HWZ Forums

Login Register FAQ Mark Forums Read

Single LAN cable with Network trunk setup without loop back LAN wire to DB

Like Tree3Likes
Reply
 
LinkBack Thread Tools
Old 01-01-2018, 12:01 PM   #16
Master Member
 
Join Date: Jan 2002
Posts: 3,110
Thanks.

Here is what i plan to do , but not sure if it works or not.

Still bit confused with the tag and untag thing.

You need to buy the Switch back ,at least a pair to start exploring and also read the Switch Manual carefully, it is using concise English to describe rather than putting down illustrations to explain the case. It is more of testing of your understanding on the language than describing things in Engineering way.


A few points to take note
1) Each brand of Managed Switch used slightly different deployment topology on Trunking.
-Cisco is using a clearer way to manage the Trunk for multiple Vlan
-TP-Link, Multiple way depends on Managed Switch classes.
  • -For Easy Managed SG105/8E , it takes away most settings to make it EASY but more confusing.
  • -The Switches described in the Starhub threads are a better class of TPLink switch which give clear control on Multiple Vlan trunking

With reference to your drawing
Use case Assumptions
1.On Starhub Fibre with Multiple IPTV at remote locations
2. Use Single Cable Trunk to carry IPTV & After Router's LAN to multiple locations.
3. TP-link SG105/8E Easy Managed switches are used.
4. Just my assumptions, Not familiar with Starhub actual Vlan ID.
-IPTV Vlan ID:1091, Signal from ONT Port-2
-Internet -> No Vlan ID, Signal from ONT Port-1

My Proposal
1. Your Vlan Topology should be simplified to 2 types
  • -IPTV , use the exact Vlan ID:1091
  • - After Internet Gateway(Router) Internal network signal distribution for Access Point( AP) and Ethernet ports usage
    Use Vlan ID:100, avoid using Vlan ID:10 (this is known signal for Singtel Internet)

    The 3rd Vlan20 is redundant for your application with Wan directly connected to the ONT.


On DB SW1
-2 Trunking by Port 1 & 8 to carry all signals (IPTV and after gateway
Vlan 1091 : Tagged Port 1,2 & 8
Vlan 100: Tagged Port: 1,8, & Untagged: 3-7

Port PVID settings-Very Important , you must set correctly
Port 1,8 PVID=1
Port 2, PVID=1091
Port 3-7, PVID=100

On Living Room SW2 & SW3

Vlan Settings
Vlan ID :1091, Tagged Port 1, tagged: *Port 2

*Port 2: Tagged or Untagged ? is really dependent on IPTV Settings, if the IPTV Server is expecting tagged Frame on return , then Port 2 output should be tagged. Just experiment on this to find out.

*Singtel IPTV itself, Untagged Port settings is used, signal going back to server is without tagged frame.

Vlan ID:100, Tagged Port-1, Untag Port 3-5

Port PVID Settings
Port 1: PVID=1
Port 2: PVID=1091
Port 3-5, PVID=100

You need to set the 802.1P QoS Priority Settings, try using the auto configuration with 802.1P QoS setting

Notes on TP-Link switch FW bugs
1. Try applying Save configurations after completing the full setup.
-There are bugs in the FW that only save configurations once.
2. Clicking applying change of settings is only effective for current power cycle, you need to use the external Save Configurations to really write to Flash memory.
3. It is always good to use backup configuration to File to backup known good working configuration. Anything wrong you can restore to good working point.

4. Validate Switch retaining last settings after power cycling . I found the switch sometimes does not save your last applied settings..
-Wasting many hours to figure out this stupid bugs

Last edited by HMAN; 01-01-2018 at 12:49 PM..
HMAN is offline   Reply With Quote
Old 01-01-2018, 12:26 PM   #17
Master Member
 
Join Date: Jan 2002
Posts: 3,110
Using Starhub according to the post on the other thread.

May work differently from Singtel MIO TV but the setup of Managed Switch would be more or less the same.

As i had provided the link to another hwz forum on 2 SH IPTV are using 2 managed switches.

