The Views Expressed Below Do not in any way reflect Internal Doctorine or Official Statements of Netgear Inc. These are just my notes - Use at your own Risk.
The following are just conclusions of some tests that I have done.
ProSafe / Prosecure Firewall VLANS
It’s a layer 3 device
It’s safe to assume the following:
Any intervlan routing happens at the CPU
Layer 2 activities happen at the ASIC (does not hit the CPU)
The best way to describe the actions of the terms is with an analogy to something familiar (the Layer 2 and Layer 3 switch). So pretend the Router to be a Layer 3 Switch when trying to think of how the vlans work.
On a port you can set exactly 1 Default VLAN
Default VLAN: Its the equivalent of setting UNTAG and PVID setting on a Layer 2 Switch for that vlan
For each vlan you can set on what LAN ports it participates which is called Membership
Membership: Its the equivalent of setting a TAG for that vlan on a Layer 2 Switch for that vlan
Remember UNTAGS override TAGS:
If there results a port which has UNTAG set to vlan X and membership also set to vlan X, which would seemingly result in PVID X and TAG X and UNTAG X, the actual result is PVID X and UNTAG X
Example: Port 2 Default vlan is 10, Vlan 10 also is a member of port 1 and 2 and 3 and 4. The fact that its also member of port 1,3, and 4 is unrelated to this topic. Then end result for port 2 seems like it would be: UNTAG2, TAG2, PVID2 – However as we just read the Override comes about and thus its UNTAG2, PVID2
InterVLAN Routing: Its the equivalent of making vlan interfaces with routing enabled on them, on a Layer 3 Switch
Default VLAN: UNTAG and PVID (Note UNTAGS override TAGS) - Layer 2
Membership: TAG - Layer 2
Intervlan Routing: Interface VLAN - Layer 3