Single LAN cable with Network trunk setup without loop back LAN wire to DB

HMAN

Master Member
Joined
Jan 6, 2002
Messages
4,801
Reaction score
469
More importantly to learn the concept of Vlan, understand its attributes and behavior , you will benefit it for life.
 

HMAN

Master Member
Joined
Jan 6, 2002
Messages
4,801
Reaction score
469
there are tons of material available with the keyword search of "vlan".


You will always find it too abstract to understand , hand on reflection approach is the best way to understand more. Through experiment, i can only understand some of them.


attachment.php


Fundamental building block of Vlan

1) Vlan ID & Vlan name (Only used for high level identification ,not used for switching logic)

-Define group membership of a combination of Ports
Network Switch will do packet forwarding to its members ports based on the receiving Port's PVID.
E.g Untagged Incoming packets to Port 1( and its PVID=100) ,outgoing packet will be forwarded to Vlan group ID=100, Therefore packet will be forwarded to Port 2 & 8 since they are members of Vlan ID=10.


2) Port PVID .
Untagged packets entering a port ,will be routed to Vlan group specified in the Port's PVID.

Application: send packets among the same Lan Group within the same router's subnet
Function like unmanaged port usage .
E.g Define VID ( Vlan iD) =100, member Ports:4,5,6 &7. all untagged
PVID=100 for Port 4,5,6 & 7. Doing this will make Port 4-7 behave like un-managed switch for these few ports.

3) Tagged Port
Tagged packets with Port's PVID=1, this literally becomes a generic network trunk used to carry mixed of Vlan signals (tagged or untagged).

Vlan group with Tagged Port and Untagged Port
Application: Replaced Vlan tagged Router with with generic Router that does not support tagged frames .

Example of Singtel Internet vlan group of VID=10 with Port 1(tagged) & 2(untagged) .
Using 2 Ports ,one tagged with PVID=1, and the other untagged with PVID 10
Tagged Port 1 with PVID=1, this port allows tagged frames to pass through and retains its tag. PVID=1 is a wildcard trunk that allows all signal to pass

Untagged Port 2 with PVID =10 will allow tagged signal of VID=10 to come in and later strip off the vlan tag before sending it over to the connecting device that does not understand vlan.

Above 2 mechanism enabled use of Non Singtel Router to receive normal network packets

Observation
Tagged Port with matching PVID will only accept signal with same VID tag to come in

Learnt through Applications with combinations of Vlan settings

-VID ( Vlan ID) defines logical ports grouping.
=> Always plan your network grouping with Vlan group definition

-Switching logic is jointly determined by the PVID of a port ,Vlan grouping

-Combinations of tagged ,untagged Ports help to perform filtering function
=> Enable use of Non Vlan supported router be used on Network with vlan tagged system.

-Combination of untagged ports with common PVID across ports forms generic
unmanaged network switch for that vlan group


Combination of tagged Port with wildcard PVID=1 serves as trunk for multiple vlan sources.
 
Last edited:

moron+genius

Senior Member
Joined
May 16, 2011
Messages
1,338
Reaction score
17
šŸ˜® very chim but interesting. I have a HDMI over IP extender tat Iā€™m tinking 2 use vlan 2 distribute over network. I had tried connecting it to unmanaged switch n tat didnā€™t work. The setup is as follows:
Media box -> HDMI extender -> managed switch 1. -> managed switch 2 -> HDMI extender-> TV
Would this b possible?
there are tons of material available with the keyword search of "vlan".


You will always find it too abstract to understand , hand on reflection approach is the best way to understand more. Through experiment, i can only understand some of them.


attachment.php


Fundamental building block of Vlan

1) Vlan ID & Vlan name (Only used for high level identification ,not used for switching logic)

-Define group membership of a combination of Ports
Network Switch will do packet forwarding to its members ports based on the receiving Port's PVID.
E.g Untagged Incoming packets to Port 1( and its PVID=100) ,outgoing packet will be forwarded to Vlan group ID=100, Therefore packet will be forwarded to Port 2 & 8 since they are members of Vlan ID=10.


