Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Vlan tag on fibre Broadband

  • 19-11-2018 2:08pm
    #1
    Registered Users, Registered Users 2 Posts: 11,879 ✭✭✭✭


    hello just trying to get up to speed with this Vlan tag on FTTH (and VDSL or eir broadband apparently) - once its set (Vlan 10 isnt it?) on the Wireless router then that should be it shouldnt it? - it should all connect up fine shouldnt it? - Vlan tag will not have to be set up on subsequent devices such as on Laptops, PC's abd phones and set top boxes as well should it, they will just get internet fine?

    Thanks.


Comments

  • Registered Users, Registered Users 2 Posts: 6,826 ✭✭✭phill106


    hello just trying to get up to speed with this Vlan tag on FTTH (and VDSL or eir broadband apparently) - once its set (Vlan 10 isnt it?) on the Wireless router then that should be it shouldnt it? - it should all connect up fine shouldnt it? - Vlan tag will not have to be set up on subsequent devices such as on Laptops, PC's abd phones and set top boxes as well should it, they will just get internet fine?

    Thanks.

    vlan in this case would be just for your modems connection on their circuit, internally all the addressing of any network devices in your home, the ip would be assigned by the modem.


  • Registered Users, Registered Users 2 Posts: 14,555 ✭✭✭✭Marlow


    Setting the vlan tag on the router means, that your router takes packets that are not tagged and tags them with the vlan id .. (it adds 4 bytes to each packet).

    Anything on the Lan side of the router is as it always has been.

    /M


  • Closed Accounts Posts: 31,152 ✭✭✭✭KERSPLAT!


    Marlow wrote: »
    Setting the vlan tag on the router means, that your router takes packets that are not tagged and tags them with the vlan id .. (it adds 4 bytes to each packet).

    Anything on the Lan side of the router is as it always has been.

    /M

    Sorry, I'm not familiar with residential routers. So the ISP tags the traffic with vlan 10, you set vlan 10 on inbound traffic and this is stripped before hitting the LAN?


  • Registered Users, Registered Users 2 Posts: 14,555 ✭✭✭✭Marlow


    KERSPLAT! wrote: »
    Sorry, I'm not familiar with residential routers. So the ISP tags the traffic with vlan 10, you set vlan 10 on inbound traffic and this is stripped before hitting the LAN?

    A router is not a switch. So it's not quite that. But yes .. the router sets the vlan tag (ID: 10) on outbound traffic and strips the vlan tag (ID: 10) on inbound traffic. Then just distributes it as any other odd router.

    This applies to OpenEIR based VDSL, OpenEIR based FTTH and SIRO FTTH. It's also very much the way things are done (maybe other VLans) anywhere else in Europe, when it comes to VDSL and FTTH.

    /M


  • Registered Users, Registered Users 2 Posts: 443 ✭✭bricks


    I guess they must have other vlans in there for something else.
    Is it possible to bridge the router and take a look at all the raw traffic I wonder.
    See what's going on.


  • Advertisement
  • Closed Accounts Posts: 14,983 ✭✭✭✭tuxy


    Of course a big company has many different networks. Putting all NGB customers on the same vlan makes the network easier to maintain.
    Looking at the raw traffic will just give you info on what your network is sending and receiving on the wan. You won't be able to see any more than that as it would be a massive security flaw.


  • Closed Accounts Posts: 5,017 ✭✭✭tsue921i8wljb3


    bricks wrote: »
    I guess they must have other vlans in there for something else.
    Is it possible to bridge the router and take a look at all the raw traffic I wonder.
    See what's going on.

    It is easy enough to do with FTTH. Put a port mirroring switch between the ONT and router and use Wireshark to capture the packets. It seems to be all VLAN 10 though with the 802.1p bits used for QOS for VoIP and the like.


  • Registered Users, Registered Users 2 Posts: 14,555 ✭✭✭✭Marlow


    bricks wrote: »
    I guess they must have other vlans in there for something else.
    Is it possible to bridge the router and take a look at all the raw traffic I wonder.
    See what's going on.

