?
Solved

802.1q concepts issue

Posted on 2011-03-10
4
Medium Priority
?
249 Views
Last Modified: 2012-05-11
Hi, I have read a lot of pieces on 802.1q however I am still perplexed as to the conditions when I should untag or tag a port!  Let me try and illustrate my confusion with an example, a switch and 4 VLANs (v1 to V4).

Port V1 V2 V3 V4
1    T  T  T  T       (HyperV server that uses all VLANs)
2    N  N  N  U       (A device that does not support VLANs)
3    T  T  T  T       (A router to manage security between VLANs)
T=Tagged U=Untagged N=No

My question is on port 2, I just have a device that I want to dedicate to V4 only however this should be accessible from ports 1 and 3.  What actually happens to traffic on port2 - will it append VLAN information Tag to it and will it be able to communicate with ports 1 and 3 if they are set to "Tagged" or should they be set to "Untagged" to match it?

What would happen if I have another device that did not support VLANs and this was on another port and VLAN for example,

Port V1 V2 V3 V4
1    T  T  T  T       (HyperV server that uses all VLANs)
2    N  N  N  U       (A device that does not support VLANs)
3    T  T  T  T       (A router to manage security between VLANs)
4    N  U  N  N       (Another device that does not support VLANs)    

Will this work?  Will ports 1 and 3 still be able to communicate with port 4 even though they are "tagged" and port 4 is "untagged" for the same VLAN?  Can I mix "untagged" ports between vlans or do I have to make sure all devices that do not support VLANs are on the same VLAN?!

Does the "tag" mean it is added as the ethernet frame leaves the port, or is it added when the frame is sent to the port?

I am very confused so any pointers would be great.
Thanks
0
Comment
Question by:nmxsupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 13

Accepted Solution

by:
kdearing earned 1000 total points
ID: 35100652
First of all, you need a Layer-3 device to route traffic between VLANs.
This can be a router or a Layer-3 switch.

An unmanaged switch cannot see tagged traffic, it is not VLAN-capable.

When you put 2 or more VLANs on a port, it becomes a trunk.
By default, every trunk has a native VLAN (usually VLAN1) and that traffic is not tagged
If you decide to change the native VLAN to VLAN2, then that traffic becomes untagged and the switch will see it (VLAN1 will become tagged).

This is why you need to have either:
1. a Layer-2 VLAN-capable switch (almost every managed and web-managed switch) + a router to route traffic between the VLANS
2. a Layer-3 switch; this will be VLAN-capable and will route traffic internally

Hope this explanation helps
0
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 1000 total points
ID: 35101381
>My question is on port 2, I just have a device that I want to dedicate to V4 only

First off, different vendors can use different terminology. For example, Cisco doesn't use the terms "tagged" and "untagged" when discussing 802.1q. They just "trunking" or "access (non-trunking)" .

In your case, it looks like port two is just a plain old port that sends and receives ethernet frames. These frames are in VLAN 4 and are only allowed to/from other ports that are in VLAN 4 or trunks that carry VLAN 4.

On port 1, that's a trunk. And in your example traffic from VLAN 1, 2, 3 and 4 will have a tag added to them which indicates what VLAN the frame is a member of.

One thing to keep in mind. As previously mentioned, 802.1q uses a "native VLAN". The traffic which goes out the trunk port that is a member of the native VLAN doesn't get tagged (all the other VLANs do). So normally I would expect to see an untagged VLAN on port 1. That would be the native VLAN.
 
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 35349233
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question