2) Port PVID .
Untagged packets entering a port ,will be routed to Vlan group specified in the Port's PVID.

Application: send packets among the same Lan Group within the same router's subnet
Function like unmanaged port usage .
E.g Define VID ( Vlan iD) =100, member Ports:4,5,6 &7. all untagged
PVID=100 for Port 4,5,6 & 7. Doing this will make Port 4-7 behave like un-managed switch for these few ports.

3) Tagged Port
Tagged packets with Port's PVID=1, this literally becomes a generic network trunk used to carry mixed of Vlan signals (tagged or untagged).

Vlan group with Tagged Port and Untagged Port
Application: Replaced Vlan tagged Router with with generic Router that does not support tagged frames .

Example of Singtel Internet vlan group of VID=10 with Port 1(tagged) & 2(untagged) .
Using 2 Ports ,one tagged with PVID=1, and the other untagged with PVID 10
Tagged Port 1 with PVID=1, this port allows tagged frames to pass through and retains its tag. PVID=1 is a wildcard trunk that allows all signal to pass

Untagged Port 2 with PVID =10 will allow tagged signal of VID=10 to come in and later strip off the vlan tag before sending it over to the connecting device that does not understand vlan.

Above 2 mechanism enabled use of Non Singtel Router to receive normal network packets

Observation
Tagged Port with matching PVID will only accept signal with same VID tag to come in

Learnt through Applications with combinations of Vlan settings

-VID ( Vlan ID) defines logical ports grouping.
=> Always plan your network grouping with Vlan group definition

-Switching logic is jointly determined by the PVID of a port ,Vlan grouping

-Combinations of tagged ,untagged Ports help to perform filtering function
=> Enable use of Non Vlan supported router be used on Network with vlan tagged system.

-Combination of untagged ports with common PVID across ports forms generic
unmanaged network switch for that vlan group


Combination of tagged Port with wildcard PVID=1 serves as trunk for multiple vlan sources.
 

HMAN

Master Member
Joined
Jan 6, 2002
Messages
4,801
Reaction score
469
First you need to get the setup work correctly with the simplest form of network switch. E.g between your Router's Lan port.


Do the pair of hdmi extender require pre-setup to configure the Transmitter and Receiver?

Any specification point to this pair of devices required vlan to work ?
Are they deploying standard network protocol to transmit /receive the signals .

Have you google similar setup with vlan ? otherwise you may be targeting a wrong application
 

EJ

Senior Member
Joined
Jan 1, 2000
Messages
2,186
Reaction score
0
HMAN, thank you for this detailed writeup. I was searching all over the web for something like this as i need to place my router away from the DB but only have 1 LAN cable in between.

Have a question though - do you know if there are any security implications? I'm not very familiar with this but my understanding is that normally, the router / firewall sits immediately after the ONT so there is some clear delineation and protection between LAN and WAN but in this case, the router/firewall sits behind both switches. Does this potentially expose all the LAN traffic to the WAN side?

thanks.

Reading posts here..mostly stuck with Single Lan point to living hall with no return line to loop back to DB for further distribution.


There is one solution that you dont need to lay extra cable yet able to loop back for further distribution without much suffer on bandwidth ( up to 1 GB Full duplex).


By using 2 managed switch, you can achieve this goal .

1. ONT -> Managed Switch 1(MS1) => Network truck with single LAN cable to link to Managed Switch 2 => Living Hall Router & its LAN Port loop back to MS2 switch to be routed back to MS1 LAN Port for other rooms distributions.



