Confused on what I should be doing as far as VLAN vs PVID

Hi,

The switch does not do interVLAN routing so as long as VLAN 1 and VLAN 139 are in different subnets the traffic from 139 should not be transmitted over VLAN 1. Since VLAN 10 is sending tagged packets the PVID shouldn’t matter as that is where it defaults for sending untagged packets, so as long as the trunk between the two switches is able to pass VLAN 10 it can pass the traffic. So your configuration should work.

Josh thanks for replying,

I might have confused myself while I was jumbling things around but let me try to ask this, (assuming my planned config pictured above) If packets coming from the Cisco on port SFP4 to port 16 of 2716-b are untagged does it not by default fall into pvid1, vlan1, AND vlan139?

We are not currently running VTP (or I guess Dells need GVRP?) since we only need the one subnet x.x.139.x between the cisco and the dells)

I understand from a subnet point of view my x.x.139.x addresses aren't going to be routed to the powerconnect management 192.168.x.x subnet by the dell switches but I'm only worried about spanning tree on the cisco disabling one of the SFP ports to one of the switches in case a loop is created.

As I do not admin the cisco switch I cannot be certain my network team will want to setup vtp (gvrp?) just for the one vlan but if doing that and setting ingress filtering and tagging on port 16 to enabled will do what I need then I'll ask.

The settings on the switch are for outgoing traffic, so it would send untagged traffic on both VLANs, but the Cisco should be putting it into a native VLAN for that port. Inbound untagged traffic is going to the PVID VLAN. So the communication should be occurring on the PVID VLAN and not VLAN 1.

I may have stumbled upon it but would like someone to confirm.

PVID (1-4095) — Assigns a VLAN ID to untagged packets. The possible field values are 1-4094. VLAN 1 is used as the default VLAN. The default VLAN is only used as a port default VLAN ID  (PVID). VLAN 1 cannot be deleted from the system. VLAN 4095 is defined as the discard VLAN, thus the packets classified to this VLAN are dropped. All ports must have a PVID defined; if no other PVID value is configured, the default VLAN’s VID will be used.

Frame Type — Packet type accepted by the LAG. The possible values are:

Admit Tag Only — Only tagged packets are accepted by the interface.

Admit All — Tagged and untagged packets are accepted by the interface.

Ingress Filtering — Enables or disables incoming filtering by the interface. Ingress filtering discards packets which do not include an ingress port.

Instead of doing 802.1Q GVRP on the Cisco I'm guessing I could leave it as is untagged/untrunked and on the Dell 2716's simply set port 16's PVID to 139?

Do I have to set all the other ports (10-15) with that desired VLAN using PVID 139? Does that create any problem for LAG 3 which will also be used for VLAN 10?

Inbound untagged traffic is going to the PVID VLAN. So the communication should be occurring on the PVID VLAN and not VLAN 1.

PVID 1 is different from VLAN 1? I thought Dell 2716's are default to PVID 1 for all ports (since you can't change the VLAN 1 U/T on the VLAN Membership screen). I was assuming that meant all untagged traffic was then put in VLAN 1. This is why I am so worried about making a trunk between switches.

I'm sorry if I'm making it more confusing :(

I need to make sure I understand this before I get my network admin involved to make any changes to the Cisco because they don't want us using these Dell switches to begin with, and the office can't afford to put in two cisco gigabit switches (or Alcatel which we're replacing the cisco with in "SOME future fiscal year" LOL)

Here is my biggest concern: I want VLAN 10 and 139 on the same vSwitch on my ESXi hosts, so for those I'd like to do a LAG and tag (LAG3), and I want VLAN 10 (vMotion) to pass between the two Dell Switches. VLAN 139 should not pass between the two Dell Switches. I just want to make sure ports in VLAN 139 including LAG3 will also receive inbound untagged traffic from the Cisco switch so I was assuming in my reply above that PVID 139 would take the untagged inbound traffic from the Cisco via port 16 and put it into VLAN 139.

