Router Charts

Router Charts

Router Ranker

Router Ranker

Router Chooser

Router Chooser

NAS Charts

NAS Charts

NAS Ranker

NAS Ranker

More Tools

More Tools

LAN & WAN How To

Set PVID

The next step is to change the PVID (Port Default VLAN ID) setting on each port. The PVID is the VLAN ID the switch will assign to all UnTagged frames received on each port. As mentioned, I'm not using VLAN-aware devices, so all frames will arrive at the switch UnTagged. The frames will then receive the PVID associated with their port.

PVIDs are the key to breaking up a broadcast domain in this example! The simple rule to remember is that you set each port's PVID equal to the number of the VLAN that you want it to logically belong to. This is where naming the VLANs is important.

So, my VoIP server and ATA are connected to switch ports 6 and 7, so I set both their PVIDs to 4, which I named the VoIP VLAN. Similarly, my data devices are plugged into switch ports 2 through 5, so they get a PVID of 3, which is the Data VLAN. Ports 1 and 8 are left over and get a PVID of 2, which is the Network VLAN.

Changing PVIDs on the SRW is accomplished via the Port Setting menu, and you simply put in the number of the VLAN that applies to all UnTagged frames arriving on that port, as in Figure 12.

PVID port mapping
Click to enlarge image

Figure 12: Mapping PVIDs to ports

Click Save, and you've completed the configurations. I did this on a live network; you would be wise to do this during little or no activity on a production network. If you have a defined maintenance window, this type of work definitely belongs in that time frame.

One issue I ran into while configuring VLANs on this managed switch was locking myself out of the switch's management interface, which by default is on VLAN1. The end result I'm going for will leave nothing on VLAN1, so I'm going to have to change the switch's default setting from VLAN1 while in VLAN1, and then go to a port in VLAN2 to complete the configurations.

The easiest way I found to do this is to change the PVID on port 1, which is connected to the RV042, to a PVID of 2, and then change the network setting of the SRW to VLAN2, as in Figure 13. I then moved the Ethernet cable connected to my Laptop from port 8 of the SRW to a port on the RV042 to finish the configurations.

Tip TIP: Some inexpensive managed / "smart" switches don't have the ability to change the VLAN of the Management interface. In that case, you would use the default VLAN (usually either 0 or 1) as the "Network" VLAN in this example.

If you lock yourself out of the switch management interface, there is also a console connection option. On switches without console connections, you'd need to reset the switch to its default configuration and start over.

Management config

Figure 13: Putting the switch on a different VLAN

Testing

With the switch VLAN configurations complete, it is time to test. The goal of this exercise was to separate the Data components from the VoIP components, so pings from the Data to the VoIP VLAN and back are a good way to see if you've succeeded.

Indeed, pings from components in the Data VLAN did not reach components in the VoIP VLAN, and vice versa, which is what I want. However, all components need Internet access, so checking a browser on servers in both VLANs or pinging a reliable Internet host such as Google or Yahoo are good tests.

Since VoIP elements are part of this exercise, placing test calls is a good idea, both to and from stations, as well as to and from outside POTS numbers. Make sure to transmit and receive audio in both directions to ensure no one-way audio problems. One-way audio would indicate a routing or firewall problem blocking the voice path of the communication stream.

Another benefit of VLANs is that my network is now more secure than it was as a single LAN. Any device can flood the network with broadcast traffic, forming a denial of service attack against other devices on the same VLAN. However, since broadcasts can't cross VLANs, a device on my Data VLAN now can't flood my VoIP VLAN.

With these steps completed, my network is now divided into two separate VLANs and a third that overlaps the two. Figure 14 is a simple picture of my network with VLANs implemented. The four devices on the left have access to each other and the Internet. The two VoIP devices have access to each other and the Internet. Broadcasts in either VLAN will not affect the other.

After VLANs

Figure 14: The network divided into VLANs

More LAN & WAN

Top Performing Routers

AC3200
AC2350
AC1900
AC1750
AC1200

Top Performing NASes

1 drive
2 drives
4 drives
6 drives
8 drives

Over In The Forums

  • site with updated guide



    I used this two guides 1 & 2 (credits to ULI and...

    [TUTORIAL]pyLoad Download Manager through Optware" class="lightTip" target="_self" rel="nofollow">[TUTORIAL]pyLoad Download Manager through Optware
    New site with updated guide



    I used this two guides 1 & 2 (credits to ULI and...

    [TUTORIAL]pyLoad Download Manager through Optware
  • Fix for Erratic Windows 7 Ping" class="lightTip" target="_self" rel="nofollow">Fix for Erratic Windows 7 Ping
    I was setting up a new PC, and ran into problems with the wireless with very erratic ping times and slow transfer rates. After banging my head against the wall for a while, I realized I forgot to apply the change to force Windows to use a single system clock. Posted as a reminder...data and fix below.....

    Before Fix
    (C:\)
    ping -n 10 ACER-E3FC0000

    Pinging ACER-E3FC0000.lan [192.168.1.123] with 32 bytes of data:
    Reply from 192.168.1.123: bytes=32 time=383ms TTL=64
    Reply...

    Fix for Erratic Windows 7 Ping
  • www.vpn-wise.com and I really like the look of the website and found it interesting. It says it can unblock blocked websites especially streaming...

    VPN recommendations" class="lightTip" target="_self" rel="nofollow">VPN recommendations
    Hi guys,

    I am not sure if this is the right discussion to post and ask for a VPN recommendation so kindly direct me to the right link if I'm wrong. I've been using Cyberghost for months now and still can't decide to get the paid membership as I'm always looking for a good VPN provider. Recently, I've stumbled upon another VPN website VPNWise www.vpn-wise.com and I really like the look of the website and found it interesting. It says it can unblock blocked websites especially streaming...

    VPN recommendations
  • In need of stable..." class="lightTip" target="_self" rel="nofollow">In need of stable router
    I recently retired my old Cisco 891-w which had served me well for years. I now have a 300mb connection and the cisco did not have gigabit ethernet ports which was a problem. I know that the 891-w was an enterprise class router and I will likely not find anything like that stability in my price range of 100-200, but stability is my number one priority. Time Warner gave me an Arris Dg160a which has been nothing but trouble with constant dropped connections.

    My environment is all wired or...

    In need of stable...
  • OVERWHELMED AND NEED HELP" class="lightTip" target="_self" rel="nofollow">OVERWHELMED AND NEED HELP
    I am currently renting a modem/router from Comcast (arrisTG862) for $7/month. we get the 50mb service. We have a 2 story home with a basement and the router is on the main level. Our laptop is basically a fixture in our living room on the main floor. We have a smart tv on the main floor and I'll eventually finish a secondary living room/entertainment room downstairs. We don't do much technology wise. Just wifi right now....not even Netflix or a printer, but that could change in the...

    OVERWHELMED AND NEED HELP