MS1 Setup
- 1 Trunk Port ( ONT -> MS1-Trunk Port -> MS2 -Trunk Port-> Router WAN Port
- VLan grouping based on ISP vlan settings

-Define Vlan Group for Other rooms distribution, Vlan-InterLAN


MS2-Setup
-Dedicted TrunkPort to route traffic from MS1 and To MS1
-Vlan group for Router WAN Port & Trunk
-Vlan group ports for Router's LANPORT to MS1 Lan Ports- Vlan -InterLAN


Since the only physical LAN has full duplex bandwidth of 1GBps Up and 1 GBps Down.

Since the internet application mostly download more than upload. With assumption of 9:1 Ratio of Download /Upload (Mainly for signal acknowledgement) .

You will have 900Mbps for download bandwidth and 100 Mbps for uplink acknowledgement.

Single Trunk have 2 lanes of Download link(DL) and 2 lanes of UpLink (UL)


Download Link Signal
1.Internet ->ONT ->Trunk MS1 (Trunk of 2 lanes download) -> MS2 ( 2 Lanes of receiving ) to Router WAN

2. LAN Ports from MS1 Network will use the same DL lanes to transfer signal back to Router's Lan Port.
*This uplink signal ration should be around 10% of Internet incoming traffic


Uplink Path
1) Wan Out from Router to ONT to Internet
10% of Downlink traffic
2) Network traffic From Router's LAN Port ( MS2 ) to MS1-LAN download traffics
Since this is internet download, you still have 90% bandwidth or 900 Mbps.

I have ordered 2 managed Switch from Amazon with trunk capability to experiment this concept. I should be able to share more after getting the switches from Amazon. $120 project...

This concept is not new, it is documented by many network switch makers.
One of the more easy to understand concept is found at Mikrotek wiki page.

Update(31 Dec 2017)
Adding validated Setup Diagram
26172356_1615410415193060_7850651826501658736_o.jpg
 

HMAN

Master Member
Joined
Jan 6, 2002
Messages
4,801
Reaction score
469
This should be safe
Please read the Port tagging table for the routing rules for tagged and untagged port
Example of local LAN signal

Switch 1
For the local LAN ports, they are tagged as 100, all exgress traffic will be tagged with its pvid (100), which will route to ports of VLAN group ID of 100. Traffics flow will go to VLAN 100ports and port 1(1, route any signal as trunk),port of switch 2 will forward the signal to VLAN group of 100. ONT Port will discard the local LAN traffic

ONT Port is VLAN 1, also internal network traffics are using local address range, all signals routed to internet must be NAT to swap out its local addresss otherwise the outside gateway won't be able to route signal to go further with wrong source and destination address.

HMAN, thank you for this detailed writeup. I was searching all over the web for something like this as i need to place my router away from the DB but only have 1 LAN cable in between.

Have a question though - do you know if there are any security implications? I'm not very familiar with this but my understanding is that normally, the router / firewall sits immediately after the ONT so there is some clear delineation and protection between LAN and WAN but in this case, the router/firewall sits behind both switches. Does this potentially expose all the LAN traffic to the WAN side?

thanks.
 
Last edited:

LoneTraveller

Arch-Supremacy Member
Joined
Mar 31, 2012
Messages
11,145
Reaction score
3,536
Reading posts here..mostly stuck with Single Lan point to living hall with no return line to loop back to DB for further distribution.


There is one solution that you dont need to lay extra cable yet able to loop back for further distribution without much suffer on bandwidth ( up to 1 GB Full duplex).


By using 2 managed switch, you can achieve this goal .

1. ONT -> Managed Switch 1(MS1) => Network truck with single LAN cable to link to Managed Switch 2 => Living Hall Router & its LAN Port loop back to MS2 switch to be routed back to MS1 LAN Port for other rooms distributions.



