Canadian TV, Computing and Home Theatre Forums banner

161 - 180 of 299 Posts

·
Registered
Joined
·
262 Posts
I also note that I dont have my normal LAN on a VLAN (like you do vlan 5). Do you recommend I simply put my home network on a VLAN to make this easier down the line.
Actually you DO have it on a vlan. It's just vlan 1 if you haven't changed it. This is the default vlan for traffic on a vlan-aware device that hasn't been configured to do otherwise. Do what you like..just remember the rules of tagging/untagging/pvid below. You can keep it on vlan 1, just handle it on the other vlan-aware switches accordingly. (Where I used 5, you can use 1).


PVID:
If a packet arrives at a port UNtagged, the packet will get tagged with the PVID vlan before moving along. Think of it as a default vlan for unlabeled (untagged) packets.
PVID is necessary because not all devices 'speak vlan' (tags). A vlan-aware switch needs to know what to do with a packet that isn't tagged. Computers and other end-user devices typically don't handle tagged packets. It is best to only expose these devices to UNtagged packets.

Tagged/Untagged:
You really only have two choices... untagged (U) or tagged (T). Selecting "nothing" probably just means that that port won't be a member of that particular vlan. At least that's how it is on mine (Netgear).

Tagged:
When a port is tagged, packets sent out are tagged with the 802.1q vlan info added to the header. The receiving equipment of that packet is expected to know how to handle this. Vlan aware devices such as smart/managed switches, our STBs, and the ActionTec do. Computers, blu-ray players, etc usually don't, and will either ignore the tag, or drop the packet all together, or behave unpredictably. Hence why I said don't tag traffic to end-user devices like those.

Untagged:
When a port is untagged, packets sent out are not tagged with the 802.1q vlan info. The receiving equipment therefore has no idea what vlan, if any, it is supposed to be associated with. If that equipment is a vlan-aware switch, that packet will inherit that receiving port's PVID vlan ID before moving along. If the receiving equipment is not vlan-aware, then it accepts the packet as is. (this is what you want for computers, end-user typical devices).

Ports can of course be associated with multiple vlans, and those vlans can individually be either untagged or tagged on that port.

Got a headache yet? :D
 

·
Registered
Joined
·
101 Posts
Great explanation thanks!!
One question though......

What if a frame arrives at a PVID port with no VLAN header. I am assuming that it will get accepted and by default assigned the VLANID of the port as you described

Similarly if the VLANID is that of the port it gets accepted.

In both cases the info will be available at other ports on the switch with the same VLANID association (interswitch). This will go to other ports with the same VLANID that have an associated mac address (header matches port table) or to all Same VLAN switch ports if not specific.

If the VLAN header is different on an incoming frame it gets dropped.


What I am having trouble with is our case works.
I have VLAN PVID 35 on port one. I also have associated VLAN 33 and 34 with port 1. Port 3 also has VLAN 33 associated with port 3 and port 3 VLAN PVID set to 34.


How come the switch will accept VLAN34 frames at port 1???? (ingress), shouldnt it drop them??
 

·
Registered
Joined
·
1,160 Posts
Seeing some strange Actiontec behaviour. I disable wireless and change WAN to PPOE. Save settings. But if I reboot or power cycle the Actiontec, it resets back to wireless enabled and WAN set to RFC 1483 via DHCP.

Anyone else seeing this behaviour?
 

·
Registered
Joined
·
262 Posts
What if a frame arrives at a PVID port with no VLAN header. I am assuming that it will get accepted and by default assigned the VLANID of the port as you described.

Similarly if the VLANID is that of the port it gets accepted.
Yes, provided it isn't blocked for another reason (ingress filtering of some sort).

In both cases the info will be available at other ports on the switch with the same VLANID association (interswitch). This will go to other ports with the same VLANID that have an associated mac address (header matches port table) or to all Same VLAN switch ports if not specific.

If the VLAN header is different on an incoming frame it gets dropped.
Yep.

What I am having trouble with is our case works.
I have VLAN PVID 35 on port one. I also have associated VLAN 33 and 34 with port 1. Port 3 also has VLAN 33 associated with port 3 and port 3 VLAN PVID set to 34.

