Dell PowerConnect 5324

Talk about setting up your home network.
User avatar
Crash2009

Posts: 4357
Joined: Thu May 17, 2012 12:38 am
Location: Ann Arbor, Michigan

HTPC Specs: Show details

#61

Post by Crash2009 » Sun Mar 15, 2015 3:40 pm

When in My Network list, LED40 is listed twice . When I click on properties I get this:

Model: UN40h5203
Model number: AllShare1.0
Serial number 20110517DMR
MAC address: 90:f1:aa:ea:0d:52
Unique identifier: uuid:0e4e1c01-00f0-1000-b0eb-c4576e9878e4
IP address: 192.168.1.221

and this...

Model: UN40h5203
Model number: 1.0
Serial number: 20090804RCR
MAC address: 90:f1:aa:ea:0d:52
Unique identifier: uuid:07bfa481-0082-1000-b3aa-c4576e9878e4
IP address: 192.168.1.221
Attachments
SamsungLed40.jpg

Venom51

Posts: 566
Joined: Sun Jun 12, 2011 7:12 pm
Location: Cumming,GA

HTPC Specs: Show details

#62

Post by Venom51 » Sun Mar 15, 2015 6:19 pm

Crash2009 wrote:I have some captures of 16 prior to his RT-AC56 upgrade. I thought we had it beat. Guess not. I will say the problem is less intense, so there has been some progress. Ill start capturing again when the problem exists. In Wireshark, how do I recognize...

1-flooding with broadcast
2-unicast specific to IP's
3-loop
4-malfunctioning device.
1 - Broadcast traffic is normal on a flat Layer 2 network. DHCP discovers, ARP requests, NetBIOS Master Browser elections are all part of normal broadcasts. You should see them but depending on the size of the network the time between seeing a broadcast for a machine and seeing another from the same machine should happen at long intervals. Say 3 to 5 minutes on average. If you are seeing broadcast traffic from the same address every few seconds that is something I would look into as it makes for a very noisy network.

2 - Again normal but the traffic pattern may indicate that they are just consuming more bandwidth than you have to give and maintain good performance for the rest of the users on the network. This is where QOS or rule based throttling could be used to ensure they can't consume more resources than you want to give them.

3 - If you had a loop you'd know it pretty quickly. The network will fall apart and become unresponsive almost immediately. If you want to see it in action then plug a cat5 cable into 2 ports on an unmanaged switch and watch the fun. We use Spanning Tree to combat effects of that by not allowing a port to transmit on the network until a loop detection has been done. If Spanning tree is on in your switch and working properly then looping a cable into 2 ports on the switch should have no impact as the switch will just prevent 1 of the 2 ports from transmitting or forwarding any traffic.

4 - I've seen network devices do things on networks that they shouldn't from eating ARP requests to just flooding the network with unsolicited responses to broadcast messages.

User avatar
Crash2009

Posts: 4357
Joined: Thu May 17, 2012 12:38 am
Location: Ann Arbor, Michigan

HTPC Specs: Show details

#63

Post by Crash2009 » Tue Mar 17, 2015 2:57 am

Thanks for not laughing at the idea of an RT-N16 running 4 VLANS. After having a peek at ERL, I see what you mean about a "real piece of hardware". I'm glad I didn't take the easy way out. I'll shop around this week.

The dual cable modem idea is cost prohibitive. Comcast wants more dollars/mo than the revenue port 16 provides.

So the plan is to segregate and throttle 16 at the switch?
Attachments
UbiquitiERL.JPG

User avatar
Crash2009

Posts: 4357
Joined: Thu May 17, 2012 12:38 am
Location: Ann Arbor, Michigan

HTPC Specs: Show details

#64

Post by Crash2009 » Tue Mar 17, 2015 11:06 am

On 2nd thought, that 2nd cable modem will come in handy while setting up the new router!

User avatar
Crash2009

Posts: 4357
Joined: Thu May 17, 2012 12:38 am
Location: Ann Arbor, Michigan

HTPC Specs: Show details

#65

Post by Crash2009 » Thu Mar 19, 2015 12:39 am

The router got here tonight. Upgraded the image from 1.2 to 1.6. Got the time right, and found a wizard in the new image to make the subnets. Both sides work and they are unable to ping each other. So far, so good.
Attachments
TwoSubnets.jpg

Venom51

Posts: 566
Joined: Sun Jun 12, 2011 7:12 pm
Location: Cumming,GA

HTPC Specs: Show details

#66

Post by Venom51 » Thu Mar 19, 2015 1:47 am

You realize you'll no longer be able to tolerate the cheap consumer equipment anymore as you learn more and more. :mrgreen:

User avatar
Crash2009

Posts: 4357
Joined: Thu May 17, 2012 12:38 am
Location: Ann Arbor, Michigan

HTPC Specs: Show details

#67

Post by Crash2009 » Thu Mar 19, 2015 3:37 am

I appreciate your advice. I am leaning toward running all my stuff through 1.1 and all the rest through 2.1. Split the switch 8 ports with 1 trunk to 2.1 subnet and my 12 ports with 1 trunk to the 1.1 subnet. Is that a bad idea?
Last edited by Crash2009 on Thu Mar 19, 2015 3:42 am, edited 1 time in total.

