Do I need to Trunk/LAG connection?

[Unrealism2k]

Ok, I think I know what I am missing but need to confirm my theory...

 

I have a small business network. It consists of 2 (Netgear GS748TPS) switches "Stacked", and I have a router (Cisco RV320), and several IP Phones (Polycom IP550's). Here is what I am doing, I have the switches set to tag the MAC of the IP Phones and place them on VLAN10. Other traffic flows on VLAN1 "Untagged". My router is configured for VLAN as well. The problem however is when I use one cable going from port 4 on router to the switch, the PC's can see the Internet, but the IP Phones do not. However, if I plug the cable in on the switch with the Port ValueID to VLAN10 into the router, the phones work but the PC's do not. So I know the VLAN functions are working correctly, but... I have never dealt with Trunks before. I assume, that I would need to trunk the port on the switch and the port with the value ID together so they see the Internet?

 

I have port 1 on my switch plugged into port 4 on my router. I have port 48 on the switch with a ValueID of 10 for the VLAN. So if I trunk, port 1 & 48 together can the cable from port one still be used in port 4 of the router?

 

Sorry for the confusion, hope I explained it right.

 

Thanks,

 

Don

[Original Poster]

Ok, I think I know what I am missing but need to confirm my theory...

 

I have a small business network. It consists of 2 (Netgear GS748TPS) switches "Stacked", and I have a router (Cisco RV320), and several IP Phones (Polycom IP550's). Here is what I am doing, I have the switches set to tag the MAC of the IP Phones and place them on VLAN10. Other traffic flows on VLAN1 "Untagged". My router is configured for VLAN as well. The problem however is when I use one cable going from port 4 on router to the switch, the PC's can see the Internet, but the IP Phones do not. However, if I plug the cable in on the switch with the Port ValueID to VLAN10 into the router, the phones work but the PC's do not. So I know the VLAN functions are working correctly, but... I have never dealt with Trunks before. I assume, that I would need to trunk the port on the switch and the port with the value ID together so they see the Internet?

 

I have port 1 on my switch plugged into port 4 on my router. I have port 48 on the switch with a ValueID of 10 for the VLAN. So if I trunk, port 1 & 48 together can the cable from port one still be used in port 4 of the router?

 

Sorry for the confusion, hope I explained it right.

 

Thanks,

 

Don

can you draw a network diagram? would be alot easier :) could be a number of things, sounds like you have it set to an access port and trunking would be the way to go (depending on your tech) correct me if i am wrong neowin :P

[sc302 Veteran]

If you are using trunks, you will need to have the trunk set to both vlans 1 and 10 to be able to pass traffic for both. 

 

I hard code the ports on the switch vs dynamically doing it based on mac address.  I have seperate switches on different vlans to handle this, but my environment is quite a bit larger anyway here is a sample config

 

gi1/0/54

switchport mode trunk

switchport trunk allowed 1,10

 

vlan 1

ip address 192.168.1.1 255.255.255.0

 

vlan 10

ip address 192.168.100.1 255.255.255.0

 

ip default-gateway 192.168.1.254

 

---------------------

 

the routes should be created that point all traffic to 192.168.1.254 and anything in vlan 1 and vlan 10 by default can traverse each other. 

[+BudMan MVC]

Yeah a simple diagram would be best to talk over.

You need to trunk if the connection is going to carry more than 1 vlan.

So in nutshell - maybe this helps

[Unrealism2k]

This is kinda horrible drawing, sorry not an artist! lol...

 

Im pretty sure Trunking is the right thing I am looking for. What throws me for a loop with this is how the PC's piggy off of the IP Phones. I wish I could break them into their own ports which would make it so much nicer, but unfortunately that is not an option for this setup. So I guess I Trunk port # 1 and port # 48 together and leave port #1 going from the switch to Port # 4 on the router?

[sc302 Veteran]

upload links dorked for me. 

[+BudMan MVC]

I think they are having issues with images - I can not see that image sorry. Been having a problem now and then, somes it works - other not so much.

here is the thing if you need router to see both these vlans - then you would trunk to it, or would have to have 2 access ports going to it, etc.

Yes its always nicer to have full physical separation of segments vs vlans ;)

Once I see your drawing I might have a better idea what your trying to do.

Can we assign some networks to these vlans - makes it easier to make sure we are talking the same thing.

so your native, vlan 1 is what network - make up something if you want, like 192.168.1.0/24

and your vlan 10 is say 192.168.10.0/24

On your router - how many interfaces does it have? Does it understand vlan tagging?

[sc302 Veteran]

ok your port 30 needs to be configured like this

 

switchport mode trunk

switchport trunk allowed add 1,10

switchport trunk native vlan 10

 

By doing this vlan 10 will be untagged and will be passed to the physical phone, and vlan 1 will be tagged to be used on the switch port of the phone which your pc is connected to (may have to do some configs on the phone side, but that is what needs to be done on the switch side of things).

[Unrealism2k]

I can't really mess with it during the day cause it is live. The router is VLAN aware, it can see the difference. 802.11Q. I have it set right, I just can't seem to get the traffic to play nice at the switch. 

 

I understand the trunk I think I know that needs to be done, I guess my question I need answered before I can test it later this evening is... If I trunk ports 1 & 48 on the switch (port 1-47 is VLAN1, and Port 48 is VLAN10), on the physical side of things, will I use the cable going from Port 1 on the switch to Port 4 on the router still? Or will I need to use say... Port 2 on the switch since 1 & 48 are trunked??

[sc302 Veteran]

Here is how I would have it setup

 

RV320

vlan1

192.168.1.1 255.255.255.0

vlan10

192.168.10.1

port 4

switchport mode trunk

switchport trunk allowed vlan 1,10

 

GS748TPS

Port1

switchport mode trunk

switchport trunk allowed vlan 1,10

 

 

all phone ports:

switchport mode trunk

switchport trunk allowed vlan 1,10

switchport trunk native vlan 10

 

all pc standalone ports:

switchport mode access

switchport access vlan 1

 

Don't know what port 48 is for, it doesn't need to be plugged in again to the router unless you wanted to make a redundant lag port but then I would keep the ports next to each other (47 and 48 or 1 and 2).  

 

Doing it this way you can have your QoS on your RV320 for vlan 10. 

 

don' have any experience with the rv320 but this is how I would do it on a ASA that supports vlans and intervlan routing.  I might even add a rule to disable intervlan communications between vlan 1 and 10. 

[Unrealism2k]

I was thinking about this over lunch, can you actually "Trunk" VLANS that go by tags only? Or is it only based on PVID (Port Value ID)?

[sc302 Veteran]

Pvid. You planning on haphazardly plugging stuff into your switches?

[Unrealism2k]

Not exactly, but it is configured to have all PVID's set as a value of 1, then the "Voice VLAN" tagging feature tags the packets based on MAC address and makes them travel through VLAN10. So I guess all ports are VLAN1, with tagged packets for 10.

[sc302 Veteran]

So the 10 vlan is tagged and you are wondering why the phones can't get out? 10 needs to be untagged 1 needs to be tagged then untagged at the phone pc port.

 

 

 

*edit* I don't think that the way you are doing it would be a big deal for a basic setup (1 device to 1 port). But being that you are using your phones as switches (2 devices on different networks to 1 port) to the pc's, it is making it a pain to be able to make rules up that if mac address = x you belong on phone vlan else belong on pc vlan.