How come the switch will accept VLAN34 frames at port 1???? (ingress), shouldnt it drop them??
No it shouldn't drop them... you just said you have port 1 associated with vlan 33,34,35 & PVID=35. (If I read you correctly). So, incoming tagged vlan 34 packets to port 1 are accepted.
I assume also you have port 3 on vlan 33,34 & PVID=34 from what you wrote.
 

·
Registered
Joined
·
262 Posts
Does anyone know for sure how the STB firmware updates are delivered? Is it through the iptv vlan 34, 33 or internet side (35).
I sincerely hope it's the iptv vlan, since my STBs don't have access to the internet vlan.
 

·
Registered
Joined
·
448 Posts
My apps do not work, as they need internet from VLAN 35, however, I do have a link back from my pfSense box to the Actiontech LAN side on 192.168.2.2, I just need to figure out how to add the correct routes to the static route table, not sure if it can be done easily.
 

·
Registered
Joined
·
101 Posts
Silent Viper turns the DHCP off on the actiontech and runs the DHCP from his router via the extra link (turns RIP2 on as well).
 

·
Registered
Joined
·
262 Posts
Congrats SilentViper

So now you are using the ActionTec again for TV, and your own router for internet. Your apps function works on the STBs? The post you linked specifies a simple switch. Are you using one, or a smart switch. If a smart switch, how did you set up the vlans so that the STBs get internet access?
 

·
Registered
Joined
·
101 Posts
What I would like to achieve with my own router is
a. replace the 10.x.x.x. information and routing the actiontech provides to the STBs
b. the dhcp 192.168.2.x service the actiontech provides.

In our setup the actiontech does not get a WANIP, the pppoe setting does that.

I do not see why (or don't see a showstopper), if we can successfully understand the packet captures from the smart switch to the actiontech that the above cannot be done by our own router. Does anybody know why it couldn't be done???

(I don't see any serial numbers noted (lots of mac addresses etc, but then Im not very proficient at reading wireshark files - edit. It took me a while to get some with vlan tags - (MacBook air with thunderbolt to ethernet adaptor). PCs tend to strip vlan tags even with vlan enabled in the nic settings.)
 

·
Registered
Joined
·
262 Posts
Yeah Windows loves to strip vlan tags regardless of what you might try with drivers/settings.
I use a linux laptop and switch port mirroring to get all the gory details with wireshark.

There is no reason you can't do it with your own router, as you say. As long as you set up the proper handshakes/routings/multicast stuff,etc properly. If I ever figure it out, I'll post it :D
 

·
Registered
Joined
·
10 Posts
What I would like to achieve with my own router is
a. replace the 10.x.x.x. information and routing the actiontech provides to the STBs
b. the dhcp 192.168.2.x service the actiontech provides.

In our setup the actiontech does not get a WANIP, the pppoe setting does that.

I do not see why (or don't see a showstopper), if we can successfully understand the packet captures from the smart switch to the actiontech that the above cannot be done by our own router. Does anybody know why it couldn't be done???

(I don't see any serial numbers noted (lots of mac addresses etc, but then Im not very proficient at reading wireshark files - edit. It took me a while to get some with vlan tags - (MacBook air with thunderbolt to ethernet adaptor). PCs tend to strip vlan tags even with vlan enabled in the nic settings.)
Here is the thing anav_ds,

The Actiontech is doing some rather advance routing and some fancy stuff with VLAN's.

Let's think about this for a second.

When you use the "authorized install" from Bell you have one CAT 6 cable from the ONT port 1 to your WAN port on your Actiontech, this brings VLAN's 33, 34, & 35 to your Actiontech. The Actiontech gets an IP address from VLAN 34 and VLAN 35 (this one you can see in the web admin page on the Actiontech).

When you turn on a STB you get an internal IP address from the Actiontech and the Actiontech is set as the default gateway. When you turn on the STB it request the UDP multicast stream from the default gateway. The Actiontech has routing info for the 10.x.x.x networks and some IGMP snooping going on and with some magic it all works. When you use the facebook app it's the same process but on the Actiontech you will see a routing statement that send 0.0.0.0 to your VLAN 35 IP gateway and this is how those apps get data via the internet.

This all sounds simple but in reality it's not. I have a few ideas I want to try when I have some time, some may work partially, some not at all, I hope I find away to get rid of that damn Actiontech.

Hope this helps a little bit.
 
161 - 180 of 299 Posts
Top