TL-SX3016F Setup Issues with vLANs etc
TL-SX3016F Setup Issues with vLANs etc
For some reason this forum wouldn't let me post my whole detailed experience - kept saying 'Illegal Content in Title or Links' even though I had no Links and the title was: Setup Issues with vLANS on TL-SX3016F ... what PITA.
Long story short - the ONLY way I could get this new TLSX3016F to work on my network was to give EVERY SINGLE vLAN I have in the entire domain/network its own Interface AND IP address in the appropriate subnet, even though I have turned off ALL Layer 3 services ( I have another Layer 3 switch that does all my inter-vlan routing etc). If the vLAN interface does not have an IP - you cannot ping the switch, at all, and NO DATA will flow through the 'Trunk' back to the rest of my network. I only wanted an IP address in my Mangement vLAN - 10.0.100.20. With only this Ip address setup - I could ping from my laptop on vLAN100, but could not ping from a Server on vLAN10. I had to add an IP to teh vlan 10 vlan interface on the switch. As soon as that was added I could ping BOTH IP addresses the switch had - 10.0.100.20 and 10.0.10.99.
I set Port 1 (1/0/1) like:
Any othe rcombination of PVIDs, Tagged or Untagged would not work. And if I did not specify an IP for each vLAN Interface it also would not ping.
Is this by design? I've never seen a decent Enterprise or Business switch that does vLANs ever do this. On every other switch I've deployed (Dells, Cisco's, Edgeswitches, Netgears etc) I basically set the port to Trunk and Tag thje vLANs I want to traverse through it - job done. This seems kinda wasteful and tedious.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Not sure the issue, maybe the firmware problem?
However, once you created the VLAN interface, the switch will be able to do routing between these two VLANs, that's why you can ping 10.0.10.99. It's not ping it from your whole network, but just the switch finished the routing on itself. Even you unplug the uplink switch, it will still reply the ping.
What I'm thinking is that the uplink switch may not transfer VLAN10 tagged data to this tplink switch. You need to confirm uplink switch VLAN settings and make sure it's a trunk port.
I have used T2600G-28TS(in standalone) and TL-SG2210P(in controller mode) and VLANs do work for my usage.
- Copy Link
- Report Inappropriate Content
@Somnus cheers for the reply!
I tried every combo suggested in about 15 other posts and comments I googled all night. None would work. My Uplink switches (ES-48's) are all working fine and have been configured fine - I plugged into 4 of them and the result was again the same - no pings reaching the new TP Link switch UNLESS I put an IP into that particular vLAN Interface on the TP Link. I have never seen a switch need this for simple trunking and vLAN traversal. Realistically, for EVERY other switch vendor I have worked with all you o is:
1. Change the Port to a Trunk (or LAG if you are doing that, and I will be eventually)
2. TAG the vLANs you want to go through it
3. Do the same on the other end
3. Get on with your day.
As I said, I can 'get' and workaround TP-Links desire to have all ports set to General instead of changeable to Access and Trunk ... why, I don't know, but that's their call, I can work with it. But I am not seeing why I need to give every vLAN I want to pass throughteh TP Link switch (which will be all of them) an IP Address ... I have turned off All Routing and Layer 3 services on it, it shouldn't NEED them. But I think you may be right in that its an issue in their firmware - and lucky for me this switch only has the release firmware and no updates since then (June 2021), and they might have some underlying weirdness in their Layer 3 side that still requires IP's even though teh services are disabled/not in use.
Just curious to see if anyone else using this switch (which had plenty of people recommending it as a decent aggregation switch alternative to the serially non-available EX-XG-16) ran into similar issues or could point out what I might have done wrong.
