Maintenance IP Access to SM when using VLANs but not rgstr'd

O.K.- this is a weird one-

When VLANS are not set on the SM & it isn’t registered to an AP we can access the SM web interface locally without problem.

When the VLANs are set on the SM (& allowing both Tagged Packet Ingress & SM Management VID pass-through) we can reach (via use of a PC running Ubuntu with VLANs configured) the SM interface without problem (also the AP, but that’s a problem for another day).

When the VLANS are set on the SM and the SM [u:2m3r3nxo]is not[/u:2m3r3nxo] registered on an AP, we [u:2m3r3nxo]can not[/u:2m3r3nxo] reach the SM’s interface :(. We would really like to be able to do this for trouble calls as some of our installations are a PITA to get to with the re-set plug.

We are running s/w version 9.0.

Can anyone explain why we lose the ability to access locally when unregistered with VLANs enabled but not when they are disabled? Any fix for this?

Thanks,

H.

Most laptops or PC’s do not have the NIC Cards for 802.1q or VLAN tagging.

Two fixes:

Get a NIC Card that is 802.1q capable for your laptop.
Carry a cheap Layer 2 switch that is VLAN enabled and use it between the laptop and the SM.

Good Luck,

Reay

rculp wrote:
Most laptops or PC's do not have the NIC Cards for 802.1q or VLAN tagging.

Two fixes:

Get a NIC Card that is 802.1q capable for your laptop.
Carry a cheap Layer 2 switch that is VLAN enabled and use it between the laptop and the SM.

Good Luck,

Reay


Actually the 802.1q part is working fine, we can set the maintenance VLAN on the laptop & talk to the SM just fine, but *only* when it's registered with the AP, when the AP isn't registered, i.e. the antenna fell off the house, we can't talk to the SM. If the vlan isn't set on the SM, we *can* talk to the SM when it isn't registered.

H.

Is the maintenance VLAN you referenced the same as the Management VID set up in the SM’s?
Is your subnet mask allowing for more than 1 IP in the VLAN range?

We set ours up so that each customer has their own VLAN w/ a .248 mask.
Example:
VLAN 8 would be set up as 10.32.141.2-5, as a customer range. We only give the customer the 10.32.141.5 for static settings.
Gtw would be 10.32.141.1.
Mask would be 255.255.255.248
SM hard IP would be 10.32.141.6

We can put our laptop at an address in the customer range, 10.32.141.3, and we can connect direct to the SM.
IT never has mattered that the SM is registered or not.
The SM’s addresses are static, correct?
Do you have dynamic learning enabled?

Right or not, we found that Untagged Ingress VID and Management VID in all SM’s need to be the same VLAN.

Reay

rculp wrote:
Is the maintenance VLAN you referenced the same as the Management VID set up in the SM's?


Yes, VLAN settings on the SM & PC are the same.

Is your subnet mask allowing for more than 1 IP in the VLAN range?


Yes, it is.

We set ours up so that each customer has their own VLAN w/ a .248 mask.
Example:
VLAN 8 would be set up as 10.32.141.2-5, as a customer range. We only give the customer the 10.32.141.5 for static settings.
Gtw would be 10.32.141.1.
Mask would be 255.255.255.248
SM hard IP would be 10.32.141.6


We can't do that, we're looking at 10,000 + subs by the time this is finished not to mention 600 sumthing APs + CMMs + backhauls + switches to manage. We're usng a number of different VLANs for traffic segregation (both for management and for subscriber traffic) to prevent broadcast storms- this is a condition forced on us by another department within the company that has ownership of the transmission facilities. However giving each sub their own VLAN would be a logistical nightmare for the installers.

We can put our laptop at an address in the customer range, 10.32.141.3, and we can connect direct to the SM.
IT never has mattered that the SM is registered or not.
The SM's addresses are static, correct?
Do you have dynamic learning enabled?


We can connect to the SM too. As long as it isn't registerd. :(
IPs are, for test purposes, static.
Dynamic learning is enabled on the SMs(for no apparently good reason as we manually enter the VLANs into the tables anyhow), disabled on the APs as we have found that leaving it on causes the APs to not pass traffic.

Right or not, we found that Untagged Ingress VID and Management VID in all SM's need to be the same VLAN.

Reay


Not our experience, we run separate vlans for the sub (untagged ingress) and the management, difference could be that the management IP range is private (10. whatever) & the subs get a public IP.

H.

Looks like you got all your bases covered. Good luck and let us know what you find out.

Reay