GGM GS200xx - Example of VLAN configuration
Trunk and Internet shared
A Virtual Network, known as VLAN (Virtual LAN), is an independent logical computer Network.
Managed switches allow you to configure several VLANs on the same switch in order to separate efficiently different departments on networks. VLANs also allow to group together even if the hosts are not directly connected to the same Network Switch.
For Example, a VLAN can be used to separate traffic within a business based on individual users or groups of users or their roles (e.g Marketing Department and Videosurveillance)
Example with 2 switches :
- PC of the Marketing department can access to the Marketing server.
- Marketing Department is isolated and can not access to the Videosurveillance Department.
- Video Recorder (NVR) can access IP Cameras only.
- ALL the PCs and Marketing server and NVR can access to the Internet.
- IP Cameras can not access to the Internet.
We are going to create 3 VLANs :
- VLAN 10 for Marketing VLAN.
- VLAN 20 for Videosurveillance VLAN
- VLAN 50 for Internet VLAN
And by default, VLAN1 is for administration
Switch | VLAN ID | Port |
Switch A | 10 | 1-5(Marketing), 7(Uplink), 8(Internet) |
20 | 6(NVR), 7(Uplink), 8(Internet) | |
50 | 1-5(Marketing), 6(NVR), 7(Uplink), 8(Internet) | |
Switch B | 10 | 1-2(Marketing), 7(Uplink) |
20 | 3-6(Cameras), 7(Uplink) | |
50 | 1-2(Marketing), 7(Uplink) |
Switch | Switch A | Switch B | ||||||
Port | 1-5 | 6 | 7 | 8 | 1-2 | 3~6 | 7 | |
Device | Marketing | NVR | Uplink | Internet | Marketing server | Cameras | Uplink | |
Link Type | Hybrid | Hybrid | Trunk | Hybrid | Hybrid | Access | Trunk | |
Egress Rule | Untag | Untag | Tag | Untag | Untag | Untag | Tag | |
PVID | 10 | 20 | 1 | 50 | 10 | 20 | 1 | |
Belong VLAN | 10,50 | 20,50 | 10,20,50 | 10,20,50 | 10,50 | 20 | 10,20,50 | |
- Access: The port can only be partitioned into one VLAN, and the port exit rule is mandatory without tags.
- Trunk: This port can be divided into multiple VLANs and can receive and send messages from multiple VLANs. The port's exit rule is mandatory to Tag.
- Hybrid: This port can be partitioned into multiple VLANs and can receive and send messages of multiple VLANs. The exit rules of the port can be flexibly configured as Tagged or Untagged according to the actual situation of the port connecting devices.
- PVID(Port VLAN ID) is the default VID of the port. When the switch receives an un-VLAN-tagged frames, it will add a VLAN tag to the frame according to the PVID if its received port and forwarding the frames.
Link Type | When Port Receiving Frame | When Port Sending Frame | ||
Untagged Frame | Tagged Frame | |||
Access | Usually use to connect to terminal devices | When a frame is received, it tag the frame with its own PVID if the frame is not tagged | If VID= PVID , pass through; If VID≠PVID, discard. | Remove the Tag, sending frame |
Hybrid | This is a mixed mode of Access and Trunk | The frame is received when the VID belongs to the VLAN ID that the port is allowed to pass through. When the VID does not belong to the VLAN ID that the port allows through, the frame is discarded | When the port is configured as tag, keep the original TAG sending frame. When the port is configured as UNTAG, remove the Tag and send the frame | |
Trunk | It is a relay link that allows various VLAN to pass through, use to connect 2 switchs | Keep the original TAG , sending frame | ||
Configuration :
Before starting, please consult these articles if necessary :
- GGM GS2008P2S - How to display the web interface ?
- GGM GS20048P4S - How to change GS200 IP address ?
- What is the default password for GGM GS200 Switches ?
- How to restore default system Settings of my GGM GS200 Switch ?
Step 1 : Modify IP address of each switches.
Please connect RJ45 Port of PC to the 8-Port of Switches.
Launch a browser, such as Google Chrome of Firefox, to manage Switches
Switch A IP: 192.168.2.2
Switch B IP: 192.168.2.1
The default username/password is admin/system
Then, on the left column of the management page, please go to [Advanced Configure]-[VLANs] to create VLAN
(VLAN ID1 is default VLAN)
Step 2 : VLAN Creation for Switch A
Add ID of each VLAN you want to create : 1 (by default), 10 for VLAN Marketing, 20 for VLAN Videosurveillance, 50 for VLAN INTERNET
Configure VLAN 10 for Marketing as below :
Configure VLAN 20 for Videosurveillance as below :
Configure Port 7 for Uplink Port and VLAN 50 for Internet as below :
SAVE
Step 3 : VLAN Creation for Switch B
Add ID of each VLAN you want to create : 1 (by default), 10 for VLAN Marketing, 20 for VLAN Videosurveillance, 50 for VLAN INTERNET
Configure VLAN 10 for Marketing as below :
Configure VLAN 20 for Videosurveillance as below :
Configure Port 7 for Uplink Port as below :
There is no VLAN configuration on 8-port, so 8-port can be for administration.
SAVE
After finish the configuration, please save current configuration file.
Go to Maintenance / Configuration / Download
Then Select Running-config and click on Download Button
Example of running-config :
http://support.gigamedia.net V1 - November 2020
