Stripping specific VLAN tag at core switch

We have numerous Allied Telesis 8000GS/24's at the edge and an x908 core switch.

I haven't looked into it before outside of standard tagged/untagged VLANs but what we want to do is tunnel traffic from certain edge ports to the core switch without wasting ports linking back into the general LAN.

For example from a Wireless Bridge to a remote building we want the traffic to go back to the core switch without being passed around other switches (such as if there is large amounts of broadcast traffic being transmitted.

i.e.
Wireless Bridge to an untagged port on the switch,
Switch to the core (VLAN Trunked)
Core strips the VLAN and allows traffic to be redistributed as required.

95% of the traffic will be transmitted to the core switch from the far wireless bridge end.

The madness behind this is that later there will be extended routing and security layers built for certain connections/VLANs but we want to start getting the base for this underway with the configurations on the edge switches so we can later concentrate on the core and router.

Clear as mud?
LVL 6
kiwistagAsked:
Who is Participating?
 
asavenerConnect With a Mentor Commented:
If the wireless bridge is connected to an access-layer (untagged) port, then broadcast traffic will go out all of the other ports that are part of that VLAN.

The easiest solution to limit the number of ports that receive the broadcast traffic is to create a VLAN that only has a single access-layer port assigned, and then attach the wireless bridge to that port.

You will have to add the new VLAN to the list of allowed VLANs on the trunk, and the router will no doubt need a new subinterface to handle the tagged VLAN traffic coming over the trunk.
0
 
ArneLoviusCommented:
yes, clear as mud:-(

a diagram might be useful
0
 
kiwistagAuthor Commented:
Hi ArneLovius. Damn - I was sure I attached a diagram....
Will try to do it again & attach.
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
ArneLoviusCommented:
:-)
0
 
kiwistagAuthor Commented:
This time.
Switch Diagram
0
 
kiwistagAuthor Commented:
I'll escalate this question to Allied Telesis and close it.
Thanks for trying :)
0
 
kiwistagAuthor Commented:
I've requested that this question be deleted for the following reason:

No viable solutions yet.
0
 
asavenerCommented:
I believe I described how to eliminate broadcast traffic from the wireless devices.

The exact desired functionality as described by the original poster is not technically feasible, so I provided a method to limit the broadcast traffic, which is the end result he desired.
0
 
kiwistagAuthor Commented:
The Wireless link passes all traffic and at each end (port interface on the switch) they are set to VLAN Trunk so all except the default VLAN traffic is tagged.
Thinking from another perspective about the issue, you are correct that it is not technically feasible as even if the core switch was set up to strip VLAN tags on ingress, it would not know what to do in egress.
Due to your input however asavener I will assign points as you were correct about the problem but indeed there is no direct solution.
0
 
kiwistagAuthor Commented:
There will be a way to do this in the future using OpenFlow. Although Allied Telesis don't yet support OpenFlow on their AW+ Router OS, it may be the case in the near future that they will.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.