Solved

vlan tag and untagged

Posted on 2014-10-03
9
671 Views
Last Modified: 2014-10-21
Hello,

I'm having a difficult time understanding the difference between tagging and untagging vlans. When to use each one.
I've read online articles but still not getting it.

let me try to use an example.  If I have 3 vlans. vlan1 for my main network, vlan2 for my wireless-company wifi, and vlan3 for my wireless-guestwifi. and let say I have 5 switches. How would I  configure my switches? which ports would be tagged and untaged? please explain in plain English .   please see attached jpeg.
Capture.JPG
0
Comment
Question by:MrMay
  • 6
  • 3
9 Comments
 
LVL 3

Assisted Solution

by:markc56
markc56 earned 500 total points
ID: 40359663
The very basic of tagging and untagging is tagging is a way for switches to know what VLAN traffic is to be forwarded to what VLAN. It is only used between switches. Untagged just means that the native VLAN will not have the traffic tagged and therefore the receiving switch(es) will know to forward this traffic to the native VLAN. By default a Cisco switch's native VLAN is VLAN 1. You really do not need to do anything to specify tagging and untagging, that is taken care of by the switch for each VLAN and the untagged VLAN is your native VLAN.

You can change the native VLAN and it is a best practice to do for security reasons. You will also want to verify that all switches have the same native VLAN or you will get "VLAN mismatch errors".

You can configure the switches manually (creating each VLAN on each switch) or you can use VTP. VTP has positives and negatives which is a lot more detail. Again, basic stuff: make the main switch the "server" and the others "clients" and all switches will update per the "Server" switch. This is very basic and you will need more information for setup (i.e., Revision number, domain name, etc.). You will not be able/allowed to configure VLANs on the client switches. Only the server switch can be configured and this information will update (create additional VLANs, etc. as needed).

In addition you will need the port where each switch is connected to another switch setup as a trunk port and allow the needed VLANs.
0
 
LVL 3

Expert Comment

by:markc56
ID: 40359676
0
 

Author Comment

by:MrMay
ID: 40359702
I guess my mine confusion lies in our current switch configuration. Its been configured previously by a third party IT company and I'm just trying to understand it.
Let me try to explain it.
We have a core switch and 4 switches connected to it (just like the diagram that I attached in my original post).

The core-switch
***************
VLAN1 -> tagged ports none
                  untagged 1-25, 27-37,39,41,43,45,47

VLAN2 (wireless) --> tagged 1,6
                 untagged  26

VLAN3 (guest-wifi) --> tagged 6,11
                untagged 6,11

(this switch has other vlans but I want to concentrate and these 3)

Here are the configs for one of the switches off the core switch (Switch-A)
******************************************************
VLAN1 --> tagged none
                    untagged 1-39, 41-48

VLAN2 (wireless) --> tagged 1-2, 22, 46-48
                                      untagged 40
VLAN3(guest wifi)  --> tagged none
                                    untagged none

my questions are... why is my switchA (the one off the core switch) have so many tagged ports?  
Why does my core switch have port 1 and 6 tagged and 26 untagged for Vlan2?
I'm just not understanding how tagging and untagging works.... (we are using HP switches)
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 
LVL 3

Accepted Solution

by:
markc56 earned 500 total points
ID: 40359812
It has been awhile since I have worked with HP switches. The are different (more complicated) than Cisco. After a little research here is what I found about HP switches:

-------------------------------------------------------------------------------------------------------
With HP switches the terminology is different, here switch ports are either tagged members or untagged members of a VLAN.

What's the difference between tagged and untagged? If a port is a tagged member it passes the VLAN information with the traffic it sends. If it is untagged it sends the VLAN traffic without adding in the VLAN tag. So you would only make a port a tagged member if the device that is plugged into it is VLAN aware, i.e. another switch, router, or machine with a VLAN aware NIC. (Note: The VLAN tag is the ID that gets inserted into the head of a network packet). So to do exactly the same as we did in scenario 1, but with HP switches, you would do the following:

BE AWARE: Any single port can only be untagged on one VLAN. Out of the box all ports are untagged on VLAN 1 (or the default VLAN), so if you untag a port into VLAN 20 (for example) it will automatically remove the 'vlan 1 untagged' property for that port.

&

Here is a link for HP configuration of VLANs and ports for:

http://www.hp.com/rnd/device_help/help/hpwnd/webhelp/HPJ4812A/configuration_vlan.htm
0
 

Author Comment

by:MrMay
ID: 40359983
so in my example above, why do some VLAns have two or more tagged ports? I mean, my understanding is that only one physical port can connect to another physical port on another switch. So what's the point of tagging lets say port 1 and 6?
0
 
LVL 3

Assisted Solution

by:markc56
markc56 earned 500 total points
ID: 40360107
HP can only have one UNTAGGED per port, but several TAGGED. The untagged is the natvie VLAN of that port, but it can have several tagged VLANs allowing multipe VLANs to travel over this port and have the other switch know where (which VLAN) to forward traffic to. Multiple VLANs can use different ports on each switch a configured.
0
 
LVL 3

Expert Comment

by:markc56
ID: 40360122
Here is an older experts-exchange link helping with the HP tagging/untagging:

http://www.experts-exchange.com/Hardware/Networking_Hardware/Switches/Q_27410110.html
0
 

Author Comment

by:MrMay
ID: 40360129
Weird... you say that only one port per vlan can be untagged.... One of my current switches has a vlan that has port 38.40,42,44 untagged. Doesn't untagged port make it a access link.... my understanding is that all untagged ports in a vlan are capable of talking to each other?
0
 
LVL 3

Expert Comment

by:markc56
ID: 40360145
Each and every port can have one untagged VLAN.

The link: http://www.experts-exchange.com/Hardware/Networking_Hardware/Switches/Q_27410110.html 
explains the difference in terminology between HP and Cisco which can cause a lot of the confusion.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question