3com switch VLAN config 4200

[amfony]

ok so i have a simlpe simple situation here for testing and i want to create 2 vlans same switch, with a router on the back end of the swtich to cross inter valns.

I can create an UN tagged (non 802.1q) VLAN so simply its not funniy and get it to work, with out intervlan communication ofcourse. When i tagg the ports nothing works!! the ports cant ping the Switches config IP, they cant ping each other even if in the same VLAN.

Whats wrong? I cant find any help on the net about 3com VLANS really either.

Whast the GO ALSO what the hell is an aggregated link?? the same as a trunk in cisco speak?

Help me please!

[Billprozac]

Hey, I have a VLAN setup using 3com superstack 3 3300 switches here at work. I think some of the terminology may be similar.

First off, with the router, how many interfaces do you have?

Second, the use of VLANs is synonymous (sp?) with the use of subnets. What are the subnet for each VLAN?

Third, are we just dealing with the one switch, or are you trying to connect three (I responded in your last post)?

When I set up my VLAN, I had to trunk between two stacks of switches. Since you don't seem to be doing that here, all I would do is the following:

***Since you don't specify the specs of the switch, I am going to use an example that you can tailor***

Setup:

1x 24port switch

1x router with two ethernet interfaces; eth0 and eth1

2x clients; one on each VLAN

subnets:

VLAN1 192.168.0.1/24

VLAN2 10.10.10.1/24

Configuration on router:

eth0 - IP address 192.168.0.1/24

eth1 - IP address 10.10.10.1/24

*** If you only have on interface, you would have to use subinterfaces (cisco) ***

Configuration for Clients:

Computer 1 - IP address 192.168.0.10/24

Computer 2 - IP address 10.10.10.10/24

Configuratio on Switch:

Divide the 24ports into 2 sets of 12 for future expansion in each VLAN

Connect eth0 of router to port 1 and Computer 1 to port 2

Connect eth1 of router to port 13 and Computer 2 to port 14

***Web instructions are based on my 3300 switches and may be slightly different for your switches.***

In the web-management interface, go to the configuration screen

Click on VLAN. Create VLAN2 (VLAN1 is already there by default)

DO NOT ADD PORTS TO VLAN ON THIS SCREEN

Return to the main screen with piicture of switch.

Select each port 13-24 (one at a time) and change "Untagged VLAN" to VLAN2.

After doing this, 1-12 will be VLAN1 and 13-24 will be VLAN2 Since the router has an interface in each VLAN (and subnet), it will be able to route packets to and from each VLAN.

The sub interfaces gets a little tricky, but wil 3com switches, you can assign a port to multiple VLANs, so I suppose you just take one port, add it to both VLANs, configure the router's sub-interfaces to exist on each subnet, dot1q tag each sub-interface(eth0>enacpsulation dot1q 1 and eth1>encapsulation dot1q 2), and that is that...I think.

Let me know if this helps.

[amfony]

ultimatley bill it will be the diagram i had on the other post .... but i have problems with a single switch and vlans. Should i say, i can have an untagged (non 802.1q) vlan working on my switch but if i have it tagged then i cannot acheive connection. to both other vlans and to hosts on the SAME vlan.

Now perhaps my terminlolgy is incorrect.

Let me run it past you so i have the right idea, on a single switch VLAN (IE no multiple vlans travelling on the same wire to another deivce) we can have an untagged setup. There is no 'trunking' there is no other vlans traffic to get mixed up with?

When we are having mutliple vlans traverse a single wire IE to a router, then the VLANS must be tagged to enable devices to discriminate between VLAN 1, VLAN 10 and VLAN 20 for example. This if i am correct is 802.1q encapsulation?

Now i can get an untagged vlan working on my 4200 switch (by the way 4200 can only be configured by telnet for vlans there is no WEB interface for vlans specifically) but when i duplicate the exsact same scenario with 'tagged' ports i lose all connection to everything when pulled into the vlan ports. They cannot ping each other, or the switchs configuration IP.

I do have different subnets for each vlan.

If this isnt correct then just straignten me out please bill. Cheers Mate.

[Billprozac]

When I configured the trunk ports on my 3300 switches, the instructions said specifically to not tag the trunk ports. Instead, I created a trunk, added the ports to the trunk, and then added the trunk to the VLAN.

.....

Ok, I just read the manual for the 4200.

Lets say that port 1,2,3 are for hosts on VLAN1, ports 4,5,6 are VLAN2 and 7 is a trunk to switch 2 which is identical.

Enter the following from a telnet session:

bridge vlan create

Enter VLAN ID (2-4094)[2]: (either enter "2" or press eneter as that is the default)

Enter VLAN Name [VLAN 2]: (ENter a name or enter for "VLAN 2")

bridge vlan modify addPort

Select VLAN ID (1,5)[1]: 2

Select bridge port (1-26,AL1-AL4,all)[all]: 4-6 (I think you can combine. If not, do each port seperate)

Enter tag type (untagged,tagged): untagged

bridge vlan modify addPort

Select VLAN ID (1,5)[1]: 2

Select bridge port (1-26,AL1-AL4,all)[all]: 7

Enter tag type (untagged,tagged): tagged

This should have it working, if not, you may also need to tag the trunk for VLAN1:

bridge vlan modify addPort

Select VLAN ID (1,5)[1]: 1

Select bridge port (1-26,AL1-AL4,all)[all]: 7

Enter tag type (untagged,tagged): tagged

Repeat above on switch 2

Think of it this way, your untagged VLAN is great. If you wanted to connect two switches each habving a defines VLAN 1 and VLAN2, where VLAN1 and 2 where the same on both switches, you would simply connect the two switched using a crossover cable, assign the crossover port on both switches to be in both VLANS with dot1q tagging.

In its simplest form, this is no different than having two swicthes cascading and half of the endstations are on one subnet and the other are on a different subnet. The difference here, is that in addition to different subnets, we have them in different VLANs, so broadcasts will be reduced in addition to collisions.

Now, you previos diagram had three switches 1-main, 2 and 3 as stubs. To do this, configure all three switches with n=both VLANs. Configure switches 2 and 3 like above. On switch 1, you will have to add the ports that 2 and 3 uplink to as tagged memebers of both VLANs.

I guess the big thing to realize is that only trunk lines get tagged. all other ports get placed in a VLAN, but do not get tagged. So really, you are not changing what you did with your untagged VLAN setup, you are just adding to it by tagging one more port and connecting it to another identical switch.

Does this make sense?

[amfony]

Yep sure does - and it worked.

I had the mis-conception that the entire VLAN had to be tagged. But the answer was that the untagged vlan must have a tagged port in its memeber ship to allow trunking to another device.

Thank you for all ur help bill.

Keep on trucking - by the way whats that CWNA certification logo? Cisco wireless?

[Billprozac]

It is vendor independant, Certified Wireless Network Administrator. Actually a very easy exam.

Gald to hear that it worked. Sometime we tend to over complicate things. It took me a week to figure out that I had forgotten to tag one side of my trunk, so hosts on one side could talk to some host on the other, but not the reverse. Really screwy, but we live and learn.

[alesegalla]

Hi, Bill.

I have a 3Com 3300 with the following structure:

Server on Port 1

Client1 on Port 11

Client2 on Port 12

Client3 on Port 13

Client4 on Port 14

Client5 on Port 15

I need to connect Client1, Client2, Client3 and the Server in one VLAN and Client4, Client5 and the Server in another VLAN. The server should see every client, but clients on one VLAN should not see clients on other.

All clients and Server are PCs connected direct to the Stack via common ethernet cards.

Is it possible? How can I build this configuration?

Thanks for your help