3

Not a system admin (electrical eng so I develop ASIC's) and I've come across an issue where I need to understand switching better.

I have one device (A) that has pre tagged traffic coming out of it and I have two devices (B & C) that will be sending untagged traffic.

I want device A to be able to send some of its tagged traffic to B and send other traffic on another tag to C.

Lets say A sends out the tag 10 and 20.

So how I see this is I would set up the switch to have the port A is on be a tagged port on both VLAN 10 and 20, while B and C would be untagged ports each being on 10 or 20.

Let me know if that's wrong, but my question with this setup is, does the switch know to strip the VLAN tag before it hits device B and C, does it know to add a VLAN tag to the Packets coming from B and C? If this is the case, does this VLAN tag get stripped before reaching device A?

Some of the explanations on the web seem really contradictory.

An example switch I have access to is an extreme networks switch.

mHo2
  • 33
  • 2

1 Answers1

3

Programmatically inside of a managed switch all frames are tagged/identified with some sort of VLAN ID so the switch is constantly adding and removing that information from the frames as they come in and out the various ports of the switch. This is how, for example, the switch keeps traffic on two untagged ports in different VLANs separate.

So essentially all you are doing when you configure various ports for tagged/untagged traffic is telling the switch whether to put the tags into standard 802.1q format when the frame leaves the switch or whether to strip them off entirely. In your example port A would always send and expect in traffic with tags, B and C would automatically tag traffic coming into the ports with the programmed VLAN and remove tags on traffic exiting the ports.

In the Cisco world (and most enterprise networking) we call ports like B and C "access ports". These are assigned to a single VLAN inside the switch and do not support tagging on traffic entering/exiting. We can ports like A trunk ports as they carry multiple VLANs, tag traffic exiting the port and trust the tags coming in through the port.

Ben Franske
  • 511
  • 2
  • 11
  • Im guessing when you say exit the port you mean away from the device and vice versa, correct? – mHo2 Sep 28 '17 at 12:49
  • I mean from the perspective of the switch. – Ben Franske Sep 28 '17 at 13:46
  • That wouldnt make sense to tag traffic going into the device (exiting the port) if the device doesn't know about VLAN tags – mHo2 Sep 28 '17 at 13:47
  • Which is why you would only use a trunk port to connect to another switch or to a device which understands tags (a server, Linux device, etc.) – Ben Franske Sep 28 '17 at 13:54