    There are various reasons for doing it like that:

    - out of band VoIP has a seperate Vlan
    - out of band multicast TV has a seperate Vlan
    - business products on different profiles can have a different Vlan

    Just some examples. And it's the same on VDSL/FTTC.

    Also, the Vlan 10 gets mapped to whatever provider you are subscribing to in the exchange. Each provider has individual Vlans per exchange on the other end.

    In Germany they went with different Vlans for different providers (end-to-end). At least it's a standardised setup here.

    /M


  • Registered Users, Registered Users 2 Posts: 36,170 ✭✭✭✭ED E


    tuxy wrote: »
    Of course a big company has many different networks. Putting all NGB customers on the same vlan makes the network easier to maintain.
    Looking at the raw traffic will just give you info on what your network is sending and receiving on the wan. You won't be able to see any more than that as it would be a massive security flaw.

    Its not for this. The VLAN you see exists within a very confined space of the local NGA node, network wide MPLS divides operators and subdivides user classes.


    I suspect that OE are doing it this way to just conform to industry norms rather than any imminent need. If they wanted to QoS traffic with it they'd have put IPTV and SIP in their own client side VLANs.


  • Registered Users, Registered Users 2 Posts: 14,555 ✭✭✭✭Marlow


    Even if you were in control of both ends of said Vlan (either end of the MPLS), it would still not be transparent layer2. A lot of exchanges filter broadcast traffic etc.

    /M


  • Advertisement
  • Closed Accounts Posts: 5,017 ✭✭✭tsue921i8wljb3


    Marlow wrote: »
    There are various reasons for doing it like that:

    - out of band VoIP has a seperate Vlan
    - out of band multicast TV has a seperate Vlan
    - business products on different profiles can have a different Vlan

    Just some examples.

    Also, the Vlan 10 gets mapped to whatever provider you are subscribing to in the exchange. Each provider has individual Vlans per exchange on the other.

    /M

    That's not the case for FTTH on open eir (eir anyway). It's all VLAN 10. The 802.1p bits map the traffic into one of 3 GEM ports for COS.

    p bit 0 gets mapped into GEM port 1
    p bit 2 gets mapped into GEM port 2
    p bit 4 gets mapped into GEM port 3


    https://www.boards.ie/vbulletin/showthread.php?p=108548878


  • Registered Users, Registered Users 2 Posts: 14,555 ✭✭✭✭Marlow


    That's not the case for FTTH on open eir (eir anyway). It's all VLAN 10. The 802.1p bits map the traffic into one of 3 GEM ports for COS.

    p bit 0 gets mapped into GEM port 1
    p bit 2 gets mapped into GEM port 2
    p bit 4 gets mapped into GEM port 3


    https://www.boards.ie/vbulletin/showthread.php?p=108548878

    I had a quick look in the NGA Technical Handbook for OpenEIR and they indeed only seem to use Vlan 10 and then 802.1p bit mapping. SIRO offers the use of multiple Vlans.

    SIRO Business (symmetric) FTTH products are typically on Vlan 20.

    /M


  • Registered Users, Registered Users 2 Posts: 788 ✭✭✭babi-hrse


    Hey can the process get explained when changing from one provider to another the port used could be with one provider and the same port will be used with another provider.
    The port will be changed from one provider to another usually it'll lock on DSL synch but internet traffic will not be allowed on another providers modem. This can take 20 minutes to 24 hours to get port migrated. Understandably TV services over multicast (iPoe) cannot be enabled until this switchover. Is there any way for some kind of packet to be sent from the router requesting configuration details like a SNMP packet or something or is it just wait for someone on the other end to acknowledge the changeover?
    Typical scenario: customer has service with one provider. Wants to change to another. Same port is being used in the changeover it needs to be acknowledged that the customer is now using service on another provider and is effectively no longer using their previous provider. No ports have been changed.


  • Registered Users, Registered Users 2 Posts: 14,555 ✭✭✭✭Marlow


    OpenEIR updates their systems once per day. They map the port from one provider to another at exchange level. No phyiscal work needed .. just configuration ... There's also a grace period, where one provider can block to release the customer.

    So lots of things can happen there. But the actual map from one provider to another at exchange level is instant. What the indiviual providers gear does on the other end is a different story.

    /M


Advertisement