For 8-ports switch is better as there are enough room for connection to other devices beside the fixed connected to data point, router, IPTV.
Yes I read the Starhub thread, the Network Switch used could confuse users to the Core . What was quoted on the the Starhub thread is using better class of TP-Link switch ,which is more easy to manage with clear Ingress/Egress rules, without that it is all guessing works for the TP-Link Easy Managed Switch

You may want to try that out yourself to see the complexity.
HMAN is offline   Reply With Quote
Old 01-01-2018, 04:34 PM   #18
Master Member
 
Join Date: Jun 2016
Posts: 3,072
Yes I read the Starhub thread, the Network Switch used could confuse users to the Core . What was quoted on the the Starhub thread is using better class of TP-Link switch ,which is more easy to manage with clear Ingress/Egress rules, without that it is all guessing works for the TP-Link Easy Managed Switch

You may want to try that out yourself to see the complexity.
Haha..
Too complex for me as anyway i am only one using IPTV in my flat.
Continue your advice to him on this as it is beyond me to gasp.

Good work..

Happy New Year 2018.
eric3743 is offline   Reply With Quote
Old 02-01-2018, 02:19 AM   #19
Junior Member
 
Join Date: Mar 2016
Posts: 35
It looks similar but its a little different since the router is behind the switch trunk making it function like a router-on-a-stick
http://forums.hardwarezone.com.sg/101511400-post28.html

FreezerGeezer did this some time back.
FreezerGeezer setup is for starhub where VeOnt port 2 is for iptv only and port 1 is for router. Singtel is a bit different. Working solution for starhub using tplink switches https://imgur.com/a/bKiJ7

Last edited by guiguy; 02-01-2018 at 02:21 AM..
guiguy is offline   Reply With Quote
Old 02-01-2018, 10:41 AM   #20
Junior Member
 
Join Date: Jan 2000
Posts: 70
You need to buy the Switch back ,at least a pair to start exploring and also read the Switch Manual carefully, it is using concise English to describe rather than putting down illustrations to explain the case. It is more of testing of your understanding on the language than describing things in Engineering way.


A few points to take note
1) Each brand of Managed Switch used slightly different deployment topology on Trunking.
-Cisco is using a clearer way to manage the Trunk for multiple Vlan
-TP-Link, Multiple way depends on Managed Switch classes.
  • -For Easy Managed SG105/8E , it takes away most settings to make it EASY but more confusing.
  • -The Switches described in the Starhub threads are a better class of TPLink switch which give clear control on Multiple Vlan trunking

With reference to your drawing
Use case Assumptions
1.On Starhub Fibre with Multiple IPTV at remote locations
2. Use Single Cable Trunk to carry IPTV & After Router's LAN to multiple locations.
3. TP-link SG105/8E Easy Managed switches are used.
4. Just my assumptions, Not familiar with Starhub actual Vlan ID.
-IPTV Vlan ID:1091, Signal from ONT Port-2
-Internet -> No Vlan ID, Signal from ONT Port-1

My Proposal
1. Your Vlan Topology should be simplified to 2 types
  • -IPTV , use the exact Vlan ID:1091
  • - After Internet Gateway(Router) Internal network signal distribution for Access Point( AP) and Ethernet ports usage
    Use Vlan ID:100, avoid using Vlan ID:10 (this is known signal for Singtel Internet)

    The 3rd Vlan20 is redundant for your application with Wan directly connected to the ONT.


On DB SW1
-2 Trunking by Port 1 & 8 to carry all signals (IPTV and after gateway
Vlan 1091 : Tagged Port 1,2 & 8
Vlan 100: Tagged Port: 1,8, & Untagged: 3-7

Port PVID settings-Very Important , you must set correctly
Port 1,8 PVID=1
Port 2, PVID=1091
Port 3-7, PVID=100

On Living Room SW2 & SW3

Vlan Settings
Vlan ID :1091, Tagged Port 1, tagged: *Port 2

*Port 2: Tagged or Untagged ? is really dependent on IPTV Settings, if the IPTV Server is expecting tagged Frame on return , then Port 2 output should be tagged. Just experiment on this to find out.