I really only want PVID 1 on port 1 which I leave open to plug a laptop into for emergency switch management, but I wasn't sure how changing PVID's would affect the VLANs and Trunks between the Dell 2716's

So I'm guessing my ports should be something like this:

Management Interface:

1: PVID 1, Ingress Admit All, Frame Type: Admit All, Tagged VLAN 1

Trunk between 2716's (ports 2,3,4):

2: PVID 1, LAG1, Ingress filter: enable, Frame Type: Admit Tag Only, Tagged VLANs 1, 10, 130

3: PVID 1, LAG1, Ingress filter: enable, Frame Type: Admit Tag Only, Tagged VLANs 1, 10, 130

4: PVID 1, LAG1, Ingress filter: enable, Frame Type: Admit Tag Only, Tagged VLANs 1, 10, 130

iSCSI traffic:

5: PVID 130, Ingress filter: enable, Frame Type: Admit All, Tagged VLAN 130

6: PVID 130, Ingress filter: enable, Frame Type: Admit All, Tagged VLAN 130

7: PVID 130, Ingress filter: enable, LAG2, Frame Type: Admit All, Tagged (VLAN 130)

8: PVID 130, Ingress filter: enable, LAG2, Frame Type: Admit All, Tagged (VLAN 130)

9: PVID 130, Ingress filter: enable, Frame Type: Admit All, Tagged VLAN 130

vmKernel (vlan139), vMotion (vlan10), Machine Network (vlan139):

10: PVID 139, Ingress filter: enable, Frame Type: Admit All, Tagged VLAN 139

11: PVID 139, Ingress filter: enable, Frame Type: Admit All, Tagged VLAN 139

12: PVID 139, Ingress filter: enable, Frame Type: Admit All, Tagged VLAN 139

13: PVID 139, Ingress filter: enable, LAG3, Frame Type: Admit All, Tagged (VLANs 10, 139)

14: PVID 139, Ingress filter: enable, LAG3, Frame Type: Admit All, Tagged (VLANs 10, 139)

15: PVID 139, Ingress filter: enable, Frame Type: Admit All, Tagged VLAN 139

16: PVID 139, Ingress filter: disable, Frame Type: Admit All, Untagged VLAN 139

I'm hoping I have that right above, what I want is traffic to come in on port 16, ingress is not enabled so the incoming traffic is accepted, it's then determined as untagged and put into VLAN 139 (PVID 139 should do this right?), and because all the other ports in VLAN 139 are set to Frame Type: Admit All they will accept that it's in the proper vlan.

Then on outgoing traffic since it's untagged on port 16 I shouldn't need 802.1Q on the Cisco.

PVID 1 is the default, but if you change that on an interface, page 52 ftp://ftp.dell.com/Manuals/all-products/esuprt_ser_stor_net/esuprt_powerconnect/powerconnect-2708_User%27s%20Guide_en-us.pdf then it will use the PVID you set for untagged traffic. So if you put LAG3 in PVID 139, untagged traffic will go to 139 and tagged will go to VLAN 10. If the Cisco is dropping untagged into 139 with a PVID of 139 then everything should work fine with your configuration and do what you want it to do.

Awesome, thanks Josh! :)

Sorry to bring this back up, but after looking at the manual again and our other discussion on the 2808 thread I started, I have to ask...

What if any would be the point of creating a LAG on the 27xx/28xx series if they are L2 only? Some form of Redundancy?

If I create a LAG (I described it above as LAG3) for my virtual machine traffic I'm still going to have to leave the host set to 'Route based on the originating virtual ID' in which case VMware is going to handle the links and their redundancy internally I'm not going to get a performance boost from the LAG why would I even want a LAG from the switches perspective?

Thanks again for your help and patience with me :)

The MAC based LAG provides some benefit, but it is mostly for redundancy. The switches are designed to be remote office solutions, so there might be a LAG to the WAN and the other ports just connect to client PCs.