VLAN fails for IOT devices

VLAN fails for IOT devices
VLAN fails for IOT devices
2022-04-29 16:02:15 - last edited 2022-05-02 13:24:09
Model: TL-SG105E  
Hardware Version: V5
Firmware Version: 1.0.0 Build 20191105 Rel.33503

So, I just got done adding some TP-Link items to my network in order to get better WiFi coverage while also segregating IOT devices into a VLAN.  Everything works, sort of.

 

I have an edge router splitting my network off into a DMZ, Guest, and LAN networks.  On the LAN network, I have a deco m5 acting as a router and behind it I split off into two other backhauled m5s and a couple managed switches.  The Deco has Guest WiFi turned on and the VLAN id set to 10.  Yes, double NAT but has worked before with a different router where the m5 is now.  Also, I'm using the Guest WiFi for my IOT devices. Actual guests connect to a different AP that's on a different VLAN coming directly off the edge router.

 

Anyway, everything connected to the IOT (Deco Guest) WiFi works just fine.  Harmony Hub, Honeywell Thermostats, Alexa devices, etc.  But, I've got a couple IOT devices I'm trying to hard-wire either because they need to be (SmartThings v2 hub, Hue Hub) or I want them to be (networked receiver, smart TV).  To accomplish this, I have two TL-SG105E switches sitting on the same wire as the backhauled m5s.  A simple diagram with the relevant parts looks something like the image below.

 

 

In the switch pictured above, I've got the VLAN setup as follows.

 

 

Any device connected to ports 1-3 work as you would expect.  When I connect a laptop (Windows 10) to ports 4 or 5, it also works. Shows up in the Deco app as in the Guest Network with a wired connection.  IP config on Windows shows everything happy as a clam.  Any IOT device however, failes miserably.  Best guess from what I'm seeing is that they don't actually get a proper DHCP response. Deco doesn't even recognize it's on the network. On my smart tv (Android) I tried setting the IP manually using a free IP with /24 network size, set gateway to the main m5 router, set DNS, etc.  But even that didn't work.

 

There isn't anything I can change (that I'm aware of) on the Deco. Only thing I can think is I'm doing something blindingly dumb on the switch that's causing traffic not to route to the IOT devices while Windows has something in their TCP/IP stack that can deal with it.

 

Can someone tell me what to check or try before I pull what's left of my hair out?

 

Thanks,

Gary

  0      
  0      
#1
Options
1 Accepted Solution
Re:VLAN fails for IOT devices-Solution
2022-04-29 17:27:48 - last edited 2022-05-02 13:24:09

Oh, I'm an idiot.

 

For some reason I had it in my head that setting the PVID for the IOT ports would add the VLAN tag to their traffic, thus "tagging" them and so the VLAN membership was, well... tagged. I just changed the IOT ports membership to "untagged" and everything started working.

 

So, why did the Windows laptop work when added to the IOT ports when they were marked as tagged?  Is Windows smart enough to figure out it was being added to VLAN 10 and start tagging it's packets?

 

Eh, whatever... things work now so I'm happy.

 

-Gary

Recommended Solution
  0  
  0  
#3
Options
2 Reply
Re:VLAN fails for IOT devices
2022-04-29 17:05:15

So, it is definately the switch and not anything going on with the Deco.   I moved one of the switches to hang directly off an edge router port configued just like the Deco... trunk VLAN 1 and additional VLAN 10.  I hooked up the Hue hub to switch port 5 (VLAN 10) and it failed to connect. In here though, the edge router DHCP pool did show a lease to the Hue hub... so there is that at least. I moved it over to port 1 (main trunk VLAN 1) and the Hue connected just fine.

 

What dumb thing did I do with the switch?  I mean.. this should work, right?

 

Thanks,

-GP

  0  
  0  
#2
Options
Re:VLAN fails for IOT devices-Solution
2022-04-29 17:27:48 - last edited 2022-05-02 13:24:09

Oh, I'm an idiot.

 

For some reason I had it in my head that setting the PVID for the IOT ports would add the VLAN tag to their traffic, thus "tagging" them and so the VLAN membership was, well... tagged. I just changed the IOT ports membership to "untagged" and everything started working.

 

So, why did the Windows laptop work when added to the IOT ports when they were marked as tagged?  Is Windows smart enough to figure out it was being added to VLAN 10 and start tagging it's packets?

 

Eh, whatever... things work now so I'm happy.

 

-Gary

Recommended Solution
  0  
  0  
#3
Options