MS1 Setup
- 1 Trunk Port ( ONT -> MS1-Trunk Port -> MS2 -Trunk Port-> Router WAN Port
- VLan grouping based on ISP vlan settings

-Define Vlan Group for Other rooms distribution, Vlan-InterLAN


MS2-Setup
-Dedicted TrunkPort to route traffic from MS1 and To MS1
-Vlan group for Router WAN Port & Trunk
-Vlan group ports for Router's LANPORT to MS1 Lan Ports- Vlan -InterLAN


Since the only physical LAN has full duplex bandwidth of 1GBps Up and 1 GBps Down.

Since the internet application mostly download more than upload. With assumption of 9:1 Ratio of Download /Upload (Mainly for signal acknowledgement) .

You will have 900Mbps for download bandwidth and 100 Mbps for uplink acknowledgement.

Single Trunk have 2 lanes of Download link(DL) and 2 lanes of UpLink (UL)


Download Link Signal
1.Internet ->ONT ->Trunk MS1 (Trunk of 2 lanes download) -> MS2 ( 2 Lanes of receiving ) to Router WAN

2. LAN Ports from MS1 Network will use the same DL lanes to transfer signal back to Router's Lan Port.
*This uplink signal ration should be around 10% of Internet incoming traffic


Uplink Path
1) Wan Out from Router to ONT to Internet
10% of Downlink traffic
2) Network traffic From Router's LAN Port ( MS2 ) to MS1-LAN download traffics
Since this is internet download, you still have 90% bandwidth or 900 Mbps.

I have ordered 2 managed Switch from Amazon with trunk capability to experiment this concept. I should be able to share more after getting the switches from Amazon. $120 project...

This concept is not new, it is documented by many network switch makers.
One of the more easy to understand concept is found at Mikrotek wiki page.

Update(31 Dec 2017)
Adding validated Setup Diagram
26172356_1615410415193060_7850651826501658736_o.jpg

Hi, may I know whether this will work for users whose internet does not come with vlan. I am planning to do this in my future bto with 2 dumb switches to put my router and ap out of the dB box.

Tks for the advice as I am a networking noob.
 

Ah-Pin-Kor

Great Supremacy Member
Joined
Apr 2, 2008
Messages
54,433
Reaction score
1,334
Hi, may I know whether this will work for users whose internet does not come with vlan. I am planning to do this in my future bto with 2 dumb switches to put my router and ap out of the dB box.

Tks for the advice as I am a networking noob.
It will work for other ISP where internet does not come with vlan, with some modifications:

1) the db switch sw2, port 2 egress (outgoing back to the ONT), has to be untagged. port 2 on sw1 is not used but should be untagged as well.
2) vlan 20 is not used if you don't have iptv so don't need to configure it
3) port 8 on both switches can join vlan 100 if you don't have iptv
 

LoneTraveller

Arch-Supremacy Member
Joined
Mar 31, 2012
Messages
11,145
Reaction score
3,536
It will work for other ISP where internet does not come with vlan, with some modifications:

1) the db switch sw2, port 2 egress (outgoing back to the ONT), has to be untagged. port 2 on sw1 is not used but should be untagged as well.
2) vlan 20 is not used if you don't have iptv so don't need to configure it
3) port 8 on both switches can join vlan 100 if you don't have iptv

So I still have to use smart switches and do configuring? I was thinking to just use dumb switches to link the ont to the router and ap in the living room.

My Republic subscriber here.

Tks for the help.
 

Ah-Pin-Kor

Great Supremacy Member
Joined
Apr 2, 2008
Messages
54,433
Reaction score
1,334
So I still have to use smart switches and do configuring? I was thinking to just use dumb switches to link the ont to the router and ap in the living room.

My Republic subscriber here.

Tks for the help.
Yes, smart switches are still needed because the trunk (port 1 of both switches) carries the 2 vlans for wan and lan.
 

HMAN

Master Member
Joined
Jan 6, 2002
Messages
4,801
Reaction score
469
I have a pair of microtik rb260gs (brand new)available for experiment.. the configuration should be more flexible than TPLINK easy manage switch. Any taker?