Venom51

Posts: 566
Joined: Sun Jun 12, 2011 7:12 pm
Location: Cumming,GA

HTPC Specs: Show details

#68

Post by Venom51 » Thu Mar 19, 2015 3:41 am

Nothing wrong with that. Leave your self in the default VLAN 1 and move them into VLAN 2. Some devices won't let you assign the management VLAN to something other than VLAN 1.

User avatar
Crash2009

Posts: 4357
Joined: Thu May 17, 2012 12:38 am
Location: Ann Arbor, Michigan

HTPC Specs: Show details

#69

Post by Crash2009 » Thu Mar 19, 2015 4:40 am

Do I need to specify a trunk port for the default VLAN 1 on the switch? I have always just connected port 24 to the router, I don't think I ever defined 24 as a trunk. Maybe that's why the switch icon in the Network Map is not hot like the rest?
Attachments
NetworkMap.JPG

Venom51

Posts: 566
Joined: Sun Jun 12, 2011 7:12 pm
Location: Cumming,GA

HTPC Specs: Show details

#70

Post by Venom51 » Thu Mar 19, 2015 3:00 pm

The port you will connect to the router will need to be set as a trunk.

Image

When you add ports to the VLANs you will add ports connected to PC's as untagged and the trunk port as tagged. The exception will be VLAN1 or the default VLAN as the equipment will pass that traffic as untagged.

I'll show you an example from a switch in the office. Mine will look a little different as each office has a small 8 port switch to which I send multiple vlans. Ports 18-20 are an example of ports connected to PC's or printers which don't need the tagged traffic.

Image

VLAN 1 being the exception to the rule. That traffic is passed among all switches untagged as intended for management purposes.

Image

User avatar
Crash2009

Posts: 4357
Joined: Thu May 17, 2012 12:38 am
Location: Ann Arbor, Michigan

HTPC Specs: Show details

#71

Post by Crash2009 » Fri Mar 20, 2015 1:19 am

So that's what all those U's and T's mean untagged and tagged. I was bashing my way around in there last night, managed to make everything stop working. Had to back out with my tail between my legs. Thank god for the reset button. I don't have enough time all at once, to pull this off. Too much pressure working on this live. I am going to have to stage it. I have 2 unused 8 port unmanaged switches. I'll patch the renters into one, and my critical stuff into the other, then use 2 uplinks into the 2 subnets, and make the router live. Then I'll patch a few laptops into the Powerconnect, and slap it till it works.

User avatar
Crash2009

Posts: 4357
Joined: Thu May 17, 2012 12:38 am
Location: Ann Arbor, Michigan

HTPC Specs: Show details

#72

Post by Crash2009 » Fri Mar 20, 2015 2:42 am

Found what looks like a good VLAN CLI:

https://thejimmahknows.com/inter-vlan-r ... nect-5324/

Configure Switch
1.Add VLANs to VLAN Database on Switch

console# configure
console(config)# vlan database
console(config-vlan)# vlan 100
console(config-vlan)# vlan 200

console# interface range ethernet g1,g2,g3,g4,g5,g6,g7,g8,g9,g10,g11,g12,g13,g14,g15,g16
console# switchport mode access
console# switchport access vlan 100

console# interface range ethernet g17,g18,g19,g20,g21,g22,g23
console# switchport mode access
console# switchport access vlan 200


2.Verify VLANs

console# show vlan

Vlan Name Ports Type Authorization
---- ----------------- --------------------------- ------------ -------------
1 1 g(17-24),ch(1-8) other Required
100 Network1 g(1-16) permanent Required
200 Network2 permanent Required


3.Set IP on Network 1 (VLAN 100)

console# configure
console(config)# interface vlan 100
console(config-if)# ip address 192.168.1.2 255.255.255.0


4.Lastly, set Trunk interface and the allowed VLANs to egress the Trunk link:

console# configure
console# interface ethernet g24
console# switchport mode trunk
console# (config-if)# switchport trunk allowed vlan add all


NOTICE: The switch will spit back the current VLANs it knows about from it’s VLAN database. Therefore, if you add more VLANs to the database you will need to reissue this command to add the new VLANs to be allowed across the Trunk Link.

5.Don’t forget to save! console# copy startup-config running-config

Venom51

Posts: 566
Joined: Sun Jun 12, 2011 7:12 pm
Location: Cumming,GA

HTPC Specs: Show details

#73

Post by Venom51 » Fri Mar 20, 2015 2:15 pm

That should do it. The only concern I have with his example is that it assume all your equipment can have the management VLAN assigned to something other than VLAN1 or the default VLAN. I would change 100 to 1. I would also recommend leaving 1 port in general mode in VLAN 1 so you can still use a port mirror to look at traffic. Maybe ports 1-15 in VLAN1 and ports 16 through 22 in VLAN 200. Leave port 23 unassigned and trunk port 24.

