Omada Network and Profile configuration issue

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Omada Network and Profile configuration issue

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Omada Network and Profile configuration issue
Omada Network and Profile configuration issue
2021-02-24 22:08:12 - last edited 2021-02-25 08:24:17
Hardware Version: V4
Firmware Version: 4.2.11

I'm experiencing some blocking infexibilities in the configuration of vlans, and port profiles.

I'm introducing Omada Managed Switches and Access Points within an existing network infrastructure, however the user interface prohibits configuration and changes on default settings that would require a complete network re-configuration to suite these restrictions. This obviously is something I want to avoid, and should also not be necessary.

 

Let me elaborate:

 

Issue 1 is the default Network LAN that is configured in Settings->Wired Networks->LAN.

After setup this default entry is already configured, and cannot be edited. This network 'Purpose' is interface and has a VLAN of 1. This VLAN however happens to be my Management VLAN. This is no major issue, as I can select this network as the Management VLAN, Simply changing the Name, could resolve this issue. Only thing that remains is it's purpose and an associated ip subnet (192.168.0.1/24) which I don't use (or not manage through Omada). From searches on this forum, it seems to be related to the TP-Link gateways, but I'm not using that. I'm using a Sophos XG as internet gateway, and as you can imagine, not planning on replacing that with an Omada Gateway. All in all, this hard coded config seems a bit strange, and it would be nice if it could be deleted or at least edited.

 

Second issue is on the Switches, to make vlans available across the whole network, across different switches one would normally define a trunk that would carry al those tagged VLAN's. However, within Omada, I cannot create a profile that would include all vlans tagged, as I'm forced to select a native VLAN, which cannot be part of the selected tagged VLAN's.

In my perception, there generally are three types of ports:

1. Access ports, these are ports where end-user devices are hooked up to, and carry one VLAN untagged.

2. Trunk ports, these carry multiple VLAN's mostly used to distribute these VLANs across the whole network, or for example to access points, carrying the VLAN's that belong to the different wireless networks (Office, Guest, etc) In addition to the management VLAN that is used to manage the network infrastructure.

3. Hybrid ports, these are typically trunk ports, which also have one untagged VLAN associated with them. These could be handy for example to adopt new devices in the network infrastructure prior to having the correct configuration. I tend to use these only temporarily until everything is configured as it should be.

 

Within Omada, one can only create an Access port, or an Hybrid port, which also seems to have the restriction that the native VLAN cannot be part of the tagged VLAN list (why???).

 

Only way to create a trunk now would be to create a hybrid port, carrying all, but one VLAN tagged, and one untagged. This would also require reconfiguration of the rest of the non-Omada managed network infrastructure. And I'm than leaving out the part that I would not be charmed by such a configuration, as it feels like a work around for the Omada configuration restrictions.

 

All in all, I think this part of the Omada software needs to be changed. It could be I'm doing something wrong here, if so, please tell me what to do.

 

If I'm right, I think the following changes need to be made:

1. Don't create default configs that cannot be changed or deleted and could conflict with existing network infrastructures.

2. Change the port profiles to allow access, trunk and hybrid ports as described above.

 

Kind regards,

 

Jorg

 

 

 

UPDATE:

 

I've taken the switch out of Omada management to use the web interface of the switch. In that case I can actually configure the switch according to my requirements.

If I configure the port to only accept tagged frames and configure the tagged VLANs that the port is a member of I can assign all VLAN ID's including the one configured as PVID (wich I think is ignored due to the 'allow tagged only' config). So the switch itself seems to be able to support the configuration I'm looking for for trunk ports. Basically I can create all of the 'port types' I require through the native device interface (access, trunk, hybrid or whatever you want to call it). When using Omada to configure the ports using profiles, I am however not able to configure a similar setup, as such, it seems to be a restriction in the Omada software at this point.

 

  4      
  4      
#1
Options
2 Reply
Re:Omada Network and Profile configuration issue
2021-02-25 08:18:28

Dear @Jorgh,

 

Thank you for posting the problem on the TP-Link Business Community.

 

Issue 1 is the default Network LAN that is configured in Settings->Wired Networks->LAN.

After setup this default entry is already configured, and cannot be edited. This network 'Purpose' is interface and has a VLAN of 1. This VLAN however happens to be my Management VLAN. This is no major issue, as I can select this network as the Management VLAN, Simply changing the Name, could resolve this issue. Only thing that remains is it's purpose and an associated ip subnet (192.168.0.1/24) which I don't use (or not manage through Omada). From searches on this forum, it seems to be related to the TP-Link gateways, but I'm not using that. I'm using a Sophos XG as internet gateway, and as you can imagine, not planning on replacing that with an Omada Gateway. All in all, this hard coded config seems a bit strange, and it would be nice if it could be deleted or at least edited.

 

The Network LAN setting requires Omada Gateway. The default entry would only issue to the Omada Gateway once it's adopted.

If you are not using the Omada Gateway, you can just ignore the default entry as it won't affect your existing network. 

 

By the way, the default entry will support to be edited in the future in order to manage the Omada Gateway easily.

 

If I'm right, I think the following changes need to be made:

2. Change the port profiles to allow access, trunk and hybrid ports as described above.

 

Currently the Omada SDN doesn't support selecting tagged VLAN as native VLAN.

Thank you for your valued feedback. I've written it down for further evaluation.

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#2
Options
Re:Omada Network and Profile configuration issue
2021-02-25 08:37:43 - last edited 2021-02-25 08:39:26

@Fae thank you for your quick response.

 

I've just updated my original post, before I've seen your answer. In short, the native web UI of the switch does support the configuration I require. So it seems to be an restriction imposed by Omada.

As workaround I can also create a dummy VLAN that is not used on the rest of the network and assign that as the native VLAN. Although it's still a workaround and I'm not charmed with this approach, it will allow me to at least create a trunk that has all the required VLANs as tagged VLANs.

Giving the option to allow only tagged frames and allowing the PVID to be part of the tagged VLANs (so untagged frames are basically dropped) would also solve the issue, although a bit less intuitive, this is basically how it can be done through the device web UI. I think you should be able to restrict a port to only allow tagged frames should be possible within Omada, forcing an untagged VLAN to be configured (and active) on a port seems to me to be a bit restrictive.

 

Kind regards,

 

Jorg

  3  
  3  
#3
Options