Results 1 to 4 of 4
  1. #1
    Newbie
    Join Date
    Sep 2020
    Posts
    10

    Default switch trunk port to untangle

    Hi

    I have 2 managed switches and each switch has 2 vlans

    vlan 1 default vlan
    vlan 200 IOT vlan

    and I am trying to connect both switch to the untangle router (5 physical ports, wan is port 1, internal is port 2)

    the first switch is fine, on untangle router I set the internal interface to be addressed with vlan 1 IP (192.168.1.1) and then add a tagged vlan interface called IOT which is addressed with vlan 200 IP (172.16.200.1) and set parent interface to be the internal, then connect my switch to the untangle router's internal port, and everything works.

    the problem is I am not sure how I can connect my second switch to the untangle router, as if I set the port 3 to bridged to internal port, it will only pass the traffic for the default vlan 1, not vlan200. if I set port to be addressed, then I can't save the config, as the address conflicted. my 2 switch has the same vlan1 and vlan200, and it share the same gateway, is there anyway I can just set the port3 as an addressed port but without address and only carry the tagged vlan traffic to the internal interface and the IOT vlan interface? thanks

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,163

    Default

    The physical interfaces on Untangle handle untagged traffic, so as you discovered if you bridge a physical NIC to another one, you get that untagged VLAN flowing.

    What you've missed is that you must terminate the VLANs on each interface. SO... you need to make a child interface on the 2nd NIC, set it to the appropriate tag, and then bridge that child interface to the other child that's handling that same VLAN.

    Clear as mud?
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Newbie
    Join Date
    Sep 2020
    Posts
    10

    Default

    Thanks Rob, yep that works, need to create another vlan and attach to the physical interface, and the physical interface need to bridged with the internal interface for the untagged traffic. basically it's like router on a stick, but untangle's vlan setup seems a bit confuse to me

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,163

    Default

    That's because you're used to smarter systems.

    The Untangle is Linux, and the Linux kernel is very stupid when it comes to VLANs.

    You have a physical interface, and this only sees untagged traffic

    Then you have a child interface, and it is what sees the tagged traffic. You have one of these for each VLAN tag you want to process on any given physical interface.

    As far as the OS is concerned, each of these are independent network interfaces!

    So when you start trying to bridge things stuff gets weird, because now you need to terminate each VLAN on an virtual interface, that's attached to each physical interface. Once that's done, then those interfaces are configured to interact with each other... be that via static address assignment (router mode), or bridging... or even disabled (drop all frames from this tag).

    Linux's way of doing things is a ton more flexible than anything else you've ever used... but it can be a bit of a brain bender if you're trying to understand it all at once. So just map out which frames are on what interface, make the VLAN interfaces to match that, then configure those new interfaces to work the way you need to.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2