MAC VLAN does not work on TL-SG3428X

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

MAC VLAN does not work on TL-SG3428X

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
MAC VLAN does not work on TL-SG3428X
MAC VLAN does not work on TL-SG3428X
2023-02-26 12:12:40
Model: TL-SG3428X  
Hardware Version: V1
Firmware Version: 1.0.10 Build 20221130 Rel.57838

I am trying to configure MAC VLAN on my switch after having set up working 802.1Q VLANs (multiple VLANs, several tagged trunk ports successfully connecting to other switches, multiple manually configured untagged ports assigned to different VLANs).

 

 

I have separate VLANs for Guest (ID 300) and LAN (ID 100) that are set up to be in different IP subnets with their own DHCP server. If I manually set a port to be an untagged member and having the corresponding PVID I can simply plug a device into that port and it will be able to get an IP Address from the DHCP server in the appropriate subnet, as expected.

 

My next goal is to set up ports so that unknown plugged in devices will be assigned to the guest VLAN, while known devices will be assigned to the LAN.

 

In order to achieve that I configured the ports to be both untagged members of VLAN 300 and 100 (they are no tagged or untagged member of any other VLAN), their PVID to 300 and enabled MAC VLAN for them. Devices that have no MAC VLAN config/binding will happily join the guest VLAN, so far, so good.

 

My assumption is that if I configure a mac address to be part of VLAN 100 in the MAC VLAN config and plug it into one of these ports, it should add tag 100 to untagged ingress packets instead of the PVID (300), therefore getting an IP address from the LAN DHCP server and be able to reach IPs in the LAN. This does not work, even when manually assigning a IP in the LAN subnet. Running "arp -a" on the connected machine will only show MACs and IPs from the guest network. The only difference is that I can see an additional entry for the MAC under L2 Features > Switching > MAC Address for VLAN 100 on the switch instead of only an entry for VLAN 300 after configuring a MAC address to be a part of VLAN 100. Security features like ARP detection and IP source guard are disabled. After configuration changes I made sure to unplug and replug the device to port.

 

What am I missing? Do I have a fundamental misunderstanding on how MAC VLAN should work?

  0      
  0      
#1
Options
3 Reply
Re:MAC VLAN does not work on TL-SG3428X
2023-04-24 20:50:58
Did u manage to solve your problem somehow? I have same issue with my 3428X.
  0  
  0  
#2
Options
Re:MAC VLAN does not work on TL-SG3428X
2023-04-25 09:02:20
I reported this as an issue, and it was confirmed as a bug. The R&D team is currently working on a fix and I had the chance to test a beta firmware build that improves, but not yet completely solves the situation. So this seems to be a WIP.
  0  
  0  
#3
Options
Re:MAC VLAN does not work on TL-SG3428X
2023-06-15 02:07:41

  @IndianaHorst 

Do you have any feedback from RnD on this topis? Is there any publicly available ticket one can follow?

This bug also affects me as I wan to use almost exactly the same setup as you.

  0  
  0  
#4
Options