*Singtel IPTV itself, Untagged Port settings is used, signal going back to server is without tagged frame.

Vlan ID:100, Tagged Port-1, Untag Port 3-5

Port PVID Settings
Port 1: PVID=1
Port 2: PVID=1091
Port 3-5, PVID=100

You need to set the 802.1P QoS Priority Settings, try using the auto configuration with 802.1P QoS setting

Notes on TP-Link switch FW bugs
1. Try applying Save configurations after completing the full setup.
-There are bugs in the FW that only save configurations once.
2. Clicking applying change of settings is only effective for current power cycle, you need to use the external Save Configurations to really write to Flash memory.
3. It is always good to use backup configuration to File to backup known good working configuration. Anything wrong you can restore to good working point.

4. Validate Switch retaining last settings after power cycling . I found the switch sometimes does not save your last applied settings..
-Wasting many hours to figure out this stupid bugs
Thank you so much for the clear explanation and pointers.

Will give it a try once my flat renovation complete (hopefully before CNY)
sportyant is offline   Reply With Quote
Old 02-01-2018, 09:52 PM   #21
Master Member
 
Join Date: Jan 2002
Posts: 3,110
More importantly to learn the concept of Vlan, understand its attributes and behavior , you will benefit it for life.
HMAN is offline   Reply With Quote
Old 02-01-2018, 11:34 PM   #22
Senior Member
 
Join Date: May 2011
Posts: 819
More importantly to learn the concept of Vlan, understand its attributes and behavior , you will benefit it for life.
Can explain vlan? Canít understand the settings. Much appreciated
moron+genius is offline   Reply With Quote
Old 05-01-2018, 12:01 AM   #23
Master Member
 
Join Date: Jan 2002
Posts: 3,110
there are tons of material available with the keyword search of "vlan".


You will always find it too abstract to understand , hand on reflection approach is the best way to understand more. Through experiment, i can only understand some of them.




Fundamental building block of Vlan

1) Vlan ID & Vlan name (Only used for high level identification ,not used for switching logic)

-Define group membership of a combination of Ports
Network Switch will do packet forwarding to its members ports based on the receiving Port's PVID.
E.g Untagged Incoming packets to Port 1( and its PVID=100) ,outgoing packet will be forwarded to Vlan group ID=100, Therefore packet will be forwarded to Port 2 & 8 since they are members of Vlan ID=10.


2) Port PVID .
Untagged packets entering a port ,will be routed to Vlan group specified in the Port's PVID.

Application: send packets among the same Lan Group within the same router's subnet
Function like unmanaged port usage .
E.g Define VID ( Vlan iD) =100, member Ports:4,5,6 &7. all untagged
PVID=100 for Port 4,5,6 & 7. Doing this will make Port 4-7 behave like un-managed switch for these few ports.

3) Tagged Port
Tagged packets with Port's PVID=1, this literally becomes a generic network trunk used to carry mixed of Vlan signals (tagged or untagged).

Vlan group with Tagged Port and Untagged Port
Application: Replaced Vlan tagged Router with with generic Router that does not support tagged frames .

Example of Singtel Internet vlan group of VID=10 with Port 1(tagged) & 2(untagged) .
Using 2 Ports ,one tagged with PVID=1, and the other untagged with PVID 10
Tagged Port 1 with PVID=1, this port allows tagged frames to pass through and retains its tag. PVID=1 is a wildcard trunk that allows all signal to pass

Untagged Port 2 with PVID =10 will allow tagged signal of VID=10 to come in and later strip off the vlan tag before sending it over to the connecting device that does not understand vlan.

Above 2 mechanism enabled use of Non Singtel Router to receive normal network packets

Observation
Tagged Port with matching PVID will only accept signal with same VID tag to come in

Learnt through Applications with combinations of Vlan settings

-VID ( Vlan ID) defines logical ports grouping.
=> Always plan your network grouping with Vlan group definition

-Switching logic is jointly determined by the PVID of a port ,Vlan grouping

-Combinations of tagged ,untagged Ports help to perform filtering function
=> Enable use of Non Vlan supported router be used on Network with vlan tagged system.

