I have configuration like this below :

PC 1 ----- L2 Switch — BH M ------ BH S ----- L2 Switch ---- PC2

I want to connect between L2 Switch, i configure port 11 each Switch as tag port, Everything okay. Both VLAN at bot switches can communicate each other, but i can’t browse BH web page again. Is that situation normal?
How if with that configuration but i can still access the configuration page?


I am still in the process of learning VLANs myself, but I think I may have an explanation. If you configured port 11 on both switches to be a tagged port, then each packet that is leaving (entering ?) those ports is being tagged with a certain VID. I believe this VID is added to the Link-Layer frame in the packet. The backhauls are transparent Layer-2 bridges, so they will simply forward these packets to the other ends of the link, but since they are not yet VLAN capable, they cannot process any packets that have been VLAN tagged destined for themselves.

So when you try to access the web based config of the modules, that packet is tagged with a VID, and the backhaul discards it because it is not capable of processing the packet.

Can any VLAN experts confirm/deny my attempt here.

That is correct. The BH’s are not 802.1q VLAN aware yet. Hopefully they will be soon.

For my managment purposes I keep the BH’s and AP’s on ID 1 and keep that VID untagged. This allows all customer traffic to pass with 802.1q tags but no tags on manamement packets, allowing the BH’s to read and respond to them.

I look forward to the day that Motorola enables VLAN tagging in the BH's.


Does the Ingress VID setting tag packets arriving at the Ethernet inbound, outbound, or both? My guess is outbound, or else anything on the LAN behind the SM would have to have VLAN aware NICs, etc. correct?

Ingress refers to anything coming into the port - in this case, the ethernet port of the SM. So, when a packet comes into the ethernet port of the SM and it does not have an 802.1q tag (ie. from a regular NIC) then the SM adds the tag itself. If the packet already has a tag then the SM passes it unaltered (other than the source address if NAT is turned on and assuming that VID is in it’s member list).