Can't quite grasp how VLAN tagging and trunking works

[P1X3]

I must have a mistake in configuration or I don't understand VLANs at all.

 

I setup a VLAN 110 on EdgeMax router default lan interface.

admin@ubnt# show interfaces ethernet eth0 address 10.0.0.1/24 description Office duplex auto speed auto vif 110 {     address 10.110.0.1/24     description Guests }

On the same interface I have default (or un-tagged I guess) network. Now this interface is connected to Cisco switch (SG220-50) on port 48.

I have created VLAN 110 on the switch, and want to assign ports 10-15 to VLAN 110. If I get things right, ports 10-15 should be VLAN110 untagged, and port 48 should be VLAN1 untagged, and VLAN110 tagged.

 

 

[Wombo]

You should only have 1 native untagged VLAN and for security reasons you should try and make this an unused VLAN.  I'm not sure if that screen cap is showing port status however the only links that should be trunks are the ones connecting your switches. Any ports that are not connecting switches and are not being used for inter-vlan routing should be access ports.

 

So I think you have the right idea overall here, just change your non-trunking ports (everything that isn't port 48) to access ports.

[P1X3]

You should only have 1 native untagged VLAN and for security reasons you should try and make this an unused VLAN.  I'm not sure if that screen cap is showing port status however the only links that should be trunks are the ones connecting your switches. Any ports that are not connecting switches and are not being used for inter-vlan routing should be access ports.

 

So I think you have the right idea overall here, just change your non-trunking ports (everything that isn't port 48) to access ports.

 

I am trying to migrate current network to multiple VLANs without disrupting connected devices. Are you suggesting creating another VLAN (with id 2 let's say) to be used as default native untagged VLAN? I have changed ports 1-48 as access ports with native untagged VLAN set to 1. Ports 49-50 are Trunk for VLAN1 untagged and VLAN110 tagged. I assume adding vlan110 tagged allows the packets with vlan110 to be transferred through this port? Next ports 10-15 (still access ports) to be only vlan110 tagged.

 

Now for the communication between some vlans, I setup a router to handle that (port 49 connected to edgemax). In this case is all routing between vlans handled through router, or is there some standard that shares such routing configuration with switch?

 

Edit:

 

Now that I also want a trunk port between cisco and netgear poe switch, I used port 50 with same configuration as port 49 (vlan1 untagged, vlanX tagged). On netgear ports 25-28 are same config, vlan1 untagged, vlanX tagged. All other ports 1-24 on netgear are vlan30 untagged. So in theory all devices connected should be assigned vlan30 when leaving on ports 25-28, routed through port 49 on cisco to edgemax. Right?

 

Edit2:

The configurations do appear to be correct. What was wrong is my vision. EdgeMax was connected to Cisco's port 25, not 48. *sigh*

[Broseephus]

The link between Edgemax - SG200 needs to be a trunk link. The native/untagged vlans need to match across devices otherwise you'll have a 'native vlan mismatch' error.

 

Every other port on the SG200 should be an access port and the PVID should be whatever vlan you want it to belong to.