-Combination of untagged ports with common PVID across ports forms generic
unmanaged network switch for that vlan group


Combination of tagged Port with wildcard PVID=1 serves as trunk for multiple vlan sources.

Last edited by HMAN; 05-01-2018 at 01:05 AM..
HMAN is offline   Reply With Quote
Old 05-01-2018, 08:00 AM   #24
Senior Member
 
Join Date: May 2011
Posts: 819
😮 very chim but interesting. I have a HDMI over IP extender tat Iím tinking 2 use vlan 2 distribute over network. I had tried connecting it to unmanaged switch n tat didnít work. The setup is as follows:
Media box -> HDMI extender -> managed switch 1. -> managed switch 2 -> HDMI extender-> TV
Would this b possible?
there are tons of material available with the keyword search of "vlan".


You will always find it too abstract to understand , hand on reflection approach is the best way to understand more. Through experiment, i can only understand some of them.




Fundamental building block of Vlan

1) Vlan ID & Vlan name (Only used for high level identification ,not used for switching logic)

-Define group membership of a combination of Ports
Network Switch will do packet forwarding to its members ports based on the receiving Port's PVID.
E.g Untagged Incoming packets to Port 1( and its PVID=100) ,outgoing packet will be forwarded to Vlan group ID=100, Therefore packet will be forwarded to Port 2 & 8 since they are members of Vlan ID=10.


2) Port PVID .
Untagged packets entering a port ,will be routed to Vlan group specified in the Port's PVID.

Application: send packets among the same Lan Group within the same router's subnet
Function like unmanaged port usage .
E.g Define VID ( Vlan iD) =100, member Ports:4,5,6 &7. all untagged
PVID=100 for Port 4,5,6 & 7. Doing this will make Port 4-7 behave like un-managed switch for these few ports.

3) Tagged Port
Tagged packets with Port's PVID=1, this literally becomes a generic network trunk used to carry mixed of Vlan signals (tagged or untagged).

Vlan group with Tagged Port and Untagged Port
Application: Replaced Vlan tagged Router with with generic Router that does not support tagged frames .

Example of Singtel Internet vlan group of VID=10 with Port 1(tagged) & 2(untagged) .
Using 2 Ports ,one tagged with PVID=1, and the other untagged with PVID 10
Tagged Port 1 with PVID=1, this port allows tagged frames to pass through and retains its tag. PVID=1 is a wildcard trunk that allows all signal to pass

Untagged Port 2 with PVID =10 will allow tagged signal of VID=10 to come in and later strip off the vlan tag before sending it over to the connecting device that does not understand vlan.

Above 2 mechanism enabled use of Non Singtel Router to receive normal network packets

Observation
Tagged Port with matching PVID will only accept signal with same VID tag to come in

Learnt through Applications with combinations of Vlan settings

-VID ( Vlan ID) defines logical ports grouping.
=> Always plan your network grouping with Vlan group definition

-Switching logic is jointly determined by the PVID of a port ,Vlan grouping

-Combinations of tagged ,untagged Ports help to perform filtering function
=> Enable use of Non Vlan supported router be used on Network with vlan tagged system.

-Combination of untagged ports with common PVID across ports forms generic
unmanaged network switch for that vlan group


Combination of tagged Port with wildcard PVID=1 serves as trunk for multiple vlan sources.
moron+genius is offline   Reply With Quote
Old 06-01-2018, 07:04 PM   #25
Master Member
 
Join Date: Jan 2002
Posts: 3,110
First you need to get the setup work correctly with the simplest form of network switch. E.g between your Router's Lan port.


Do the pair of hdmi extender require pre-setup to configure the Transmitter and Receiver?

Any specification point to this pair of devices required vlan to work ?
Are they deploying standard network protocol to transmit /receive the signals .

Have you google similar setup with vlan ? otherwise you may be targeting a wrong application
HMAN is offline   Reply With Quote
Old 04-03-2018, 04:24 PM   #26
EJ
Senior Member
 
Join Date: Jan 2000
Posts: 2,186
HMAN, thank you for this detailed writeup. I was searching all over the web for something like this as i need to place my router away from the DB but only have 1 LAN cable in between.