User avatar
Crash2009

Posts: 4357
Joined: Thu May 17, 2012 12:38 am
Location: Ann Arbor, Michigan

HTPC Specs: Show details

#74

Post by Crash2009 » Fri Mar 20, 2015 7:30 pm

Will do. I think I figured out one of the things I missed on the first try..... Where in the GUI do you set the IP of the subnet in the router? I don't remember seeing a place for that in either of the VLAN sections.

The CLI does it this way according to the article.
3.Set IP on Network 1 (VLAN 100)

console# configure
console(config)# interface vlan 100
console(config-if)# ip address 192.168.1.2 255.255.255.0
I would imagine 192.168.1.2 255.255.255.0 could be changed to 192.168.1.2/24 for a cleaner look?


Would it be a bad idea to have 3 VLANS with 2 trunks?

1- would be the management/default VLAN, which would be allowed to either subnet.

2- vlan 100 going to 192.168.1.1/24

3- vlan 200 going to 192.168.2.1/24

2 and 3, would each have their own trunk.

1 could use either trunk, or both at the same time.

OR? am I missing something again?

Venom51

Posts: 566
Joined: Sun Jun 12, 2011 7:12 pm
Location: Cumming,GA

HTPC Specs: Show details

#75

Post by Venom51 » Fri Mar 20, 2015 7:49 pm

Crash2009 wrote:Will do. I think I figured out one of the things I missed on the first try..... Where in the GUI do you set the IP of the subnet in the router? I don't remember seeing a place for that in either of the VLAN sections.

The CLI does it this way according to the article.
3.Set IP on Network 1 (VLAN 100)

console# configure
console(config)# interface vlan 100
console(config-if)# ip address 192.168.1.2 255.255.255.0
I would imagine 192.168.1.2 255.255.255.0 could be changed to 192.168.1.2/24 for a cleaner look?


Would it be a bad idea to have 3 VLANS with 2 trunks?

1- would be the management/default VLAN, which would be allowed to either subnet.

2- vlan 100 going to 192.168.1.1/24

3- vlan 200 going to 192.168.2.1/24

2 and 3, would each have their own trunk.

1 could use either trunk, or both at the same time.

OR? am I missing something again?
In the GUI it's under System-> IP Addressing -> IPv4 Interface Parameters. You get to choose between assigning to a port, LAG or VLAN. In this case you would select the VLAN to which you want to assign the IP. I'm not sure the CLI accepts the Cisco /24 style notation.

1. - I would keep the 192.168.1.0/24 subnet for VLAN 1. Keeps them from having the ability to get to anything in your VLAN. Again I would keep yourself in VLAN1 for simplicity sake.

2. I see no need for VLAN 100. If your equipment is in VLAN1 the assign 192.168.1.0/24 to yourself.

3. Put the tenants in this VLAN. That will keep them out of VLAN1 and away from your equipment.

No need for more that 1 trunk to the ERL. It's a gigabit link and the cable connection is no where near that fast. Since you aren't routing between the VLANs there is no chance the trunk will ever saturate as only traffic destined for the internet would traverse that link.

User avatar
Crash2009

Posts: 4357
Joined: Thu May 17, 2012 12:38 am
Location: Ann Arbor, Michigan

HTPC Specs: Show details

#76

Post by Crash2009 » Sat Mar 21, 2015 7:43 am

I got the 2 little switches ready to go and tested the ports. Gave the tenants notice that the internet is going to be unreliable or unavailable Sunday 2 pm. Should have everything moved off the PowerConnect, and will start working on it, tomorrow.

Had to work tonight, just got back. I love the freeway at night.

User avatar
Crash2009

Posts: 4357
Joined: Thu May 17, 2012 12:38 am
Location: Ann Arbor, Michigan

HTPC Specs: Show details

#77

Post by Crash2009 » Sun Mar 22, 2015 8:03 pm

I'm about to hit Apply Changes and hope for the best.....
Attachments
SwitchSplitTrunkApplied.jpg

User avatar
Crash2009

Posts: 4357
Joined: Thu May 17, 2012 12:38 am
Location: Ann Arbor, Michigan

HTPC Specs: Show details

#78

Post by Crash2009 » Sun Mar 22, 2015 9:35 pm

For some reason I was unable to get VLAN 1 and VLAN 2 to share Trunk port 24. 192.168.1.0 was able to connect, 192.168.2.0 was unable to connect. What I did was Trunk port 23, and run a patch from 23 to eth2 in the router. I know this is not quite right, but I am out of time for today.
Attachments
ThatsItForToday.jpg

Venom51

Posts: 566
Joined: Sun Jun 12, 2011 7:12 pm
Location: Cumming,GA

HTPC Specs: Show details

#79

Post by Venom51 » Sun Mar 22, 2015 9:38 pm

Port 23 isn't set as tagged in VLAN 2.

User avatar
Crash2009

Posts: 4357
Joined: Thu May 17, 2012 12:38 am
Location: Ann Arbor, Michigan

HTPC Specs: Show details

#80

Post by Crash2009 » Sun Mar 22, 2015 10:30 pm

Venom51 wrote:Port 23 isn't set as tagged in VLAN 2.
Where do you see that?

Should I change 23 from U to T ? or is the adjustment somewhere else?
Attachments
23NotTagged.JPG

Post Reply