Sent from Google PIXEL C using GAGT
 

LoneTraveller

Arch-Supremacy Member
Joined
Mar 31, 2012
Messages
11,145
Reaction score
3,536
Yes, smart switches are still needed because the trunk (port 1 of both switches) carries the 2 vlans for wan and lan.

Tks very much for the advice. Will bookmark it.

And Tks as well to ts for sharing this. It really saves me a lot of headache in planning for my future bto networking.

Cheers
 
Last edited:

sportyant

Junior Member
Joined
Jan 1, 2000
Messages
69
Reaction score
0
You need to buy the Switch back ,at least a pair to start exploring and also read the Switch Manual carefully, it is using concise English to describe rather than putting down illustrations to explain the case. It is more of testing of your understanding on the language than describing things in Engineering way.


A few points to take note
1) Each brand of Managed Switch used slightly different deployment topology on Trunking.
-Cisco is using a clearer way to manage the Trunk for multiple Vlan
-TP-Link, Multiple way depends on Managed Switch classes.

  • [*]-For Easy Managed SG105/8E , it takes away most settings to make it EASY but more confusing.
    [*]-The Switches described in the Starhub threads are a better class of TPLink switch which give clear control on Multiple Vlan trunking​

With reference to your drawing
Use case Assumptions
1.On Starhub Fibre with Multiple IPTV at remote locations
2. Use Single Cable Trunk to carry IPTV & After Router's LAN to multiple locations.
3. TP-link SG105/8E Easy Managed switches are used.
4. Just my assumptions, Not familiar with Starhub actual Vlan ID.
-IPTV Vlan ID:1091, Signal from ONT Port-2
-Internet -> No Vlan ID, Signal from ONT Port-1

My Proposal
1. Your Vlan Topology should be simplified to 2 types
  • -IPTV , use the exact Vlan ID:1091
  • - After Internet Gateway(Router) Internal network signal distribution for Access Point( AP) and Ethernet ports usage
    Use Vlan ID:100, avoid using Vlan ID:10 (this is known signal for Singtel Internet)

    The 3rd Vlan20 is redundant for your application with Wan directly connected to the ONT.


On DB SW1
-2 Trunking by Port 1 & 8 to carry all signals (IPTV and after gateway
Vlan 1091 : Tagged Port 1,2 & 8
Vlan 100: Tagged Port: 1,8, & Untagged: 3-7

Port PVID settings-Very Important , you must set correctly
Port 1,8 PVID=1
Port 2, PVID=1091
Port 3-7, PVID=100

On Living Room SW2 & SW3

Vlan Settings
Vlan ID :1091, Tagged Port 1, tagged: *Port 2

*Port 2: Tagged or Untagged ? is really dependent on IPTV Settings, if the IPTV Server is expecting tagged Frame on return , then Port 2 output should be tagged. Just experiment on this to find out.

*Singtel IPTV itself, Untagged Port settings is used, signal going back to server is without tagged frame.

Vlan ID:100, Tagged Port-1, Untag Port 3-5

Port PVID Settings
Port 1: PVID=1
Port 2: PVID=1091
Port 3-5, PVID=100

You need to set the 802.1P QoS Priority Settings, try using the auto configuration with 802.1P QoS setting

Notes on TP-Link switch FW bugs
1. Try applying Save configurations after completing the full setup.
-There are bugs in the FW that only save configurations once.
2. Clicking applying change of settings is only effective for current power cycle, you need to use the external Save Configurations to really write to Flash memory.
3. It is always good to use backup configuration to File to backup known good working configuration. Anything wrong you can restore to good working point.

4. Validate Switch retaining last settings after power cycling . I found the switch sometimes does not save your last applied settings..
-Wasting many hours to figure out this stupid bugs


I managed to find a network splitter , you will need a pair to work.

No need to use the managed switch or configure.

So far using it for a month, no issue.
 

gregory_choo

Supremacy Member
Joined
Nov 7, 2007
Messages
8,773
Reaction score
1,046
I managed to find a network splitter , you will need a pair to work.

