:

              • VLAN1 (this is factory default, keep it for management of the switch), and assign it to one single dedicated management port (say port 24) just for managing the switch now and in the future. Remove all the other ports from VLAN1!
              • VLAN10 for x.x.x.x/24, assign ports, for example, from 1 to 8 to this, connect old ISP wire to port 1
              • VLAN20 for y.y.y.y/24, assign ports, for example, from 9 to 16 to this, connect new ISP wire to port 9
                Connect the pcs and servers according to their correct pools to the ports above.

              Maybe you could label the ports visually on the switch or rack, to remember easily which ports belong to which pool.

              1 Reply Last reply Reply Quote 0
              • K Offline
                kk003
                last edited by

                I did not get the email notice of the answer, sorry to write back so late.
                Thanks Robi, the thing is I'll use the same pcs on these two networks.
                I can't go and plug or unplug them.

                Any coment?
                Thanks.

                1 Reply Last reply Reply Quote 0
                • DerelictD Offline
                  Derelict LAYER 8 Netgate
                  last edited by

                  It shouldn't even be possible to put multiple VLANs on a port untagged. Quality code, that.

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • jahonixJ Offline
                    jahonix
                    last edited by

                    @Derelict:

                    It shouldn't even be possible to put multiple VLANs on a port untagged. Quality code, that.

                    Slightly disagree here!
                    I have a setup where this is a must (but only one VLAN is PVID, of course). And that's with Cisco SG300 switches.
                    I even re-program the switchport's VLANs on the fly with a Crestron control system to switch between IP-TV feeds. The whole idea is based on this.
                    https://forum.pfsense.org/index.php?topic=76022.msg471063#msg471063

                    1 Reply Last reply Reply Quote 0
                    • DerelictD Offline
                      Derelict LAYER 8 Netgate
                      last edited by

                      Riddle me this?  What VLAN is the switch supposed to place an untagged packet on if the switch port is configured with multiple untagged VLANs?  It's nonsensical.

                      This is different from a cisco general port where there is one untagged PVID and the rest of the VLANs on the port are tagged.

                      Chattanooga, Tennessee, USA
                      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                      Do Not Chat For Help! NO_WAN_EGRESS(TM)

                      1 Reply Last reply Reply Quote 0
                      • jahonixJ Offline
                        jahonix
                        last edited by

                        @Derelict:

                        What VLAN is the switch supposed to place an untagged packet on if the switch port is configured with multiple untagged VLANs?

                        The one with the PVID, of course. The other is used for "listening" only.

                        In the setup I'm referring to both VLANs on a port are untagged. One has PVID, the other doesn't (of course). Yes, untagged.  ;-)
                        If I have some spare time someday I'll sketch it up to show you.
                        It's a really fascinating setup with the switch in L3 mode, overlapping subnets and all kind of unusual things.
                        The system is engineered this way and working rock-solid! We are distributing IP-TV channels through a larger venue with 120Mb/stream and a max. latency of 30ms @1080p50.
                        Because the setup is so unusual (and most users cannot figure out how to setup the switch correctly) JustAddPower offers a program to configure the switches for you.
                        Here's a screenshot of a rather simple (one switch) configuration taken from their tutorial video.
                        Look at the VLAN subnets as compared to the transmitter's subnets…

                        ![JAP config screenshot.png](/public/imported_attachments/1/JAP config screenshot.png)
                        ![JAP config screenshot.png_thumb](/public/imported_attachments/1/JAP config screenshot.png_thumb)

                        1 Reply Last reply Reply Quote 0
                        • jahonixJ Offline
                          jahonix
                          last edited by

                          For clarification of usage and to be back on VLAN tagging again:

                          Transmitter1 has VLAN10 and VLAN11(PVID) on its port. A receiver port for stream1 has VLAN10(PVID) and VLAN11.
                          Exchange VLAN11 with VLAN12 for the second stream, VLAN13 for the third, etc.
                          To switch a receiver's stream from TX1 to TX2 all I have to do is remove VLAN11 from this receiver's port and add VLAN12 instead.

                          1 Reply Last reply Reply Quote 0
                          • DerelictD Offline
                            Derelict LAYER 8 Netgate
                            last edited by

                            Sounds like some sort of asymmetric VLAN scheme, with the second VLAN not really used as a VLAN but to group ports instead.

                            Chattanooga, Tennessee, USA
                            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                            Do Not Chat For Help! NO_WAN_EGRESS(TM)

                            1 Reply Last reply Reply Quote 0
                            • jahonixJ Offline
                              jahonix
                              last edited by

                              It's not asymmetric at all, more like a ring.
                              Dig deeper!  :P  Hint: switch is in L3 mode and doing quite some routing.

