Welcome to TP-LINK Tech Support Forum
+ Reply to Thread
Results 1 to 6 of 6
  1. #1

    Switch T1700-G28TQ Rev2 weird behaviour with vlan acting as a hub.

    Model : T1700G-28TQ

    Hardware Version :

    Firmware Version :

    ISP : [/COLOR]

    Hello,

    Firmware Version 2.0.1 Build 20170608 Rel.61525(s)

    When I set up a small VLAN on my switch it behaves like a hub : All packet are sent to all ports (all ports highlightening and tcpdump on the linux gateway show LAN traffic getting in from 2 PC)
    I have search for days (even trying taging source PC) but no help ... always acting as a hub with VLAN

    I remove VLAN -> all is OK....

    Is it a hardware problem ... or I missed some things ?

    Thanks in advance for your help

    Port 1 -> Linux gateway
    Port 2 -> PC-Samuel
    Port 13 -> PC-Salon

    (all from same subnet)

    Samuel

    Name:  Capture1.PNG
Views: 0
Size:  11.4 KB
    Name:  Capture2.PNG
Views: 0
Size:  16.9 KB

  2. #2
    Gateway-> PC-Samuel, the data transmit in VLAN1. PC-Samuel->gateway, the data transmit in VLAN102.
    The VLAN1 hasn't the MAC of PC-Samuel, so the data forwarded to PC-Samuel will broadcast. The VLAN2 also hasn't the MAC of gateway , so the data forwarded to gateway will broadcast.
    Are you confused about this?

  3. #3
    Thanks a lot for your answer.

    I'm totally new to vlan. I know it filters broadcast between vlan and with different vlan subnet all trafic goes to the router. That's why I made all vlan in the same subnet and I thought broadcast would be allowed for shared ports in the same vlan .... even if this port is part of another tagged port base vlan.

    In my case, with a switch in untagged port base Vlan, I thought that the switch could manage this ... beacause he knows all the end-point MAC clients.

    In my case, when I make big file upload to the server (1 Gb/s), the 100 Mb notebook can't even get a DNS answer because his link is flooded.

    For me it is useless to secure the Lan with Vlan if it floods my computers ... if there is no way to bypass this broadcast event.

    Thanks a lot again.

  4. #4
    Members R1D2 is on a distinguished road
    Join Date
    Dec 2015
    Posts
    1,635
    Quote Originally Posted by Compte-Samy View Post
    I'm totally new to vlan. I know it filters broadcast between vlan and with different vlan subnet all trafic goes to the router. That's why I made all vlan in the same subnet and I thought broadcast would be allowed for shared ports in the same vlan .... even if this port is part of another tagged port base vlan.
    VLANs are a way to separate broadcast domains, not to share them between systems. If you have the same subnet spanning different VLANs, you don't need VLANs at all.

    In my case, when I make big file upload to the server (1 Gb/s), the 100 Mb notebook can't even get a DNS answer because his link is flooded.

    For me it is useless to secure the Lan with Vlan if it floods my computers ... if there is no way to bypass this broadcast event.
    If the upload is through the router, it will slow down traffic from the notebook to the router anyway, even if you would connect the devices to the router directly.

    In no way VLANs "flood computers" if set up correctly (ports 1, 2 and 13 in your setup are trunk ports, 1 and 2 even members of all VLANs, no wonder your PC gets flooded).

  5. #5
    Yes I certainly misanderstand what can be do with vlan because :

    - In all how-to I have readen there were nothing about IP/Subnet for making vlans
    - In all how-to I have readen there were trafic shared between different vlan and a same server

    That's why I though could be 'arranged' in a port-base vlan.

    Thanks.

  6. #6
    Members R1D2 is on a distinguished road
    Join Date
    Dec 2015
    Posts
    1,635
    You read the wrong how-to's.

    Imagine VLANs as separate networks: two (or N) routers connected to two (or N) switches connected to devices. Design the topology and select unique network IP ranges for each network.

    Then, if your router supports VLANs you terminate VLANs at the router. If it does not support VLANs, terminate VLANs at the switch and use different access ports to connect the switch to the router. If you design it this way, VLANs are easy to set up. Just see them as "different networks using the same (one) physical cable" between switches or between switches and routers.


 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Copyright 1996-2018 TP-LINK Technologies Co., Ltd. All rights reserved.