Solved

how a router handles untagged traffic

Posted on 2014-07-27
5
758 Views
Last Modified: 2014-07-28
let's say I have a router on a stick topology with 2 sub-interfaces, representing 2 vlans.  let's say one of these is untagged.  When my router receives traffic from the untagged vlan it's going to be expecting a vlan tag per the command encapsulation dot1q.   I know i can use the command encapsulation dot1q vlan 10 native or whatever.  My question is that if i didn't tell my router to specifically accept un-tagged traffic would routing work between the 2 vlans?  If i just set up my sub interfaces to include the subnet of the un-tagged traffic?

One a similar note, at my current job i've been configuring all of our waps as flex-connect where I trunk the ports between the wap and the switch but tell the switch to untag the traffic on the wap subnet (native vlan 200).   On my router i have  a sub-interface that corrensponds to the subnet of my wap (with the command encapsulation dot1q 200).  Routing works fine.  i can ping the waps etc. . I guess my question is why.  The traffic coming from my wap isn't tagged with the vlan id 200 and my router is expecting that vlan tag.   I think i'm confusing myself here.  :)  a little enlightenment would be appreciated.
0
Comment
Question by:techlinden
  • 2
  • 2
5 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40223189
If the "encap dot1q vlan # native" is not used, then untagged frames are processed by the physical interface.  If no IP address is assigned to the physical interface, then the packet is dropped.
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 40223592
Let's say that you plug the AP straight into the router.  If you set the management VLAN to 200 on the AP you would have to set the encapsulation dot1q 200 native command on the router's subinterface.

Now, if you connect the AP to a switch, the switch tags the traffic coming from the AP into VLAN 200 even though you want it untagged.  The reason it tags the 'untagged' traffic is because the switch needs to know which VLAN the packet is on.  You could have one port using VLAN 100 as the native VLAN while another port uses VLAN 200 as native.  Therefore the native (or untagged) parameter merely tells the switchport to accept packets with no VLAN tag coming into that port and put them into the native VLAN, and to strip the VLAN tag for traffic going out of the port on the native VLAN.

This all means that you can use a trunk link between the switch and router with no native VLAN set (in that case VLAN1 would be native) and everything will work.

Make sense?
0
 

Author Comment

by:techlinden
ID: 40224301
That's what i was wondering.....if the switch tags the traffic leaving the switch en route to the router.  Makes sense.  However, how does the switch know that the traffic belongs to vlan 200?      I've trunked the port between switch and ap.  so i don't think it could use the vlan.dat files since the port isn't an access port on vlan 200.   does it look at the native vlan 200 command  and know that that un-tagged traffic needs to be tagged as vlan 200 leaving the switch?
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 40224665
When a packet with no VLAN tag enters a switchport it is wrapped in 802.1q.  This puts the packet on whichever VLAN is specified as native on that port.  While the packet is in the switch it keeps within that VLAN.  When the packet leaves the switch via a trunk port the packet maintains its VLAN tag if not on the native VLAN as per the trunk port config.  If the packet is on the native VLAN the 802.1q wrapper is stripped and re-applied when the packet enters the receiving switchport.
1
 

Author Comment

by:techlinden
ID: 40224857
ok.  i think i understand.  Thanks so much
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now