                              1 Reply Last reply Reply Quote 0
                              • R Offline
                                robi
                                last edited by

                                @kk003:

                                I did not get the email notice of the answer, sorry to write back so late.
                                Thanks Robi, the thing is I'll use the same pcs on these two networks.
                                I can't go and plug or unplug them.

                                Any coment?
                                Thanks.

                                Rule of thumb: one network connection always belongs to one single Layer II network. In that case, the correct setup would probably be to enable VLANs on the network interfaces of the PCs (Intel network cards support VLANs in Windows aswell), this way, although you only have one cable plugged from the PC to the switch, you'll have two virtual network adapters, each belonging to its own network. On the switch you'll have to set these ports to send both VLANs tagged.

                                Or, if you don't want to mess with this, you'll have to plug a second network card in each PC, and connect them with new cables to the new network.

                                Having multiple IP address pools on the same Layer II network might work, but 100% you'll run into troubles later. It's against the standard. Don't do this, especially if public internet is involved, because if your ISP will detect this, they will shut your services off immediately. What you do in your private LANs is your responsibility…

                                1 Reply Last reply Reply Quote 0
                                • W Offline
                                  willyy
                                  last edited by

                                  Apologies for reviving the discussion, but did we come to a conclusion as to whether the easy switches are able to support VLAN trunking?

                                  1 Reply Last reply Reply Quote 0
                                  • M Offline
                                    marcf
                                    last edited by

                                    The TP Easy Smart switches do support trunking (if by trunking you mean tagging multiple vlans on a single port to carry those networks to another managed switch).

                                    I'm running two of this in a production environment and there is a trunk line between them to carry the VLANs. Have not had a single problem.

                                    I'm purchasing a Netgear ProSafe smart switch to try out - it has a built in webUI instead of relying solely on a windows utility for configuration like the TP-LINK. For the price point though I've been happy with TP-LINK.

                                    1 Reply Last reply Reply Quote 0
                                    • jahonixJ Offline
                                      jahonix
                                      last edited by

                                      @marcf:

                                      …built in webUI instead of relying solely on a windows utility for configuration like the TP-LINK

                                      A utility program, really? Never used them myself.
                                      I find the TP-Link TL-SG3210 quite reasonably priced. They have a WebGUI and a CLI on Telnet/ssh/serial.
                                      But it's probably already overkill for some.

                                      Edit:
                                      There are "Smart Switches" as well like the TL-SG2008 with WebUI and CLI (the TL-SG108E is an "Easy Smart Switch").
                                      FWIW

                                      1 Reply Last reply Reply Quote 0
                                      • W Offline
                                        willyy
                                        last edited by

                                        @marcf:

                                        The TP Easy Smart switches do support trunking (if by trunking you mean tagging multiple vlans on a single port to carry those networks to another managed switch).

                                        I'm running two of this in a production environment and there is a trunk line between them to carry the VLANs. Have not had a single problem.

                                        I'm purchasing a Netgear ProSafe smart switch to try out - it has a built in webUI instead of relying solely on a windows utility for configuration like the TP-LINK. For the price point though I've been happy with TP-LINK.

                                        Thanks Marc, actually purchased a couple and am using them in production as well. Price point was excellent at about £20 a switch so I don't mind the lack of WebUI either, that netgear does look interesting though.. I do like a serial port!

                                        1 Reply Last reply Reply Quote 0
                                        • R Offline
                                          robi
                                          last edited by

                                          Chek out: http://www.tp-link.com/en/products/biz-cat-35.html

                                          • Managed Switches - these have web ui, cli via serial console cable, telnet and ssh
                                          • Smart Switches - these have web ui and cli via telnet and ssh
                                          • Easy Smart Switches - these are managed by external utility running on PC

                                          I mainain networks containing "Managed" and "Smart" series of TP-Link switches. The cli syntax is very similar to cisco IOS, but there are little differences. Web UI is best for the "Managed" series, and it's a bit reduced in functionality in the "Smart" series.
                                          I don't have any personal experience with the "Easy Smart" series at all.

                                          I'm very satisfied with them, and I recommend them at any new places I have to deploy networks because they are indeed hassle-free and very well priced.

                                          1 Reply Last reply Reply Quote 0
                                          • M Offline
                                            marcf
                                            last edited by

                                            Hi robi,

                                            Thanks for the clarification. Yes, I was speaking specifically toward the EasySmart switches from TP-LINK requiring software which runs only on windows based PCs at the moment.  In the same location I've also setup a TP-LINK SG3216 which had a CLI (with very familiar commands).

                                            I've been happy with the TP-Link Products. Just picked up a NetGear ProSAFE GS105E - the webUI is much more handy but the price difference is significant (compared to TP-Link EasySmart 5-port - same functionality without webUI).

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.