- Copy Link
- Report Inappropriate Content
TL-SX3016F
1. UNTAG the port in the "native" VLAN and set its PVID to the VID of that VLAN.
2. TAG the port in the remaining VLANs.
3. Restart the switch just in case.
That's all you need to do. You do not need to create any SVIs and enable inte-VLAN routing there. The fact that it works with those SVIs just means that you have a working link in at least one VLAN. Those SVIs are not required there by any means. You may also like to use the General mode on the other side of the link if it is supported. That's actually what I do myself between my CISCO switches and other switches which support only the General mode, but it worked with CISCO trunks, too.
- Copy Link
- Report Inappropriate Content
@KJK Cheers for that reply!
Yep, tried that.
I set Port 1 (1/0/1) with a PVID of 100
Then I set switchport general allowed vlan 100 untagged
Then switchport general allowed vlan 10 tagged
Still didn't work
I am struggling to remember if it did that again AFTER I dropped the 10.0100.20 address from the interface for vlan1 and added it to vlan10
Actually bugg erit, it is midnight here on Friday night - but I'll remot eintop my laptop from work and break the switch and try your suggestion jsut to make sure. I'll do it with vLAN1's interface set to that IP, and then again with vLAN100's interface set tot hat IP. I'll remove the IP from vLAN10's interface totally.
Give me 10-15 minutes and I'll reply again ;)
- Copy Link
- Report Inappropriate Content
@KJK Alrighty, took me a bit longer than expected ...
Essentially I repeated everything I did last night after wiping what was successfully running:
Attempt 1:
Wiped vLAN 10 Interface and the vLAN
Wiped vLAN 100 Interface and the vLAN
Set vLAN1 with the IP 10.0.100.20
No ping from anywhere (my laptop on vLAN 100, and a Server on vLAN10) - as expected
Attempt 2:
Created vLAN 100
Jumped into Interface of Port 1 (1/0/1)
Changed PVID of Port to 100
Switchport General Allow vlan 100 untagged
Rebooted switch
No ping from anywhere
Attempt 3:
Went into Interface vLAN 100 (CLI/System notified me immediately that vLAN 100 was UP)
Gave vLAN 10 the IP address 10.0.100.20 255.255.255.0
IMMEDIATELY my Laptop on vLAN 100 could ping the switch (through my SW#5), but Server on vLAN 10 could not (as expected)
Rebboted Switch
My laptop (vLAN 100) could ping, Server (vLAN 10) could not (as expected)
Attempt 4:
Created vLAN 10
Jumped into Interface of Port 1 (1/0/1)
Switchport General Allow vlan 10 tagged
Rebooted switch
My laptop can still ping, no ping from server on vLAN 10
Before launching into Attempt 5 - I jumped over to my ES-48 (SW#5). As per your suggestion I turned the TRUNK off in the GUI. Jumped into the Legacy GUI and checked the Switchport mode - it said GENERAL. Confirmed vLANS 10 and 100 were TAGGED for that port.
My laptop could still ping the switch, Server on vLAN 10 could not
Put the Trunk back on SW#5
Attempt 5:
Jumped into Interface of vLAN 10 (CLI/System notified me immediately that vLAN 10 was UP)
Gave Interface an IP Address 10.0.10.99 255.255.255.0
IMMEDIATELY Server on vLAN 10 could ping the switch (through my SW#5), My laptop on vLAN 100 also still pinging
Rebooted Switch
Server on vLAN 10 could ping the switch (through my SW#5), My laptop on vLAN 100 also still pinging
So basically, reconfirmed all I did last night.
Off to bed now as its ... damn! Nearly 2.30am ;)
Cheers for responses so far guys!
- Copy Link
- Report Inappropriate Content
“Attempt 1:
Wiped vLAN 10 Interface and the vLAN
Wiped vLAN 100 Interface and the vLAN
Set vLAN1 with the IP 10.0.100.20
No ping from anywhere (my laptop on vLAN 100, and a Server on vLAN10) - as expected
….”
Why is the IP 10.0.100.20 in VLAN1? Is that a typo? Don’t you want to use the 10.0.100.0/24 subnet in VLAN100? What about the IP 10.0.1.20 instead? You should use different subnets in each VLAN.
