Switch to Linear ModeSwitch to Hybrid ModeSwitch to Threaded Mode
Printer Friendly View | Email this page | Register Now to start posting!
atsl88 Registered User


Join Date: Nov 2005
Location: Singapore
Posts: 22
Trade rep: 0 (0%)
Infractions: 0/0 (0)
atsl88 Nov 2nd, 10, 10:14 PM #16

I tried disabling IPv6 as well as adding the registry key. I actually did that for the physical adapter earlier on, but now that you mentioned it, I added for the virtual VLAN adapter as well. However, I still cannot get it to work.

Just like to check, is there a way to check if it is possible to check if the VLAN is working?

Anyway, thanks for your prompt response.
sg.png
Dreamslacker
Dreamslacker's Avatar
Bipolar Narcissistic


Join Date: Jul 2005
Location: In an idle mind
Posts: 7,655
Trade rep: 6 (100%)
Infractions: 0/0 (0)
Dreamslacker Nov 2nd, 10, 10:30 PM #17
Last resort, try VLAN ID 241.

If you really want to check if it's working, you either need to port mirror or use a hub and sniff.
An Idle Mind Walks in Dark Places
sg.png
atsl88 Registered User


Join Date: Nov 2005
Location: Singapore
Posts: 22
Trade rep: 0 (0%)
Infractions: 0/0 (0)
atsl88 Nov 3rd, 10, 12:22 AM #18
Just to give an update, change VLAN to 241 did not work.

Just don't know why StarHub wants to restrict router use, other that of VoIP.
sg.png
Dreamslacker
Dreamslacker's Avatar
Bipolar Narcissistic


Join Date: Jul 2005
Location: In an idle mind
Posts: 7,655
Trade rep: 6 (100%)
Infractions: 0/0 (0)
Dreamslacker Nov 3rd, 10, 01:16 AM #19
Hrmm.. Try 4095.
An Idle Mind Walks in Dark Places
sg.png
atsl88 Registered User


Join Date: Nov 2005
Location: Singapore
Posts: 22
Trade rep: 0 (0%)
Infractions: 0/0 (0)
atsl88 Nov 3rd, 10, 07:53 AM #20
My adapter only allows VLAN ID of up to 4094.
sg.png
Dreamslacker
Dreamslacker's Avatar
Bipolar Narcissistic


Join Date: Jul 2005
Location: In an idle mind
Posts: 7,655
Trade rep: 6 (100%)
Infractions: 0/0 (0)
Dreamslacker Nov 3rd, 10, 03:15 PM #21
Hrmm.. My mistake... Can you telnet into the ONT whilst downloading? Might be able to extract more information with dataflows being logged in the tables.
An Idle Mind Walks in Dark Places
sg.png
p|sangp|sang
p|sangp|sang's Avatar
U mean Questionable Crap?


Join Date: Dec 2004
Location: MBR:Sector:63, ADDR:01388b3b
Posts: 44,522
Trade rep: 27 (100%)
Infractions: 0/0 (0)
p|sangp|sang Nov 3rd, 10, 10:50 PM #22
i think best way is to do packet capture between the ont and the rg and analyze the vlan tagging
sg.png
atsl88 Registered User


Join Date: Nov 2005
Location: Singapore
Posts: 22
Trade rep: 0 (0%)
Infractions: 0/0 (0)
atsl88 Nov 4th, 10, 11:16 PM #23
I tried but is unable to access the ONT via telnet (Only can telnet when physically connected to Port 1).

Anyway, can a switch work for sniffing? Also, not very sure how to capture VLAN information using WireShark. If switch can will try and find one. Else a hub will be difficult nowadays.
sg.png
Dreamslacker
Dreamslacker's Avatar
Bipolar Narcissistic


Join Date: Jul 2005
Location: In an idle mind
Posts: 7,655
Trade rep: 6 (100%)
Infractions: 0/0 (0)
Dreamslacker Nov 5th, 10, 01:38 AM #24
One more thing to try, might be a difference in drivers for the different architecture for the Marvell chips.

Instead of *priorityvlantag, can you try adding the dword "SkDisableVlanStrip" with a value of '1' instead and try again?


You will need a managed/ smart switch that allows port mirroring to sniff the information. It's much cheaper to get a 2nd hand hub from the backlane stores.

As for wireshark, it's very obvious when a packet is captured with a vlan tag on it:
An Idle Mind Walks in Dark Places
sg.png
Last edited by Dreamslacker; Nov 5th, 10 at 01:43 AM..
atsl88 Registered User


Join Date: Nov 2005
Location: Singapore
Posts: 22
Trade rep: 0 (0%)
Infractions: 0/0 (0)
atsl88 Nov 5th, 10, 11:42 AM #25
About the VLAN part, I think I still don't quite understand how VLAN works.

