About Native Vlan

AnN · June 2, 2015, 4:11pm

Hi all,

I'm a newbie with Cambium. Today i setup new network topology with ePMP1000. Here is my topology

Sw Cisco-----(trunk vlan 10, 20, native vlan 1)----ePMP----------ePMP--------(trunk vlan 10,20, native vlan 1)---Sw Cisco

In Membership Vlan Table, i add vlan 10, and vlan 20 => two vlan can communicate to each other. But what happen with vlan 1? It's a native vlan in Cisco, so the packet from vlan 1 never be tagged.

How can i make the vlan 1 between 2 switch can communicate with each other?

Please help me, thank lots!

support_sameer · June 2, 2015, 4:42pm

Thanks for the query. As per the topology all the tagged vlans can communicate with each other so which ever traffic you wish vlan 1 to pass should be tagged. so you need create a tagged vlan and add it into the membership vlan becuase unfortunately epmp cannot send the untagged traffic. so vlan 1 packets are untagged and by default it is native.

support_sameer · June 2, 2015, 5:02pm

Hi Sakid,

if there a neccesarry traffic in vlan 1 that needs to be passed then you can allow the vlan 1 on the trunk port using the command

switchport trunk allowed vlan1

sytnax may vay depending on the switch model

AnN · June 2, 2015, 11:56pm

Hi sammer,

In Switch Cisco, i trunk allow vlan 1, and default vlan 1 is native vlan so the traffic from this vlan never be tagged. I don't want change native lan in this link, because i need this for BPDU Packet (STP).

With ePMP, Can it transports packet from native vlan? Or, the ePMP need vlan is defined in Membership Vlan Table to transport this?

chung · June 16, 2015, 8:44am

I have same problem. When change management vlan to VLAN 400 and add some other data vlan in membership VLAN that all VLAN are forwarded. but VLAN 1 aren't. How to solve it?

Cambium_Sri · June 16, 2015, 1:16pm

@AnN wrote:

Hi sammer,

In Switch Cisco, i trunk allow vlan 1, and default vlan 1 is native vlan so the traffic from this vlan never be tagged. I don't want change native lan in this link, because i need this for BPDU Packet (STP).

With ePMP, Can it transports packet from native vlan? Or, the ePMP need vlan is defined in Membership Vlan Table to transport this?

Hi,

ePMP does not recognize VLAN 1 as native VLAN. So if you are using Memebership VLANs, VLAN 1 has to be specifically configured for it to pass the traffic. Remember, once you define Membership VLANs, the SM will allow ONLY packets tagged with the Membership VLANs defined. So if your router uses VLAN 1 as native VLAN and does NOT tag the packets with VLAN ID 1, i.e it sends them as UNtagged packets, the SM will drop the packets.

Thanks,

Sriram

chung · June 17, 2015, 9:03am

Hi,

I read on usgerguide version 2.4.2

"Data VLAN
Enabled: A VLAN tag will be added to all untagged traffic entering the SM’s LAN port before sending it to the AP and remove tags in the opposite direction from traffic (tagged with Data VLAN ID) entering on the SM’s WAN port before sending to the SM’s LAN port."

uberdome · September 5, 2015, 7:35am

@Cambium_Sri wrote:
... if you are using Memebership VLANs, VLAN 1 has to be specifically configured for it to pass the traffic. Remember, once you define Membership VLANs, the SM will allow ONLY packets tagged with the Membership VLANs defined. ...

If no membership VLANs are defined, is all VLAN traffic dropped?

uberdome · October 16, 2015, 4:54am

@uberdome wrote:
@Cambium_Sri wrote:
... if you are using Memebership VLANs, VLAN 1 has to be specifically configured for it to pass the traffic. Remember, once you define Membership VLANs, the SM will allow ONLY packets tagged with the Membership VLANs defined. ...

If no membership VLANs are defined, is all VLAN traffic dropped?

I did some testing to answer this question. If no membership VLANs are defined, it appears all traffic is passed (including VLAN traffic and untagged traffic). However, if any VLANs are defined, then untagged traffic will not pass.

Later, I found this useful reference:

http://community.cambiumnetworks.com/t5/ePMP-Networking/ePMP-VLAN-Traffic-Pass-through-Example-Scenarios/td-p/42043

I'd still like to see VLAN1 associated (or able to be associated) with untagged traffic as some other vendors do. Otherwise, perhaps "VLAN0" could represent untagged traffic, so it could be added to the Membership VLANs.

For now, I'm just excited that tagged and untagged packets are actually passed when no VLANs are defined. I've been defining VLANs in the ePMP hardware all along and have remained frustrated that I could not get untagged traffic to pass. Now I'll be re-configuring some hardware tomorrow to allow for untagged traffic.

-Chris

Anansy · August 10, 2020, 11:09am

Up!

I have a task like yours.

My customer gets Internet traffic untagged on ePMP130 transparent bridge, connected to customized Linux PC router/firewall/NAT/DNS/etc with two ethernet network interfaces, WAN & LAN, both 100Mbit/s connected to simple SOHO 1Gbit/s switch.

Now they are upgrading old Windows office server with new virtualizing one (Proxmox VE) and want to get router virtualized too.

But new server hardware has neither spare ethernet adapters nor slots to expand, so they can't connect Internet (WAN) to ePMP130 and Gigabit office LAN simultaneously. Using only ePMP130 configured as NAT router is not the case due to custom firewall settings.

So I think to use VLAN for Internet WAN traffic tagged injecting it from ePMP ethernet to office switch and untag it on virtualized WAN interface of LXC Linux router, then to LAN as usual from virtual bridge connected to the same hardware ethernet adapter.

How should I configure ePMP130 to map untagged wireless traffic to tagged (f.e. VLAN ID 433) wired?

I trying to Membership 1 and 433 VLANs and map SVLAN1<->CVLAN433 without success, guessing ePMP does not accept untagged WAN as native VLAN ID 1.

What is the right solution?