Setting up VLANS on Dell 2724 Managed switch
Morning folks - I want to set up a Dell 2724 Managed switch for my home / home lab to differentiate some of the traffic.
So, a quick hardware breakdown
Dell 2724 Switch
Internet Router (DNS done through this for home etc)
Home network on 192.168.0.x private network
I have introduced 3 VMWare Esx boxes with 4x NICs each, together with 2x NAS boxes (again 4x NICs).
The home network will just go out from the switch to a central DHCP server and should be on VLAN "Home" (Cables 1 - 10) (192.168.0.x) - the first NICs of the ESX hosts and NAS boxes would also go on this subnet.
I want to set up a second VLAN for the vMotion and data migration for the ESX boxes (Cables 11 - 15 for example (3x ESX, 2x NAS) (10.10.10.x ip range), using the 2nd (and possibly third) NICS of the boxes.
The VLANs would need to be separate, so no cross traffic between the two for data, basically I want to flood the ESX network without slowing down the home network.
I've had a look at the setup of the 2724, but am getting a bit confused about the T and U bindings of the VLAN setup.
Any help would be really appreciated.
Many thanks in advance.
So, a quick hardware breakdown
Dell 2724 Switch
Internet Router (DNS done through this for home etc)
Home network on 192.168.0.x private network
I have introduced 3 VMWare Esx boxes with 4x NICs each, together with 2x NAS boxes (again 4x NICs).
The home network will just go out from the switch to a central DHCP server and should be on VLAN "Home" (Cables 1 - 10) (192.168.0.x) - the first NICs of the ESX hosts and NAS boxes would also go on this subnet.
I want to set up a second VLAN for the vMotion and data migration for the ESX boxes (Cables 11 - 15 for example (3x ESX, 2x NAS) (10.10.10.x ip range), using the 2nd (and possibly third) NICS of the boxes.
The VLANs would need to be separate, so no cross traffic between the two for data, basically I want to flood the ESX network without slowing down the home network.
I've had a look at the setup of the 2724, but am getting a bit confused about the T and U bindings of the VLAN setup.
Any help would be really appreciated.
Many thanks in advance.
ASKER
Thanks, okay so the only thing I am thinking is there a default VLAN1 on the switch, which you cannot change. This has ALL ports set to U.
VLAN 11 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
U U U U U U U U U U U U U U U U U U U U U U U UVLAN 21 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
U U U U U U U U U U VLAN 31 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
U U U U UDoes this mean that ALL ports are visible no matter what I do, or do the second/third VLANs "overwrite" the VLAN1 defaults?
The vlan 2/3 untagged config should overwrite the vlan 1 config in this case.
I'd chalk it up as a UI bug, but might as well test it.
Set it up, connect 2 PCs configured for the same subnet to a vlan2 port and a vlan3 port and see if they can ping each other. They shouldn't be able to.
Switch is on latest-greatest firmware I guess?
I'd chalk it up as a UI bug, but might as well test it.
Set it up, connect 2 PCs configured for the same subnet to a vlan2 port and a vlan3 port and see if they can ping each other. They shouldn't be able to.
Switch is on latest-greatest firmware I guess?
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
U refers to Untagged, T is Tagged in the VLAN setup.
Every ethernet port can carry one vlan without a tag (untagged) plus any number with a tag. This helps it to identify which frame belong to which vlan: if received with a vlan tag, it belongs to the vlan identified by the tag, if received without a tag, it belongs to the untagged vlan on that port. The untagged vlan on a port is called a 'native vlan' in cisco docs.
Client network devices (PCs, printers, etc) almost always send untagged frames; switches/routers and sometimes servers (especially hypervisors) can send tagged frames.
If you want full isolation, you'll want VLAN 1 as U on ports 1-10, blank on all others.
Let's say you create VLAN 10 for vmware, so you'll want that as U on 11-15, blank on all others.
This practically segments your switch in two parts, with no connection to each other.
The switch management interface can be reached from VLAN 1 by default.