Hello wise and mighty people.
I am using OPNsense for a SOHO environment with TP-Link smart switches such as TP-SG108E.
I have ~50 client machines on the LAN side of my OPNsense.
I have recently got it into my head to use VLAN's and it's driving me crazy:
on OPNsense:
i set up the 3 VLAN's on the OPNsense LAN line.
Base: DHCP is set 192.168.2.100-199 on LAN line
DHCP is set 192.168.40.100-199 on VLAN40
DHCP is set 192.168.50.100-199 on VLAN50
DHCP is set 192.168.60.100-199 on VLAN60
The smart switch is connected to the LAN line:
One trunk port(8) is assigned to VLAN 40,50 and 50.
port 1 assigned to VLAN 40
port 2 assigned to VLAN 50
port 3 assigned to VLAN 60
Note: TP-link switches will ALWAYS pass VLAN 1 (un tagged packets) to all ports to prevent control lockout.
Problem:
When I connect my laptop to ANY port on the switch, I get the same 192.168.2.100 address.
I expected to connect the laptop to port 1 of the switch and get an IP 192.168.40.100 but got 192.168.2.100
Thoughts: Since the switch passes VLAN1 in any case, perhaps this DHCP server answers first? Can I change the order of DHCP servers?
Thanks
Uri
Quote from: ubear on February 18, 2021, 10:05:59 AM
Note: TP-link switches will ALWAYS pass VLAN 1 (un tagged packets) to all ports to prevent control lockout.
I don't think so.
German page, but I think you get the point:
https://znil.net/index.php/VLAN_auf_TL-SG108E_mit_802.1Q_einrichten
You need to change the PVID too.
Thank you VERY much!
That did the trick!
My trust in machines (and people) is restored!
Thanks again
Uri
Whoever permitted tagged and untagged frames on the same port in 802.1q deserves to be shot.