Have a question though - do you know if there are any security implications? I'm not very familiar with this but my understanding is that normally, the router / firewall sits immediately after the ONT so there is some clear delineation and protection between LAN and WAN but in this case, the router/firewall sits behind both switches. Does this potentially expose all the LAN traffic to the WAN side?

thanks.

Reading posts here..mostly stuck with Single Lan point to living hall with no return line to loop back to DB for further distribution.


There is one solution that you dont need to lay extra cable yet able to loop back for further distribution without much suffer on bandwidth ( up to 1 GB Full duplex).


By using 2 managed switch, you can achieve this goal .

1. ONT -> Managed Switch 1(MS1) => Network truck with single LAN cable to link to Managed Switch 2 => Living Hall Router & its LAN Port loop back to MS2 switch to be routed back to MS1 LAN Port for other rooms distributions.



MS1 Setup
- 1 Trunk Port ( ONT -> MS1-Trunk Port -> MS2 -Trunk Port-> Router WAN Port
- VLan grouping based on ISP vlan settings

-Define Vlan Group for Other rooms distribution, Vlan-InterLAN


MS2-Setup
-Dedicted TrunkPort to route traffic from MS1 and To MS1
-Vlan group for Router WAN Port & Trunk
-Vlan group ports for Router's LANPORT to MS1 Lan Ports- Vlan -InterLAN


Since the only physical LAN has full duplex bandwidth of 1GBps Up and 1 GBps Down.

Since the internet application mostly download more than upload. With assumption of 9:1 Ratio of Download /Upload (Mainly for signal acknowledgement) .

You will have 900Mbps for download bandwidth and 100 Mbps for uplink acknowledgement.

Single Trunk have 2 lanes of Download link(DL) and 2 lanes of UpLink (UL)


Download Link Signal
1.Internet ->ONT ->Trunk MS1 (Trunk of 2 lanes download) -> MS2 ( 2 Lanes of receiving ) to Router WAN

2. LAN Ports from MS1 Network will use the same DL lanes to transfer signal back to Router's Lan Port.
*This uplink signal ration should be around 10% of Internet incoming traffic


Uplink Path
1) Wan Out from Router to ONT to Internet
10% of Downlink traffic
2) Network traffic From Router's LAN Port ( MS2 ) to MS1-LAN download traffics
Since this is internet download, you still have 90% bandwidth or 900 Mbps.

I have ordered 2 managed Switch from Amazon with trunk capability to experiment this concept. I should be able to share more after getting the switches from Amazon. $120 project...

This concept is not new, it is documented by many network switch makers.
One of the more easy to understand concept is found at Mikrotek wiki page.

Update(31 Dec 2017)
Adding validated Setup Diagram
EJ is offline   Reply With Quote
Old 04-03-2018, 10:56 PM   #27
Member
 
Join Date: Jan 2009
Posts: 109
Does this potentially expose all the LAN traffic to the WAN side?
No because its on a separate vlan.
ridney is offline   Reply With Quote
Old 10-03-2018, 11:16 PM   #28
Master Member
 
Join Date: Jan 2002
Posts: 3,110
This should be safe
Please read the Port tagging table for the routing rules for tagged and untagged port
Example of local LAN signal

Switch 1
For the local LAN ports, they are tagged as 100, all exgress traffic will be tagged with its pvid (100), which will route to ports of VLAN group ID of 100. Traffics flow will go to VLAN 100ports and port 1(1, route any signal as trunk),port of switch 2 will forward the signal to VLAN group of 100. ONT Port will discard the local LAN traffic

ONT Port is VLAN 1, also internal network traffics are using local address range, all signals routed to internet must be NAT to swap out its local addresss otherwise the outside gateway won't be able to route signal to go further with wrong source and destination address.

HMAN, thank you for this detailed writeup. I was searching all over the web for something like this as i need to place my router away from the DB but only have 1 LAN cable in between.

