I have a dumb switch (QNAP QSW-2104-2T ) with a ubiquiti AP (3 SSID with different VLANS) and a digital PA system plugged into it . The AP can handle VLANS but the PA can’t. The QNAP switch (no VLAN setup but passes on VLAN tags) connects, over distance, to a CISCO switch. I want the AP VLANS preserved and the PA to be assigned to VLAN 50. What settings on the Cisco switch (Access/Trunk, native VLAN, default VLAN, etc) would I need to achieve this?
Due to unique pricing and feature set I cannot swap out the QNAP switch.
Unmanaged switches can not pass VLAN tags. You need a layer 2 switch for this functionality.
For your Cisco switch configuration you would set a switchport trunk port to your AP. The native VLAN for your trunk will always be vlan1 but you need it to be on a different VLAN then you can assign the native VLAN to whatever you like. Then a switchport access vlan50 for your PA.
The QNAP switch that I have does pass on VLANS and some people have accessed an API in the firmware to configure VLANS on various ports (GitHub - danieltwagner/qsw-2104-2s).
So assuming that it does pass on VLANS and I am connecting it with one cable to the Cisco switch, from your reply I take it that I set the Cisco port to trunk, with the VLANS of the AP included (I get that bit). Then I change the native VLAN to 50 (to auto apply that to the PA packets)? But how can I “…switchport access vlan50 for your PA” on a port that has been cinfigured as a trunk?
Not sure if I understand fully what you are asking for, but if you want to pass several vlans and have a native vlan other than 1 on a Cisco port you need these commands:
I have two devices connected to a dumb VLAN aware switch which then goes into a single Cisco switch port. The two devices are an access point (AP) and a digital audio device (DAV). The AP uses VLANS 20 and 30 so I set the cisco port as trunk for those two VLANs . Its the DAV that is not VLAN aware and defaults to VLAN 1. It receives a constant stream of audio broadcast packets, clogging up VLAN 1 and posing security risks. I want the DAV to operate on VLAN 50. What setting do I make to the Cisco port so that VLANS 20 and 30 are maintained and the dumb DAV gets channelled to VLAN 50?
Your dumb switch forwards vlan labels, but is not able to tag anything
Your access points are tagget vlan 20/30
Your DAV does not tag any vlan.
There are no other untagget traffic coming through this port.
If all this true, then you can make the port trunked with allowed vlan 20,30, 50 and make vlan 50 native port, pretty much as indicated the commands above, except for adjusting allowed vlans.
This will make sure that all untagged traffic will get the tag vlan 50, and what is tagget vlan 20 and 30 will pass as is.
Personally, I’d look into getting a cheap managed switch to make sure all tags work correctly, but the above should work as a temporary fix if nothing else.
Thanks 2z8xv2ry. As an aside, are native VLANs on a Cisco switch the same as a PVID on a Netgear?
Also I understand that networking gear communicates between various hardware devices irrespective of any packets that the users applications or settings impose on the network. I assume that these ‘unseen’ packets will also be channelled to VLAN1 and will this be detrimental to the comms between devices?
I would like to use a cheap unmanaged switch however I have six, of the setup described above, daisy chained in a row over 500 meters at a sports ground. A cheap managed switch would see six APs and Six DAVs communicating over a 1 Gbps backbone. Alternatively, six 10GBps switches would blow the budget as they are still quite expensive here. The cheaper Chinese ones while OK for domestic use would be no good for this application. The unmanaged QNAPs only cost AUD$220 and have 2 x 10Gbps ports for the back bone (in and out) and 4 x 2.4Gbps for the APs/DAVs. Good price, ideal port config, just a pity they’re not managed but looks like we can get around that.
Networking gear communicates between each other yes, but there are settings which may block communication. E.g. improperly configured vlans.
You can imagine that every vlan functions like a separate switch. The vlan-enabled switch will only forward frames to the ports that are in the same vlan. Hence, it will not forward frames to another switch which is on a port that doesn’t have the correct vlan for the frame in question, even though the destination mac/ip would happen to be on that switch.
In this case the frame will just be dropped.
If the case is such that your unmanaged switch does pass on the frames, I would set a native vlan on the incoming port, and make sure that it also allows for the incoming frames with the other vlan tags and it should work.
That is, all frames with approved vlan will be accepted and forwarded as is, whereas the untagget ones will be given the native vlan tag.
That said, if the switch receives a frame with a tag that is not accepted on the switch (not trunked), it will drop it.
Just a thought though, if you have several switches daisy chained, then I doubt you will get any benefit from a 10bit uplink as the last switch only will receive max 1gbps anyhow.
If 1gbit isn’t sufficient you are probably better off looking at options for laying fiber cables to each point and with a 10gbit aggregation switch. Depending on how many connection points you need next to each other there are reasonable 10gbit SFP+ switches (eg. MikroTik), but now we (I) are getting way out of topic
However now I (and Unifi controller) cant see the UniFi AP.
I added VLAN 1 to the list to make sure that I can configure the AP on the administration VLAN (1). If, as in my situation, the AP is providing user vlans such as 20 and 30 as setup for the different SSID’s , but I haven’t explicitly set a VLAN for the AP itself, will it be assigned VLAN 50 by the switches setting of native VLAN 50 instead of staying on VLAN1?
On a network, with various network hardware passing a range of VLANS, is it necessary to include VLAN 1 on trunked port and other places so that you can administer/maintain that hardware or is it just implied and VLAN1 will be passed on anyway?
