Business Community > Routers > Port VLAN? What does it actually do at low level?
< Routers

Port VLAN? What does it actually do at low level?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Port VLAN? What does it actually do at low level?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Port VLAN? What does it actually do at low level?
Port VLAN? What does it actually do at low level?
2019-11-08 08:31:12 - last edited 2021-04-19 11:46:36
Model: TL-R480T+  
Hardware Version: V6
Firmware Version: 5.2.2 (latest)

First of all, I already know there are 2 types of VLAN:

  1. Port based VLAN
  2. Tag based VLAN (aka IEEE 802.1q)

 

The TL-R480T+ manual states that its switch uses port VLAN - I am fine with that.

 

 

It does indeed prevent hosts from different VLAN from communicating with each other. But the first strange thing I found after configuring 3 different VLANs is that: the router's interface that connects to the switch uses a single IP address 192.168.0.1 for all VLANs. How can it even happen?

 

I assumed that internally it created 3 different virtual interfaces facing 3 VLANs, with same IP address 192.168.0.1 for all 3 interfaces (sounds too stupid to be true). But then, I just realized that the DHCP server connected to all VLANs and handed out non-duplicate addresses to clients belonging to different VLAN. I used 2 computers connected to 2 different ports (or VLANs), and configured them to use the same IP address. Guess what? One of them did not work due to IP conflict.

Since when are hosts from different broadcast domains unable to use the same IP address? Is this considered the 3rd type of VLAN created by TP-Link?

  0      
 
  0      
 
#1
Options
4 Reply
Re:Port VLAN? What does it actually do at low level?
2019-11-08 08:45:42 - last edited 2021-04-19 11:46:36

@Livy 

Port VLAN on R480T+ is not 802.1q. It is more like Port Isolation/Traffic Segmantation, if we take example from switches. So, now it is probably clear for you, why it uses the same sub-network.

  0  
  0  
#2
Options
Re:Port VLAN? What does it actually do at low level?
2019-11-08 09:00:13 - last edited 2021-04-19 11:46:36

@Mitya Nope, VLAN works at Layer 2 of OSI model, meaning no subnet involved. Its goal is to split a physical switch to multiple logical switches, each with its own broadcast domain. Then we can create 2 different subnets working independantly of each other, even if they share the same subnet number. No matter how the manufacturer implements VLAN, port based or tag based, the result must be the same. The manual of TL-R480T+ also admits that:

 

4.3.5.6 Port VLAN

 

The VLAN function can prevent the broadcast storm in LANs and enhance the network security. By creating VLANs in a physical LAN, you can divide the LAN into multiple logical LANs, each of which has a broadcast domain of its own. Hosts in the same VLAN communicate with one another as if they are in a LAN. However, hosts in different VLANs cannot communicate with one another directly. Therefore, broadcast packets are limited in a VLAN.

 

TL-R480T+ provides the Port VLAN function, which allows you to create multiple logical VLANs for the LAN ports based on their port numbers.

 

With all VLANs being able to connect to the router's interface at 192.168.0.1, and no duplicate IP is allowed, that means they belong to the same Layer 2 broadcast domain. I suspect this abomination is using some kind of packet filtering to prevent communication between ports, instead of creating "real" VLAN.

  0  
  0  
#3
Options
Re:Port VLAN? What does it actually do at low level?
2019-11-08 09:04:56 - last edited 2021-04-19 11:46:36

@Livy 

Try to get dumps and you will see, that hosts in different VLANs will be isolated and will not see each others traffic. The same time the device, which controls this isolation, is the router and this router can't have several LAN IP-interfaces and it is the gateway for all VLANs.

I agree, that it can't be called VLAN, but Port Isolation.

  0  
  0  
#4
Options
Re:Port VLAN? What does it actually do at low level?
2019-11-08 15:13:27 - last edited 2021-04-19 11:46:36

Livy, VLANs do not imply different broadcast domains. VLANs are just a function to isolate Ethernet traffic, which can help to establish different broadcast domains, but in order to do so the router needs to support different networks as well as assignment to one or more of its switch ports (or VLAN interfaces at least).

 

It does in no way violate the 802.1Q standard to use the same subnet over several VLANs. »Port VLAN« and »MTU VLAN« are just special cases of 802.1Q VLANs offering an easy way to adopt a common standard setup.

 

What you want is support for multiple networks (whether the ports assigned to each network then use VLANs or not is another question - using VLANs then only would make sense for trunk ports). AFAIK, multiple networks on TP-Link routers require setup of Multi-Nets NAT as TP-Link calls it. See this HowTo.

༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻
  1  
  1  
#5
Options

Information

Helpful: 0

Views: 4087

Replies: 4

Related Articles
Is it mandatory to assign VLAN to a port ?
711 0
ACL between VLAN and Routed Port
1800 0
ER605 Port Forwarding to an ip on vlan
389 0
 Where can we actually buy this?
684 0
 Level 3 Inter VLAN traffic without gateway
727 0
 Port to VLAN configuration
309 1
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.