Have a question though - do you know if there are any security implications? I'm not very familiar with this but my understanding is that normally, the router / firewall sits immediately after the ONT so there is some clear delineation and protection between LAN and WAN but in this case, the router/firewall sits behind both switches. Does this potentially expose all the LAN traffic to the WAN side?

thanks.

Last edited by HMAN; 10-03-2018 at 11:28 PM..
HMAN is offline   Reply With Quote
Old 12-03-2018, 01:32 AM   #29
Senior Member
 
Join Date: Mar 2012
Posts: 631
Reading posts here..mostly stuck with Single Lan point to living hall with no return line to loop back to DB for further distribution.


There is one solution that you dont need to lay extra cable yet able to loop back for further distribution without much suffer on bandwidth ( up to 1 GB Full duplex).


By using 2 managed switch, you can achieve this goal .

1. ONT -> Managed Switch 1(MS1) => Network truck with single LAN cable to link to Managed Switch 2 => Living Hall Router & its LAN Port loop back to MS2 switch to be routed back to MS1 LAN Port for other rooms distributions.



MS1 Setup
- 1 Trunk Port ( ONT -> MS1-Trunk Port -> MS2 -Trunk Port-> Router WAN Port
- VLan grouping based on ISP vlan settings

-Define Vlan Group for Other rooms distribution, Vlan-InterLAN


MS2-Setup
-Dedicted TrunkPort to route traffic from MS1 and To MS1
-Vlan group for Router WAN Port & Trunk
-Vlan group ports for Router's LANPORT to MS1 Lan Ports- Vlan -InterLAN


Since the only physical LAN has full duplex bandwidth of 1GBps Up and 1 GBps Down.

Since the internet application mostly download more than upload. With assumption of 9:1 Ratio of Download /Upload (Mainly for signal acknowledgement) .

You will have 900Mbps for download bandwidth and 100 Mbps for uplink acknowledgement.

Single Trunk have 2 lanes of Download link(DL) and 2 lanes of UpLink (UL)


Download Link Signal
1.Internet ->ONT ->Trunk MS1 (Trunk of 2 lanes download) -> MS2 ( 2 Lanes of receiving ) to Router WAN

2. LAN Ports from MS1 Network will use the same DL lanes to transfer signal back to Router's Lan Port.
*This uplink signal ration should be around 10% of Internet incoming traffic


Uplink Path
1) Wan Out from Router to ONT to Internet
10% of Downlink traffic
2) Network traffic From Router's LAN Port ( MS2 ) to MS1-LAN download traffics
Since this is internet download, you still have 90% bandwidth or 900 Mbps.

I have ordered 2 managed Switch from Amazon with trunk capability to experiment this concept. I should be able to share more after getting the switches from Amazon. $120 project...

This concept is not new, it is documented by many network switch makers.
One of the more easy to understand concept is found at Mikrotek wiki page.

Update(31 Dec 2017)
Adding validated Setup Diagram
Hi, may I know whether this will work for users whose internet does not come with vlan. I am planning to do this in my future bto with 2 dumb switches to put my router and ap out of the dB box.

Tks for the advice as I am a networking noob.
LoneTraveller is offline   Reply With Quote
Old 12-03-2018, 11:18 AM   #30
High Supremacy Member
 
Ah-Pin-Kor's Avatar
 
Join Date: Apr 2008
Posts: 35,768
Hi, may I know whether this will work for users whose internet does not come with vlan. I am planning to do this in my future bto with 2 dumb switches to put my router and ap out of the dB box.

Tks for the advice as I am a networking noob.
It will work for other ISP where internet does not come with vlan, with some modifications:

1) the db switch sw2, port 2 egress (outgoing back to the ONT), has to be untagged. port 2 on sw1 is not used but should be untagged as well.
2) vlan 20 is not used if you don't have iptv so don't need to configure it
3) port 8 on both switches can join vlan 100 if you don't have iptv
__________________
== the Neutralizer ==
Ah-Pin-Kor is online now   Reply With Quote
Reply
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Terms of Service for more information.


Thread Tools

Posting Rules

Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On