Infinet Wireless: Technical Documentation
Page tree
Skip to end of metadata
Go to start of metadata

Successfully pass the free certification exam at IW Academy and become an Infinet Certified Engineer.

To the certification exam

The following configuration can be performed in order to customize the VLAN-based switching operation of the unit:

Switch default configuration works as transparent Layer 2 bridge. Therefore, by default any frames with any VLAN tags and untagged frames too will flow freely through wireless link.

VLAN Management

It is possible to add VLAN management configuration and to keep transparent Layer 2 bridging operational.

  • Go to the "Network Access" → "Network Settings", add IP address and associate it with VLAN 100 (example), click the "Apply" button.

Figure - Adding a management IP address and associate it with VLAN 100

NOTE

Now, our unit has two management interfaces:

  • 10.10.10.12 for untagged frame.
  • 192.168.103.38 for VLAN 100.

Security considerations imply to remove management interface for untagged frames, leaving only management VLAN access operational. Such configuration do not allow to restrict any other VLAN transport except management VLAN. In order to allow switching of selected VLANs only, please proceed to the next chapters.

VLAN Creation

"Default VLAN" with "Untagged" mode for all ports is configured by default.

Figure - Default switching configuration

NOTE

"Default VLAN" could not be deleted.

  1. In the section "Switch" → "VLAN-based Switching" enable VLAN-based Switching. Now only traffic based on connectivity matrix and VLAN is allowed.
  2. Click the “Add VLAN” button, "VLAN 2" is added by default. 
  3. Modify the value for the VLAN tag according to the actual requirements.
  4. Select VLAN mode.
  5. Set the priority for the selected VLAN.
  6. In the section "Radio" → "Radio Setting" enable "Traffic Prioritization".

NOTE

VLAN modes and mapping between 802.1p priorities and 4 queues can be found in the section "Switch".

Figure - Adding and configuring a new VLAN

NOTE

In order to allow both tagged and untagged traffic to pass the "Untagged" mode should be configured on selected VLAN. There can be maximum one VID for each port in "Untagged" mode.

NOTE

Choosing the "Access" mode for a specific port will automatically disable all VLANs on that port.

Examples

Both tagged and untagged traffic transmission

  • "ge0" allows to pass tagged traffic VLAN 100 and VLAN 200.
  • "ge1" allows to pass traffic from untagged VLAN 100 and tagged VLAN 200.

Figure - VLAN configuration example

VLAN for management and traffic forwarding

This document uses the following network setup:

  • VLAN 100 is a management VLAN.

  • VLAN 200 is a data VLAN.

Configuration steps:

Connectivity Matrix configuration

Figure - Connectivity matrix configuration

Set up management

  • Go to the "Network Access" → "Network Settings", add IP address and associate it with VLAN 100, click the "Apply" button.

Figure - Adding a management IP address and associate it with VLAN 100

NOTE

Configured IP address could not be used for management if you begin by enabling the VLAN-based switching and remove the "Untagged" mode. The access to the unit is allowed using initial IP address, in this case 10.10.10.12.

  • In the section "Switch" → "VLAN-based Switching" enable VLAN-based Switching.
  • Add VLAN 100 and allow it to pass through ports "ge0", "mgmt" and "radio".
  • Set "off" mode on all "Default VLAN" ports.

Figure - Set up management

Set up traffic forwarding

  • Add VLAN 200 and allow it to pass through ports "ge0" and "radio", click "Apply".

Figure - Set up traffic forwarding

At this point, the access to the unit is allowed using only VLAN 100 and the newly assigned IP address. Traffic tagged with VLAN 200 will be switched only between the "ge0" and the "radio" ports. Untagged traffic or tagged traffic with other VLANs besides 100 or 200 is not allowed.

Trunk and Trunk VLAN

Installation which requires VLAN tagged frames to flow in both directions through the unit wireless link, does not require any specific configuration. Just due to security reasons it is recommended to set up Management VLAN. All the rest configurartion is not needed in most cases, except the issue to deny certain VLANs. Please, use the configuration steps from chapter VLAN Management.

Access and Trunk VLAN

 One unit receives VLAN tagged frames from switch trunk port (port configured to carry frames with different VLAN tags), another unit connects with end-customer LAN with requirement to egress untagged frames from certain VLAN only. 

Figure – Trunk and Acess VLAN example



XG1 Configuration

  • Configure Connectivity Matrix
  • Go to the "Network Access" → "Network Settings", add IP address and associate it with VLAN 100, click the "Apply" button.

Figure - Adding a management IP address and associate it with VLAN 100
  • In the section "Switch" → "VLAN-based Switching" enable VLAN-based Switching.
  • Add VLAN 100 with "Tagged" mode on the ports "ge0", "mgmt" and "radio".
  • Add VLAN 200 with "Tagged" mode on the ports "ge0" and "radio".
  • Set "off" mode on all "Default VLAN" ports.

Figure - VLAN Configuration

XG2 Configuration

  • Configure Connectivity Matrix
  • Go to the "Network Access" → "Network Settings", add IP address and associate it with VLAN 100, click "Apply".

Figure - Adding a management IP address and associate it with VLAN 100
  • In the section "Switch" → "VLAN-based Switching" enable VLAN-based Switching.
  • Add VLAN 100 with "Tagged" mode on the ports "mgmt" and "radio".
  • Add VLAN 200 with "Access" mode on the port "ge0" and "Tagged" on "radio".
  • Set "off" mode on all "Default VLAN" ports.

Figure - VLAN Configuration

At this point, the access to the unit is allowed using only VLAN 100 and the newly assigned IP address. Traffic tagged with VLAN 200 will be received by "radio" port and switched untagged to customer’s LAN through "ge0" port.