User Manual
99
UniFi Controller User Guide
Ubiquiti Networks, Inc.
Chapter 11: UniFi Switch Details
• Tagged Networks The VLANs chosen here will be
permitted as tagged on switch ports configured with
this grouping. This permits ingress and egress traffic
with the applicable VLAN tag. Any VLAN tags other than
those chosen here will be dropped.
As an example, the following illustrates how an access
point’s switch port functions with one native network
and two tagged VLANs used for additional wireless
SSIDs. The AP’s switch port uses a VLAN grouping with
LAN (VLAN 1) as the native network, and has VLANs 20
and 30 defined as tagged networks.
• VLAN 20: corporate
• VLAN 30: guest
This table lists how the packets are handled:
Packet
Type
Ingress Action Egress
Untagged Accepted Assigned to VLAN 1 VLAN header
removed and sent
out as untagged
Tagged as
VLAN 20
Accepted Remains tagged Sent out tagged as
VLAN 20
Tagged as
VLAN 30
Accepted Remains tagged Sent out tagged as
VLAN 30
The proper use of VLANs isolates the traffic of each
VLAN. The guest traffic on VLAN 30 will be kept separate
from the traffic on the corporate network.
Select the appropriate tagged network. (Use “Settings >
Controller” on page 41 to create more networks.)
• Apply Click Apply to save changes.
• Cancel Click Cancel to discard changes.
Services
Management VLAN The Management VLAN specifies the
VLAN ID that will be used for the management IP address
of the switch. The IP configuration configured under the
switch’s Network panel will be applied to this VLAN ID.
Enable Jumbo Frame Disabled by default. The Maximum
Transmission Unit (MTU) is the maximum packet size (in
bytes) that a network interface can transmit or receive.
The standard Ethernet MTU is 1500 bytes. Enable jumbo
frames to allow usage of MTUs up to 9216 bytes on all
ports of this switch.
Enable Flow Control Disabled by default. Enabling
this option will enable 802.3x Ethernet Flow Control
on all ports of this switch. This should remain disabled,
unless you have a specific requirement for 802.3x and
understand its implications.
Spanning Tree Ethernet networks cannot have multiple
active paths between switches (absent aggregation such
as LAG), as this causes a switching loop, where broadcast
and multicast traffic are amplified and repeated in a never-
ending loop, melting down the entire network. Spanning
Tree prevents switching loops, and allows for redundant
interconnections between switches. Interfaces with
redundant paths are put into STP blocking mode, leaving
the port down unless the current best active path fails.
Select the appropriate option: RSTP (Rapid Spanning Tree
Protocol), STP (Spanning Tree Protocol), or Disabled.
RSTP is the default and is recommended because
topology changes apply much more quickly (usually
within 6 seconds, rather than the 30-50 seconds of STP).
STP will enable the older 802.1D STP on this switch instead
of RSTP. Disabled will disable all versions of spanning
tree; however, this is not recommended, as it can leave
the network susceptible to being taken down by an
inadvertently created switching loop.
Priority STP uses the priority value as part of the
calculation in electing a root bridge of the spanning tree.
It is best to configure a lower priority number (higher
preference in root bridge elections) on one or two of
the switches you consider the “core” of your network.
For instance, if you have two 10Gb switches, and several
gigabit switches, configure a lower priority on the two
10Gb switches to ensure that they are preferred as the
STP root bridge. The default is 32768.
Enable 802.1x control Select this option to use a RADIUS
server for user authentication on the switch’s ports. The
following options appear.