QSW-L3208-2C6T layer 3 switch. I need a cross-VLANs communication. Let’s say I have VLAN 2 and VLAN 3 and I want packages coming from VLAN 2 towards to VLAN 3 has been routed. I have assigned VLAN 2 and VLAN 3 to all ports. I can ping switch IP (VLAN 2) from VLAN 1 computer. Once I login into the UI of switch I can ping destination VLAN 2 computer and ping back to source VLAN 1 computer. However I can reach VLAN 2 computer from VLAN 1 computer. What settings should be set to allow the routing between VLAN 1 and VLAN 2?
First off, I know nothing about QNAP switches. Get that out there up front. I do know a bit about VLANs and routing between them. So let’s start there and look at your architecture.
1.) You say you have VLAN 2 and VLAN 3 assigned to all ports. Why? There’s no need for VLANs if you put multiple VLANs on the same port. There are generally only unique circumstances for why you want multiple VLANs on a port. And how do you have these assigned? What are you using for the PVID on these ports?
2.) You start out talking about VLAN 2 and VLAN 3, but then you switch to VLAN 1 and VLAN 2. Which is it that you want to do.
Please provide more information about your architecture and what you are trying to do.
I have two VLANS (32 and 60 - both belongs to “Internal” group (EFG terminology) and it means EFG smoothly routes packages between those VLANs, because EFG knows that 32 & 60 VLANS marked as “internal”. However QNAP switch doesn’t have such information and I need somehow to notify switch that 32 & 60 VLANs are not isolated (by default) but need to be routed. I can mark two ports on the switch belonging to both VLANs but it doesn’t make any difference, because switch treats 32 & 60 VLANs as isolated. My question was how can I setup QNAP switch and specify that 32 & 60 VLANs must have packages routed between them?
Hi @putivsky
Thank you for the clarification regarding your VLAN 32 and VLAN 60 setup. Regarding your request to route traffic between these segments, please see the following technical explanation:
The switch you are currently using is a Lite Managed model, which is designed as a Layer 2 (L2) device.
-
L2 Forwarding Only: This model supports L2 forwarding but does not support Layer 3 (L3) routing functions. By networking standards, a Layer 2 switch treats different VLANs as isolated broadcast domains. It lacks the internal routing engine required to move packets between VLAN 32 and VLAN 60.
-
VLAN Isolation: Assigning a port to multiple VLANs only allows the port to pass tagged traffic for those VLANs; it does not enable the switch to route between them.
Recommendations:
-
Existing Setup: You will need to rely on an external L3 device (such as your EFG gateway) to perform the routing between these VLANs.
-
Product Upgrade: If your application requires high-performance wire-speed routing at the switch level, we recommend upgrading to our QSW-M3224-24T. This is a full 10GbE L3 switch that supports static routing, specifically designed to handle the Inter-VLAN routing you described.
I hope this information is helpful to you.
As @RonaldHsu stated that you will need to use an external router to route between the two VLANs, you will need to basically do these steps:
1.) Ensure that each port on the switch is assigned to only one vlan
2.) Provide each VLAN with its own unique IP subnet.
3.) Set up a “trunked” port that will encapsulate all VLANs into a tagged trunk and run that trunk to your router
4.) Add the same VLANs to your router, add IP addresses to those VLANs in the same range as on the switch and split out the trunk.
5.) Create routing rules to route traffic between the VLANs
It’s a bit of work and takes knowledge of VLANs, routing and the capabilities of your router but this works. I have something like 15 VLANs on my local network and can easily route between any of them..
1 Like