No need to use the managed switch or configure.

So far using it for a month, no issue.

If you are talking about the type of splitter that splits a 8-wire cable into two 4-wire cable, yes, it will work and costs only a few dollars for a pair.

However, the speed is only 100Mbps. But I think 100Mbps is more than enough for most people.

So if you are using splitter and your broadband plan is 1Gbps, you should change it to lower speed and save some money.
 
Last edited:

steven168z

Master Member
Joined
Oct 16, 2013
Messages
3,302
Reaction score
133
Reading posts here..mostly stuck with Single Lan point to living hall with no return line to loop back to DB for further distribution.


There is one solution that you dont need to lay extra cable yet able to loop back for further distribution without much suffer on bandwidth ( up to 1 GB Full duplex).


By using 2 managed switch, you can achieve this goal .

1. ONT -> Managed Switch 1(MS1) => Network truck with single LAN cable to link to Managed Switch 2 => Living Hall Router & its LAN Port loop back to MS2 switch to be routed back to MS1 LAN Port for other rooms distributions.



MS1 Setup
- 1 Trunk Port ( ONT -> MS1-Trunk Port -> MS2 -Trunk Port-> Router WAN Port
- VLan grouping based on ISP vlan settings

-Define Vlan Group for Other rooms distribution, Vlan-InterLAN


MS2-Setup
-Dedicted TrunkPort to route traffic from MS1 and To MS1
-Vlan group for Router WAN Port & Trunk
-Vlan group ports for Router's LANPORT to MS1 Lan Ports- Vlan -InterLAN


Since the only physical LAN has full duplex bandwidth of 1GBps Up and 1 GBps Down.

Since the internet application mostly download more than upload. With assumption of 9:1 Ratio of Download /Upload (Mainly for signal acknowledgement) .

You will have 900Mbps for download bandwidth and 100 Mbps for uplink acknowledgement.

Single Trunk have 2 lanes of Download link(DL) and 2 lanes of UpLink (UL)


Download Link Signal
1.Internet ->ONT ->Trunk MS1 (Trunk of 2 lanes download) -> MS2 ( 2 Lanes of receiving ) to Router WAN

2. LAN Ports from MS1 Network will use the same DL lanes to transfer signal back to Router's Lan Port.
*This uplink signal ration should be around 10% of Internet incoming traffic


Uplink Path
1) Wan Out from Router to ONT to Internet
10% of Downlink traffic
2) Network traffic From Router's LAN Port ( MS2 ) to MS1-LAN download traffics
Since this is internet download, you still have 90% bandwidth or 900 Mbps.

I have ordered 2 managed Switch from Amazon with trunk capability to experiment this concept. I should be able to share more after getting the switches from Amazon. $120 project...

This concept is not new, it is documented by many network switch makers.
One of the more easy to understand concept is found at Mikrotek wiki page.

Update(31 Dec 2017)
Adding validated Setup Diagram
26172356_1615410415193060_7850651826501658736_o.jpg

thread image can't see
 

miloaisdino

Senior Member
Joined
Mar 25, 2016
Messages
955
Reaction score
53
Just get a tplinl tl-sg105e or tl-sg108e. Its only sgd$35 from cybermind sls (pc show).. Contrary to what others say, this switch can set vlan priority4 for iptv if u look at the settings properly. I can pm config, it works v well
 

steven168z

Master Member
Joined
Oct 16, 2013
Messages
3,302
Reaction score
133
Just get a tplinl tl-sg105e or tl-sg108e. Its only sgd$35 from cybermind sls (pc show).. Contrary to what others say, this switch can set vlan priority4 for iptv if u look at the settings properly. I can pm config, it works v well

share config here.

you go cybermind sls to get or pcshow ?
 
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Community Guidelines and Standards, Terms of Service and Member T&Cs for more information.
Top