Business Community > Routers > Multiple Links to Gateways
< Routers

Multiple Links to Gateways

Multiple Links to Gateways

Multiple Links to Gateways
Multiple Links to Gateways
2025-03-28 03:10:07 - last edited 2 weeks ago
Tags: #VLAN & Multi-Networks
Model: ER8411   TL-SG3428XMP   TL-SX3008F  
Hardware Version:
Firmware Version:

I have an established network working with lots or redundancy and leveraging 10G fiber wherever possible (well, the achilles heal is the gateway).  What I am looking for is a way to leverage the additional ports on the 8411 as additional links to my core -

 

Everything is extremely stable, but I want to introduce the Purple links to the 8411 to split specific networks onto individual lan ports on the gateway.  My understanding is that the gateway "Can" limit ports to specific VLAN's, but the concern is the potential for loops, although it is possible to specify the PVID on the core switch ports, which I presume would stop this risk as only traffic for the specified VLAN's would travel across those links.  Can anyone validate whether this is a possible work around for the lack of LAG support on the gateway?

 

I am sure someone would question the need for using the extra links as 10G from the core to the gateway would handle multiple gigabit WAN's, but I want to segregate some specific networks onto their own links so that I can run some specific mirroring and packet tracing on those networks, which is easy when mirroring the port, but not so straight forward when trying to mirror a VLAN (without a bit more complicated configs and different hardware).

 

This would also be useful in gigabit networks as it could be used to utilize more links to gateways if it works the way I think it does, am I wrong?

  0      
 
  0      
 
#1
Options
2 Accepted Solutions
Re:Multiple Links to Gateways-Solution
2025-03-28 09:38:41 - last edited 2 weeks ago

  @Morayf 

 

It can be done - you need to enable port isolation and rSTP on the switch ports the links connect to.  Only on the latest 1.3.0 beta for the ER8411 can you remove the default vlan from its ports meaning you can specify exactly only those vlans you want on its ports, but each port has to have a native untagged vlan that you would have to deal with at the other end in the switch profile.

 

However

 

I seriously dont recommend it!

 

The ER8411 doesnt have any kind of stp at all, and in my experimenting with this if you get even a brief loop (say when a downstream switch reboots and doesnt quite bring up all ports in the correctly configured state even for a moment), the router gives up, locks up, goes "disconnected" and all connectivity is lost.

 

One method that does work is to have a vlan filtering switch middle manning this, which i have done with a SG108E before - have all vlans on all ports on the ER8411, and on the SG108E you can actually specify tagged only ports, so it can "filter" whats coming out the ER8411 (eg, a tagged only link for certain vlans to an 8411 port) and on its output ports you can specify anything you want even tagged only - but you HAVE to disable loop detection otherwise even this will just start blocking ports.

The ultimate solution would be letting us configure tagged only ports on the routers in omada control - which you can do in standalone - this has been requested and there is a lengthy thread here, but they have clearly stated this is not going to happen for whatever reason

Main: ER8411 x1, SG3428X x1, SG3452 x1, SG2428LP x1, SG3210 x1, SG2218P x1, SG2008P x1, ES205G x2, EAP650 x6 Remotes: ER605 v2 x3, SG2008P x2, EAP650 x2 VPN Server: ER7206 v2 Controller: OC300
Recommended Solution
  1  
  1  
#2
Options
Re:Multiple Links to Gateways-Solution
2025-03-28 10:07:33 - last edited 2 weeks ago

  @Morayf 

Yes, you can achieve what you're aiming for by assigning specific VLANs to the extra ports on the ER8411. Since the gateway allows port-based VLANs, you can use those extra links to separate traffic for different networks.

To avoid loops, setting the correct PVID on the core switch ports is the right approach. This ensures that only VLAN-specific traffic flows through each link. While the ER8411 doesn’t support LAG, using VLAN isolation and port-based assignment should work as a workaround.

Your use case for mirroring and packet tracing makes sense, and this setup gives you more flexibility in monitoring specific networks without overcomplicating things. It could also help in gigabit environments by distributing traffic more efficiently across multiple gateway links.

Just be mindful of STP (Spanning Tree Protocol) to prevent any unexpected loops, especially if there are redundant paths in your network. Hope this helps!

Recommended Solution
  0  
  0  
#3
Options
2 Reply
Re:Multiple Links to Gateways-Solution
2025-03-28 09:38:41 - last edited 2 weeks ago

  @Morayf 

 

It can be done - you need to enable port isolation and rSTP on the switch ports the links connect to.  Only on the latest 1.3.0 beta for the ER8411 can you remove the default vlan from its ports meaning you can specify exactly only those vlans you want on its ports, but each port has to have a native untagged vlan that you would have to deal with at the other end in the switch profile.

 

However

 

I seriously dont recommend it!

 

The ER8411 doesnt have any kind of stp at all, and in my experimenting with this if you get even a brief loop (say when a downstream switch reboots and doesnt quite bring up all ports in the correctly configured state even for a moment), the router gives up, locks up, goes "disconnected" and all connectivity is lost.

 

One method that does work is to have a vlan filtering switch middle manning this, which i have done with a SG108E before - have all vlans on all ports on the ER8411, and on the SG108E you can actually specify tagged only ports, so it can "filter" whats coming out the ER8411 (eg, a tagged only link for certain vlans to an 8411 port) and on its output ports you can specify anything you want even tagged only - but you HAVE to disable loop detection otherwise even this will just start blocking ports.

The ultimate solution would be letting us configure tagged only ports on the routers in omada control - which you can do in standalone - this has been requested and there is a lengthy thread here, but they have clearly stated this is not going to happen for whatever reason

Main: ER8411 x1, SG3428X x1, SG3452 x1, SG2428LP x1, SG3210 x1, SG2218P x1, SG2008P x1, ES205G x2, EAP650 x6 Remotes: ER605 v2 x3, SG2008P x2, EAP650 x2 VPN Server: ER7206 v2 Controller: OC300
Recommended Solution
  1  
  1  
#2
Options
Re:Multiple Links to Gateways-Solution
2025-03-28 10:07:33 - last edited 2 weeks ago

  @Morayf 

Yes, you can achieve what you're aiming for by assigning specific VLANs to the extra ports on the ER8411. Since the gateway allows port-based VLANs, you can use those extra links to separate traffic for different networks.

To avoid loops, setting the correct PVID on the core switch ports is the right approach. This ensures that only VLAN-specific traffic flows through each link. While the ER8411 doesn’t support LAG, using VLAN isolation and port-based assignment should work as a workaround.

Your use case for mirroring and packet tracing makes sense, and this setup gives you more flexibility in monitoring specific networks without overcomplicating things. It could also help in gigabit environments by distributing traffic more efficiently across multiple gateway links.

Just be mindful of STP (Spanning Tree Protocol) to prevent any unexpected loops, especially if there are redundant paths in your network. Hope this helps!

Recommended Solution
  0  
  0  
#3
Options

Information

Helpful: 0

Views: 93

Replies: 2

Tags

VLAN & Multi-Networks
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.