It looks to me that you try to ping the TL-SX3016F management interface from a laptop and server connected to your EX-XG-16. The TL-SX3016F management interface is in VLAN1, the laptop is in VLAN100 and the server is in VLAN10. You also want to do inter-VLAN routing only on the EX-XG-16.
For that to work, you need all three VLANs defined in both switches. All three VLANs need to be included in the trunk link on both sides of the link. You also need to have routing enabled and working among all three VLANs on the EX-XG-16. Each VLAN is a separate broadcast domain. You will not be able to reach any IP in VLAN1 from VLAN100 or VLAN10 without routing.
- Copy Link
- Report Inappropriate Content
@KJK
The 10.0.100.20 IP was only in vLAN1 for the first 'test' to show no traffic was passing to the switch from any vLAN - and I typed 'as expected' at the end of the test to show I expected it NOT to work :)
All subsequent tests had 10.0.100.20 assigned to the vLAN 100 interface on the TL-SX3016F
The TL-SX3016F is NOT going to handle any Layer 3 routing, at all. I already have another Dell 6448 that is already doing all that. It's on the other side of that ES-48 I have connected to the TL-SX3016F.
ie Dell 6448 ----trunk---- ES-48 ----trunk----TL-SX3016F
My actual Laptop (on vLAN 100) is actually going from: My Laptop ---- SW6(ES-48) ----trunk---- Dell 6448 ----trunk---- SW5(ES-48) ----trunk----TL-SX3016F
All my current trunks, routing and vLANs are perfectly fine across the buildings and various switches. I am testing this new TL-SX3016F to see if/how I can put it onto my network as an aggregation switch, not a Layer 3 switch with inter-vlan routing. I have a bunch of vLANS already configured and running across my network and through those Trunks I have setup as needed, windows servers handle all the DHCP for all those subnets I have defined and associated with each vLAN (via the Dell 6448 - which is the ONLY switch inthe netowrk that has an Interface configured, with IP address, for EVERY vLAN, and has the Default Route setup on it).
All I am wanting is to add the TL-SX3016F as another layer 2 switch and have it (eventually) as the central point that ALL my other switches plug into. At the moment its on teh end of the chain while I test and play around with it. So I'll need to (eventually) tag every port used on the TL-SX3016F with EVERY vLAN so they can get to the switch they need to pass traffic around.
So with that in mind - I can access the switch from vLAN 100 ONLY if the vLAN 100 interface on the TL-SX3016F is 10.0.100.20 - which I am perfectly happy with and understandable ... but my question is - why can't I have vLAN 10 traffic go to the TL-SX3016F on the same 'trunk' as the vLAN100 traffic when TAGGED on that Port (like every other switch does) UNLESS I also give the vLAN 10 interface an IP address (in my vLAN10 subnet)?? That makes no sense at all UNLESS I am also doing inter-vlan routing which, again, I am NOT doing on that switch. Layer 3 services are DISABLED on the TL-SX3016F.
So, as per my example (forget what number :) ) it SHOULD be working fine IF my config is:
!TL-SX3016F
#
vlan 10
name "ServerCore_vLAN"
#
vlan 100
name "management_vLAN"
#
#
cut out some irrelevant lines here ...
#
no ip routing
#
#
interface vlan 1
no ip address
ipv6 enable
#
interface vlan 100
ip address 10.0.100.20 255.255.255.0
no ipv6 enable
#
interface ten-gigabitEthernet 1/0/1
switchport general allowed vlan 100 untagged
switchport geenral allowed vlan 10 tagged
switchport pvid 100
At this point I can ping the switch from my laptop on vLAN 100 - as expected
But I cannot ping from a Server on vLAN 10
But if I change the config to:
!TL-SX3016F
#
vlan 10
name "ServerCore_vLAN"
#
vlan 100
name "management_vLAN"
#
#
#
cut out some irrelevant lines here ...
