06-19-2017 11:56 AM
im trying to create a VLAN for my IOT devices.
when i select the ports i wish to use on the VLAN(access point ports)
so my devices can connect i have to select a NATIVE lan? why is that? and what is it?
is the reason for picking a native lan so that other stuff can connect to it on another ssid and then be on my "home network" and not the IOT network?
ive seem the ubiquiti documentation, but i still dont quite get it. my VLAN is working, but im not 110% sure that ive done it correctly
06-20-2017 08:21 AM
Let's see if I can try to explain it as clear as possible. (It is not easy, since there are som many names to the same thing in this world...
Unifi naming of "Native" is what other vendors call Untagged or PVID.
The "opposite" is Tagged and Unifi managed to name that the same as the other vendors. See these pictures:
As you can see whenever you create a VLAN-network a "Native" VLAN is created in the Switch Configuration-NETWORKS/VLANS list. When you connect it to a switch-port, the port is set with that VLAN as Untagged and the PVID is set to that VLAN-ID.
You can create your own combos of Untagged and Tagged VLANs (Customized) to set on your switch-port/ports. Only one (1) Untagged VLAN can be set on any given switch-port, but you can set one or several Tagged VLANs on any switch-port. If you want to you can set ONLY one or several Tagged VLANs on a Switch-port.
In the above example, the "Management"-VLAN (VLAN1000) is Untagged and the "JumboFrame", "NonJumboFrame", "Telia_IPTV" and "ZervosGuest" VLANs are tagged. This is a combo that I have created myself to be used in the Trunk-ports, since I cannot use the "ALL" VLAN-setting.
The "ALL" VLAN-setting sets default "LAN"-VLAN (VLAN1) as Untagged and all the other VLANs as Tagged. Much like the above example, but imagine that all boxes but the "LAN"-box were ticked as Tagged.
(The reason I cannot use the "ALL" setting is that my ISP (Telia) uses VLAN1 as their Internet-stream on the fiber. So I can't use VLAN1 in my internal network, as equipment may get external IP-addresses from Telia in that case.
See the following picture:
Switch port 1 is set with the VLAN-combo that I described above. VLAN1000 as Untagged and with PVID=1000 and the other VLANs as tagged. Switch port 1 in particular is a trunk to another switch.
Aggregated Switch-ports 2,3,4 and 5 are set with Untagged/Native VLAN JumboFrame (VLAN100), PVID=100 and no Tagged VLANs.
Switch-port 6 is also a trunk to another switch and switch-port 7 is a trunk to an Access Point.
Sorry... As I said, it's very difficult to explain in an easy way. I get lost myself many times...
Switches: 1x USW48-750W, 1x USW16-150W, 5x USW8
APs: 4x UAP-AC-PRO, 1x UAP-AC-M