Port Based VLANs

Are Port based VLAN devices designed to work with tag based VLANs ? I am trying to figure out if I can use an AP which supports tag based VLANs with a port based VLAN. All documents I found though the web were implementations and not specs. I have a few basic questions: If I have switch with the following Port based VLAN configuration: Ports | VLAN ID

1,5 1 2,5 2 3,5 3 4,5 4

- Then an host on port 1 can only communicate with port 5 ? and port 2 with port 5 and so on ?

- Should the switch be inserting the appropriate vlan tag on the outgoing frame on port 5 ? Eg: a VLAN tag of 1 on a packet from port 1 to port 5.

- Should the switch be expecting a VLAN tag on any inbound frame on port 5 ?

Any information would be appreciated.

Reply to
droute
Loading thread data ...

Yes.

normally port based vlans are for switch based ports linked to individual end devices.

Tagged portsused to connect devices which handle multiple VLANs - often other switches

I

without know the device involved then you are basically asking for educated guesswork - worth every penny you are paying for it.....

Depends on the switch implementation - there is no reason that "membership of multiple internal vlans" must map to "tag the packets with the internal vlans on this port" - but it may do.

you may need to set the port into "tag" mode explicitly.

If the port is set for vlan tagging, then it should use it for both inbound and outbound packets.

Reply to
stephen

More information is needed to fully analyze this scenario.

  1. The PVID for each port. Untagged frames arriving on this port will get assigned to this VLAN.
  2. Whether the devices connected at the each of the ports support tagging or not.

Yes. That's the whole point of VLANs. Port 1 will be able to communicate only with Port 5 and no other port.

It depends. If you're implementing asymmetric VLANs and if the device at Port 5 is untagged, then you don't need to do tagging. But for that your switch must support "shared VLAN learning". In that case the devices from Port 1 will talk to Port 5 on VLAN 1 (presumably a server) and the server on Port 5 will respond on VLAN 5. Shared VLAN learning means that even though the addresses of devices from Port 1 are learnt in VLAN 1, they can be used by frames belonging to VLAN 5. But it doesn't look like you are trying to do that since you have only 4 VLANs configured...

In that case the switch should tag traffic as it goes out on Port 5 otherwise there will be no way to know which VLAN the frame belongs to on the device at the remote end of Port 5.

If it doesn't receive a tag, it will classify the frames as being on the PVID for Port 5. So, assuming what you're trying to do is to have Port 5 be a "trunk port" that carries traffic for all VLANs in both directions, the switch will need to receive tagged traffic on Port 5.

Anoop

Reply to
anoop

If you set the encapsulation type for port 5 to be 802.1q.

The switch or server on port 5 should also be set for 802.1q.

Errr... depends a bit. My feeling is that you should desperately avoid using VLAN 1, because e.g. on Cisco equipment that is by default interpreted as untagged, whereas other implementations differentiate tagged packets on VLAN 1 from untagged packets.

Trust me on this. Do not use VLAN 1.

And then yes, all packets inbound on port 5 should be tagged. You have to set the switch or server on port 5 for the same VLANs.

Wrolf

Reply to
Wrolf

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.