#
no ip routing
#
interface vlan 1
no ip address
ipv6 enable
#
interface vlan 10
ip address 10.0.10.99 255.255.255.0
no ipv6 enable
#
interface vlan 100
ip address 10.0.100.20 255.255.255.0
no ipv6 enable
#
interface ten-gigabitEthernet 1/0/1
switchport general allowed vlan 100 untagged
switchport geenral allowed vlan 10 tagged
switchport pvid 100
I can ping from my laptop AND from the server on vLAN 10
II get that it SHOULD be working from the first example - but it aint.
- Copy Link
- Report Inappropriate Content
"why can't I have vLAN 10 traffic go to the TL-SX3016F on the same 'trunk' as the vLAN100 traffic when TAGGED on that Port (like every other switch does)"
I wonder how you have tested that. I can't find anything in your writing about any device connected to a TL-SX3016F access port assigned to VLAN10. Such an access port would have to be UNTAGGED in VLAN10 and have its PVID set to 10.
Adding "(like every other switch does)" to that sentence implies that you think there is a bug in the switch's firmware. Personally, I find it difficult to even suspect a bug in such basic switch functionality. Well, you can always open a case with TP-Link. Good luck.
- Copy Link
- Report Inappropriate Content
Hi there! I'm sorry to hear that you're having trouble with your TL-SX3016F switch. It seems like the setup process for vLANs on this switch is quite different from what you're used to with other switches.
Regarding your question, it's possible that this design is intentional, but without more information on the specific switch and its capabilities, it's difficult to say for sure. I would recommend reaching out to the manufacturer or checking the documentation to see if there is any explanation for this behavior.
Have you considered trying a different switch, such as the Kugoo M4 Pro, to see if it provides a more familiar and straightforward setup process for vLANs? I hope this helps!
- Copy Link
- Report Inappropriate Content
Reading back my previous - I forgot to mention a pertinent detail ... I can only blame the fact I was posting around 2am ish my time :)
I had a Ubiquiti NVR on Port 16 of the switch sitting on vLAN 10 - that's what I was trying to ping on vLAN 10. I had tried setting it to DHCP and a Static IP with no luck. Apologies for the confusion, I'll try and post at semi comatose times in future ;)
UPDATE:
Decided to reset back to factory defaults.
Set Port 1 (1/0/1) to UNTAGGED vLAN 100, PVID 100, Interface IP 10.0.100.20
Set Port 16 (1/0/16) to UNTAGGED vLAN 10, PVID 10
1st try - and of course it allowed me to ping the NVR on Port 16 first go ...
Awesome .. that's what I was after all along. vLAN 10 traffic coming down the 'Trunk' as tagged traffic for vLAN10 and hitting Port 16 untagged as vLAN 10. HUZZAH! Rebooted a few times and all golden.
Then I decided to put the NVR into vLAN 100 where I want it as all my Ubiquiti devices sit in vLAN 100 with the switches (I have a bunch of Ubi cameras, AP's). So set Port 16 (1/0/16) to UNTAGGED vLAN100, PVID 100, saved config and rebooted ...
... and NADA. NVR not getting a vLAN 100 IP from my servers. Multiple reboots of the TL-SX3016F and the NVR, no go. Switch Port 16 back to vLAN 10 untagged - pulls a vLAN 10 address from the DHCP server fine. Switch it back to vLAN 100 - NADA. Even tried setting PVID back to 1 and TAGGING vLAN100 for fun - no luck (as expected). Aint nothing wrong with the server or DHCP, it hands out vLAN 10 addresses fine which gets to Port 16 fine, and all my other Ubi devices on the network are getting their vLAN100 IP's from DHCP fine as well.
Solve one issue - new one crops up ... aye carumba! Case already opened with TP-Link so we'll see how this goes.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 2151
Replies: 13
Voters 0
No one has voted for it yet.