Solved

how a router handles untagged traffic

Posted on 2014-07-27
5
744 Views
Last Modified: 2014-07-28
let's say I have a router on a stick topology with 2 sub-interfaces, representing 2 vlans.  let's say one of these is untagged.  When my router receives traffic from the untagged vlan it's going to be expecting a vlan tag per the command encapsulation dot1q.   I know i can use the command encapsulation dot1q vlan 10 native or whatever.  My question is that if i didn't tell my router to specifically accept un-tagged traffic would routing work between the 2 vlans?  If i just set up my sub interfaces to include the subnet of the un-tagged traffic?

One a similar note, at my current job i've been configuring all of our waps as flex-connect where I trunk the ports between the wap and the switch but tell the switch to untag the traffic on the wap subnet (native vlan 200).   On my router i have  a sub-interface that corrensponds to the subnet of my wap (with the command encapsulation dot1q 200).  Routing works fine.  i can ping the waps etc. . I guess my question is why.  The traffic coming from my wap isn't tagged with the vlan id 200 and my router is expecting that vlan tag.   I think i'm confusing myself here.  :)  a little enlightenment would be appreciated.
0
Comment
Question by:techlinden
  • 2
  • 2
5 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40223189
If the "encap dot1q vlan # native" is not used, then untagged frames are processed by the physical interface.  If no IP address is assigned to the physical interface, then the packet is dropped.
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 40223592
Let's say that you plug the AP straight into the router.  If you set the management VLAN to 200 on the AP you would have to set the encapsulation dot1q 200 native command on the router's subinterface.

Now, if you connect the AP to a switch, the switch tags the traffic coming from the AP into VLAN 200 even though you want it untagged.  The reason it tags the 'untagged' traffic is because the switch needs to know which VLAN the packet is on.  You could have one port using VLAN 100 as the native VLAN while another port uses VLAN 200 as native.  Therefore the native (or untagged) parameter merely tells the switchport to accept packets with no VLAN tag coming into that port and put them into the native VLAN, and to strip the VLAN tag for traffic going out of the port on the native VLAN.

This all means that you can use a trunk link between the switch and router with no native VLAN set (in that case VLAN1 would be native) and everything will work.

Make sense?
0
 

Author Comment

by:techlinden
ID: 40224301
That's what i was wondering.....if the switch tags the traffic leaving the switch en route to the router.  Makes sense.  However, how does the switch know that the traffic belongs to vlan 200?      I've trunked the port between switch and ap.  so i don't think it could use the vlan.dat files since the port isn't an access port on vlan 200.   does it look at the native vlan 200 command  and know that that un-tagged traffic needs to be tagged as vlan 200 leaving the switch?
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 40224665
When a packet with no VLAN tag enters a switchport it is wrapped in 802.1q.  This puts the packet on whichever VLAN is specified as native on that port.  While the packet is in the switch it keeps within that VLAN.  When the packet leaves the switch via a trunk port the packet maintains its VLAN tag if not on the native VLAN as per the trunk port config.  If the packet is on the native VLAN the 802.1q wrapper is stripped and re-applied when the packet enters the receiving switchport.
1
 

Author Comment

by:techlinden
ID: 40224857
ok.  i think i understand.  Thanks so much
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now