VLAN Trunking from windows host (tagging) through un-managed switch?

LynK · May 24, 2017, 07:50:19 AM

Hey guys,

I have a windows machine, which is tagging VLANS, connected to a trunk port on a switch directly. I am thinking about putting an un-managed switch. I think it might drop the packets because of the increased size, and because it is not expecting the VLAN ID information to be filled... but I am curious if anyone has tried this before I give it a go. I am trying with a D-Link switch.

deanwebb · May 24, 2017, 12:35:02 PM

Windows acting as a switch? I've never, EVER done that before... sounds really crazy...

that1guy15 · May 24, 2017, 02:49:37 PM

Yeah I think you are going to run into issues. The switch is not gonna know how to segregate the two vlans over the link and will most likely strip the vlan tag and try to forward. Dont think you would even get successful ARP on this unless the far side server uses one of the vlans as untagged.

SimonV · May 24, 2017, 03:51:05 PM

Quote from: deanwebb on May 24, 2017, 12:35:02 PM
Windows acting as a switch? I've never, EVER done that before... sounds really crazy...

Just a dot1q tag and logical interface I suppose, lots of NICs can do it

Otanx · May 24, 2017, 04:14:02 PM

If you leave everything as a trunk (the server, and the managed switch) then it depends on the unmanaged switch. It may be OK with the larger frames (it may support jumbo frames). If the dumb switch does not support jumbo you can try to adjust the MTU down and make room for the tag. I wouldn't recommend it because you would have to change everything on those VLANs, but it should work. The .1q tag is after the MAC addresses so forwarding "should" work as long as everything connected is tagged. If you plug in something not tagged, then it will get put on the native VLAN (the original reason for native vlan was this kind of scenario).

-Otanx

Dieselboy · May 26, 2017, 07:38:05 AM

Yes I have seen this working but a long time ago and we laughed. If the switch doesn't care about the packet (frame?) size being a bit bigger then it will switch on learned mac addresses. It's probably thought of as a security risk because any device plugged into it can choose which VLAN it wants to be on.

Why is the windows machine tagging VLANs? Is it running hyper-v or something like that? Interesting.

LynK · July 05, 2017, 03:49:45 PM

sorry for the delayed response.

I am running tagging on my machine because we have a proprietary MGMT vlan with no access to the outside world (or other networks), and I needed access to it because I do not want to RDP into a machine to do so. (Do not ask me why they are not doing VRFs...).

I do also run VMs, and want them on different networks.

wintermute000 · July 05, 2017, 05:14:48 PM

Why unmanaged. I can get dlinks that do vlans... Let alone belkins

matgar · July 06, 2017, 06:37:39 AM

I've had to use consumer grade unmanaged switches such as Netgear and D-Link in between managed switches with trunk ports.
I can't recall any problems, they just passed the frames along unchanged.
It's of course far from ideal, but you do what you must to get things up and running.

icecream-guy · July 06, 2017, 06:41:52 AM

if the management network has no access to the outside world (l2 isolation). there is not much you can to to access the management network resources other than RDP into a box connected to that managment network.