Multi switch LAN, VLAN created at one end, do all switches need to be configured to pass the VLAN?

3

I have a network with daisy chained switches like this:

Draytek router -> Netgear 5 port smart switch -> Netgear 5 port smart switch -> Netgear 16 port smart switch.

I want to setup a VLAN on the 16 port smart switch to:

  • Enable all devices on that VLAN not to be able to speak to other devices on the network.

  • Allow the router to route devices on that vlan to another site via a VPN.

All of the switches are VLAN aware, but do I need to configure anything on the 5 port switches that sit inbetween the 16 port switch and the router or will they pass the tagged traffic by default?

sam

Posted 2018-02-10T22:01:29.540

Reputation: 3 411

1Does your router support VLAN tagging or have multiple LAN-facing interfaces? – I say Reinstate Monica – 2018-02-11T02:44:02.863

Answers

2

Short answer = yes you will have to configure them.

Each switch must know where to forward Ethernet frames. This is accomplished by setting up 802.1q trunks. A trunk can carry multiple vlans simultaneously. Each switch that's involved in VLAN switching needs to be setup with trunking on the ports facing other VLAN aware switches. You tag each vlan in the trunk. Additionally all switches involved need to be set to the same native vlan. (Usually vlan1 is default)

Note: that most client devices are not vlan aware, and do not need tagging at the port level. And the way you have this physically setup, most likely you are going to be "routing on a stick". Which means you will need a trunk going to your router, virtual interfaces configured in the router. And traffic rules at the layer-3 device.(router)

Tim_Stewart

Posted 2018-02-10T22:01:29.540

Reputation: 3 983

2

Note that the usage of "trunk" like this is mostly Cisco terminology. "Tagged port" is probably the more common non-Cisco term.

– Bob – 2018-02-11T02:56:46.947

Asked: 2018-02-10T22:01:29.540

Viewed: 198 times

Active: 2018-02-11T02:41:10.310