Though not related, maybe this can help for someone to explain the workings of a VLAN. Found this on HWZ

Code:
Port 1 Trunk, to ONT, VLAN 10,20,30,40 all tagged
Port 2 VLAN 10, to own router WAN, untagged
Port 3 Trunk, to 2Wire WAN, VLAN 20,30,40 all tagged
default vlan 1 disabled for above ports
rest of ports on vlan 1 untagged for extending own router's LAN ports
Someone did this for a managed switch for SNBB Fibre.

My first question is what is the difference between tagged and untagged?

Second question is based on the description above, does a port have VLAN setting for incoming and outgoing (eg. like Port 2, incoming is tagged to VLAN 2 and outgoing is not tagged)?

My third question is how does a normal device without VLAN capability co-exist in a VLAN network (Does it mean that untagged means free for all non-VLAN device)?

My fourth question is my configuring the rest of his ports on VLAN 1 will allow the ports to function like a cascaded switch to that of his router?

Thanks once again for the effort!

*Anyway, adding the registry key does not work as well. Worst case is for me to look at some managed switch.
sg.png
Last edited by atsl88; Nov 5th, 10 at 11:45 AM..
Qubicfactor Registered User


Join Date: Dec 2008
Posts: 15
Trade rep: 0 (0%)
Infractions: 0/0 (0)
Qubicfactor Nov 9th, 10, 10:54 AM #26
Quote:
Originally Posted by atsl88 View Post
About the VLAN part, I think I still don't quite understand how VLAN works.

Though not related, maybe this can help for someone to explain the workings of a VLAN. Found this on HWZ

Code:
Port 1 Trunk, to ONT, VLAN 10,20,30,40 all tagged
Port 2 VLAN 10, to own router WAN, untagged
Port 3 Trunk, to 2Wire WAN, VLAN 20,30,40 all tagged
default vlan 1 disabled for above ports
rest of ports on vlan 1 untagged for extending own router's LAN ports
Someone did this for a managed switch for SNBB Fibre.

My first question is what is the difference between tagged and untagged?

Second question is based on the description above, does a port have VLAN setting for incoming and outgoing (eg. like Port 2, incoming is tagged to VLAN 2 and outgoing is not tagged)?

My third question is how does a normal device without VLAN capability co-exist in a VLAN network (Does it mean that untagged means free for all non-VLAN device)?

My fourth question is my configuring the rest of his ports on VLAN 1 will allow the ports to function like a cascaded switch to that of his router?

Thanks once again for the effort!

*Anyway, adding the registry key does not work as well. Worst case is for me to look at some managed switch.
Talking about me bro?

1)Tagged simply means the ethernet frame has a vlan id attached to it. untagged means no vlan id attached to it. Devices which do not support vlan need to have the frame untagged else it will just drop it. In the case of Singnet, we need to use the switch to untag vlan 10 (internet) so your router can understand it.

2)For each port, you can set it as tagged or untagged. A port can have more than one vlan id assigned to it. There is no option for inbound and outbound on a specific port. Think of it this way - all ports on the switch are physically linked together. vlan tagging is a way for the switch to virtually segregate the traffic between the ports. Ports that are not on the same vlan will not have any data passing between each other. Remember that a vlan is a virtual network, and you will need a router to be able to communicate between vlans, which in the Singnet example, there is no need to anyway.

3)Yes, you need to set a port as untagged for that device.

4)Actually you can set just about any vlan id that is not in use, just make sure that all are untagged if you intend it to behave like a dumb switch. I got lazy and used the default vlan id of 1.

PS: In case you are wondering, it is not allowed to have multiple untagged vlans on a port. Newer switches may somehow allow you to set this due to 802.1V but that is a whole different and unrelated story altogether.
sg.png
Last edited by Qubicfactor; Nov 9th, 10 at 05:07 PM..
Dreamslacker
Dreamslacker's Avatar
Bipolar Narcissistic


Join Date: Jul 2005
Location: In an idle mind
Posts: 7,655
Trade rep: 6 (100%)
Infractions: 0/0 (0)
Dreamslacker Nov 9th, 10, 05:06 PM #27
The short of it is:

A Port that is configured Tagged will tag the packets going in and out of that port (out the cable connected) with the appropriate VLAN ID.
A port that is configured Untagged will tag the packets going IN ONLY.
Tagged packets from other sources on the same vlan going out that port will have the VLAN tag stripped. This is usually meant to allow compatibility to devices that are not VLAN capable.

