Here is what I setup under vlans
I tried to setup port 1 and 2 on vlan20 as untagged (assuming here that untagging them on that vlan means I dont have to configure at the OS level to tag the traffic.)
Obviously the two systems plugged into ports 1/2 cannot talk.
But the stuff on vlan1 that are marked at untagged can still all talk…
from reading this… what i have should work…??
That looks like it should work, have you tried rebooting the switch?
I did… and that didnt work.
I found this… and looks like I have to set the pvid on each port if I change the vlan to another number.
https://kb.netgear.com/11673/How-do-I-setup-a-VLAN-trunk-link-between-two-NETGEAR-switches
Makes sense, every switch seems to have a different method of doing the same thing.
Curious, what’s VLAN 20 going to be used for?
What are you trying to achieve?
Correct
They should be able to talk to each other unless ports are set to private/isolated, not vlan? I’m not sure what you mean by cannot talk? I’d also suggest not using 1/2 notation to say port 1 and 2 as it often means sw 1 in stack and port 2 on that switch.
It’s supposed to be able to talk within the same VLAN or do you mean that it talks to VLAN 20?
My experience with netgear swtiches is horrible, wasn’t able to delete settings without reset and stuff.
I’m not saying this switch has that function but L2 isolation is pretty useful in scenarios where you only want the connected device to communicate with the router, like guest networks.
subnet 172.20.0.0/16
The words “untagged” and “tagged” cause a lot of confusion.
To untag a vlan on a port essential sets that vlan as the default. Every port has one and only one untagged assignment. Out of the box, every port is untagged vlan 1.
To tag a vlan on a port allows traffic on the vlan to pass through without being assigned the untagged vlan. Think of it as a whitelist. So you do this on connections between switches, routers or hypervisors where vlans have already been assigned to the traffic and multiple vlans are on a single port. “Trunk” ports are usually tagged with all vlans. Out of the box, no vlans are tagged on a port.
To exclude a vlan on a port means that any traffic attempting to use that vlan on that port will be reassigned to the untagged vlan. Out of the box, all vlans except vlan1 are excluded on a port.
Each port on a switch is either untagged, tagged or excluded for each vlan.
In your case, if ports 1 and 2 are untagged vlan20 and no other vlans are tagged on those ports, anything you plug into 1 and 2 will be vlan20 on that switch. So it makes sense that they can communicate with eachother.
If vlan20 doesn’t appear anywhere else on your switch, then they will only be able to communicate with each other.
If you want them to be on the same vlan and not communicate directly with each other, you need to configure port isolation or private vlans (both of which are imperfect solutions IMO).
after reading that link i found… i think the U might mean untagged, but the T should mean trunk
I believe setting the pvid on ports 1 and 2 should fix the issue.
I havent tried it yet. because I spent all morning moving stuff ( got the desk setup in the spare room) but still not done.
I still have to move the rpi camera to a new subnet also.
Confirm that setting the pvid on those ports fixed it.
I think pvid is equivalent to untagged in Cisco/Ubiquiti parlance.
