possable VLAN bug

DOWNLOAD THE LATEST FIRMWARE HERE
User avatar
highlands
Member
 
Posts: 52
Joined: Fri Oct 09, 2015 1:01 pm
Has thanked: 4 times
Been thanked: 2 times

possable VLAN bug

Fri Oct 23, 2015 5:51 pm

WS-12-DC FW=1.3.3 HW=D

Inside interface 1 the VLANs that are in the allowed VLANs are 3001,3002,4000,4001

However in the MAC table of the device that is out interface 1 shows all the above and 303,2002,3005

In my understanding if the only VALNs that in the allowed table are 3001,3002,4000,4001 then why is that device out interface 1 seeing ALL VLANs in that switch.

I tried to 'toggle' the choices of;
U - Untagged, Q - QinQ, T - Tagged, E - Excluded
to E for Excluded the VLANs I don't want going to that port but the choice of E is not one of them.


John

VLAN.jpg
VLAN.jpg (79.59 KiB) Viewed 3896 times

User avatar
highlands
Member
 
Posts: 52
Joined: Fri Oct 09, 2015 1:01 pm
Has thanked: 4 times
Been thanked: 2 times

Re: possable VLAN bug

Fri Oct 23, 2015 7:18 pm

I think I now understand. Netonix does not use a implicit allow list like we do with our Cisco gear. (see below)

switchport trunk allowed vlan 201,302-305,355,2002,3001,3002,3005,4001

You seem to have the implicit allow list up in the trunk port, however it appears after watching your video again, it is not used. Or at least if we do put ONLY the VLANs we want in the list, it does not matter, the Netonix still only follows the info in the cross matrix.

So for now, we will not use the "trunk Port" up top as it appears it has no use.

John

User avatar
sirhc
Employee
Employee
 
Posts: 7416
Joined: Tue Apr 08, 2014 3:48 pm
Location: Lancaster, PA
Has thanked: 1608 times
Been thanked: 1325 times

Re: possable VLAN bug

Sat Oct 24, 2015 10:46 am

Remember for the Trunk Port / VLAN List to work the user must apply it to both ingress and egress ports.

If you just apply Trunking/List only on the ingress port the switch will have no destination for the packets from the VLANs in the Access List to egress so they are dropped.

I asked Eric to verify the List works today, right now he is working on the false fan failures.

We have v1.3.5 coming out this weekend hopefully which has a lot of fixes and enhancements
Support is handled on the Forums not in Emails and PMs.
Before you ask a question use the Search function to see it has been answered before.
To do an Advanced Search click the magnifying glass in the Search Box.
To upload pictures click the Upload attachment link below the BLUE SUBMIT BUTTON.

User avatar
Eric Stern
Employee
Employee
 
Posts: 532
Joined: Wed Apr 09, 2014 9:41 pm
Location: Toronto, Ontario
Has thanked: 0 time
Been thanked: 130 times

Re: possable VLAN bug

Sat Oct 24, 2015 3:02 pm

It uses the Allowed VLANs list in addition to the matrix. Since you have a "T" on Port 1 of VLAN 303 it will be allowed on port 1.

The UI in 1.3.3 does not allow you to change the T to an E even if the VLAN is not include in the Allowed VLANs list. This will be fixed in 1.3.5. Then you can change the T to an E for Port 1 of VLAN 303 and it will work as you desire.

Return to Hardware and software issues

Who is online

Users browsing this forum: No registered users and 64 guests