So let's look at the example:

Port 1 is a member of VLAN 10, 20, 30, 40 and tagged on all the VLANs. This is what we call a Trunk. The ONT expects to see internet traffic on VLAN 10, TV, voice etc on the others.
Since there is only 1 cable connecting it, the only way it knows what is internet or voice or TV is by looking at the VLAN tag on the packet and sending it to the correct place from there. Accordingly, it sends tagged packets out the cable and the router (2Wire) they supplied knows what traffic goes where based on the tag.

Moving on to untagged:
Now, the 'new' router doesn't understand VLAN tagging. So on Port 2 (which is the only other port beside Port 1 that is a member of VLAN 10), untagged is selected.
This means that tagged packets from the ONT going to the router have the VLAN tags stripped. This means that you can use any router/ computer on that port since it only sees untagged packets coming out.
Now, any packets the device needs to send out to the ONT, needs to be tagged or the ONT won't know where to send it. Since port 2 is an untagged member of vlan 10, it follows that any packets originating from the router going to the ONT will automatically be tagged VLAN 10 within the switch and sent to the ONT from there.

You will note that:

Quote:
default vlan 1 disabled for above ports
rest of ports on vlan 1 untagged for extending own router's LAN ports
VLAN 1 is the default VLAN for the switch's engine/ admin interface. You don't want the switch to be accessing the ONT or your router's WAN. Hence, Ports 1 and 2 must be removed from this VLAN. i.e. They are separated from the switch's engine/ admin interface.

All other ports on the switch are used like a normal dumb switch. You'll note that they are all members of VLAN 1 but untagged. To devices connected there, they are just connected to a dumb switch. Which is the whole point of untagged ports.
To the switch, all of these devices are on VLAN 1 and allowed to talk to one another but the devices never see a VLAN because the switch takes the tag away before sending the packets out to them.

What is not mentioned and is implied, is that the router's LAN is connected to one of these untagged vlan 1 ports. It is important to know this because one would otherwise think that the switch is magically routing.
An Idle Mind Walks in Dark Places
sg.png
Dreamslacker
Dreamslacker's Avatar
Bipolar Narcissistic


Join Date: Jul 2005
Location: In an idle mind
Posts: 7,655
Trade rep: 6 (100%)
Infractions: 0/0 (0)
Dreamslacker Nov 19th, 10, 11:26 PM #28
Anyway, just an update, I've gotten a Routerboard RB250GS from Xconcepts (SLS 4th floor) for $65. It's a 5 port GBe managed switch which does support Vlans and mirroring (and other stuff like ACLs etc). Pretty good value for money.
You can look into that for sniffing and perhaps even using it to allow use of your own non-vlan capable routers.
An Idle Mind Walks in Dark Places
sg.png
p|sangp|sang
p|sangp|sang's Avatar
U mean Questionable Crap?


Join Date: Dec 2004
Location: MBR:Sector:63, ADDR:01388b3b
Posts: 44,522
Trade rep: 27 (100%)
Infractions: 0/0 (0)
p|sangp|sang Nov 19th, 10, 11:36 PM #29
yeah i came across shop too. neat mikrotik hw quite decent price, saw one routerboard with gigabit ports for 65bux or was it 85 but runs on a 250mhz proc, quite wasted
sg.png
Dreamslacker
Dreamslacker's Avatar
Bipolar Narcissistic


Join Date: Jul 2005
Location: In an idle mind
Posts: 7,655
Trade rep: 6 (100%)
Infractions: 0/0 (0)
Dreamslacker Nov 19th, 10, 11:47 PM #30
Get the RB-1000! heeheehee... Epic fast. I'd have gone for the Microtik if only they just had HFSC!
Now I'm confused.. Wondering if I should carry on with the Speedster (bought a 478 heatsink to chop up and use as passive) or use the RB250GS with a single NIC mini-itx with VLANs instead.
An Idle Mind Walks in Dark Places
sg.png
New Thread | ↑↓ Similar Threads
Similar Threads Thread Starter Forum Replies Last Post
ASGARD7 Networking Devices 5 Jun 14th, 10
08:40 PM
enegizer Networking Devices 4 Mar 12th, 10
02:17 PM
SaLvAtoOo Singapore Marketplace / Garage Sales 5 Aug 24th, 09
01:05 PM
Z_Dash Miscellaneous Garage Sales 11 Aug 5th, 08
01:40 AM
tocklim Notebooks/Netbooks Garage 1 Jul 1st, 08
09:53 PM
Thread Tools Display Modes
Linear Mode Linear Mode