Yes all untagged traffic from port 1 to port 8 are being flooded when communicating between each others.  I'm assuming that packets entering port 1 and 8 are coming in as untagged from the hosts connected to those ports.  Here is the way you should look at it:

• So let's say a host A (MAC A) is connected to port 1 and is trying to communicate with a host B (MAC B) on port 8.
• A packet first enters the switch from host A to port 1 and the packet is sent untagged.  This packet will be automatically be tagged as 10 because of the PVID setting on port 1.  This MAC A is learned on port 1 VLAN 10.  The destination of this packet is for MAC B.
• So the switch looks to see if there is a MAC B learned on VLAN 10 on the switch.  Since there is no MAC B on any port on VLAN 10 the switch will flood this packet to all ports member of VLAN 10 on the switch (except for the incoming port 1 of course).  So this packet is sent to all ports that are member of VLAN 10 including port 8.
• The packet arrives at host B which is on port 8.  This host returns a response to host A.  This return packet comes into port 8 to be sent to host A.  Since host B is sending the packet untagged, it is automatically tagged as VLAN 4 because that's the PVID on port 8.
• The MAC B is learned on port 8 VLAN 4.  The destination of the packet is MAC A.
• Since the packet is currently on VLAN 4, the switch looks to see if there is a MAC A that's learned on any port that's also a member of VLAN 4.  Remember that MAC A was learned on port 1 but on VLAN 10 only.  So there is no MAC A learned on VLAN 4 on any port.  The switch will then flood the packet to all ports which are member of VLAN 4.
• So the return packet is sent to all ports member of VLAN 4 which happens to include port 1 and the packet is returned properly to host A.

As you can see the MAC A is learned on VLAN 10 port 1.  The MAC B is learned on VLAN 4 port 8.  Because of the way layer 2 switches work, the way you setup your switch, the MAC is never learned on the same VLAN so the packets are always flooded.

If the two hosts were to tag the packets so they end up on the same VLAN then it would work.  If the PVID on the two ports were the same so that untagged packets are on the same VLAN then it would also work.  However, it maybe that in your special configuration you need these hosts to be on different VLANs but still need to communicate.  In that case you may need to use a layer 3 switch which can route between VLANs if you want to avoid this flooding problem.  If you can't use a layer 3 switch and you need to isolate these hosts but still need to communicate then using VLAN overlapping the way you have it is the only way but then you pay the price with the flooding problem.

Please review the link I provided earlier for more detail on this.

Cuong.

Message Edited by DELL-Cuong N. on 05-05-200611:04 AM

I think that would work.  If you know exactly where the MAC is and what VLAN it should be, you could enter the static MAC on the correct VLAN and port and make it a permanent for the port/VLAN and that will allow the switch to "find" the MAC on the correct VLAN and send the traffic there instead of flooding.  Let me know if it works out for you.

Cuong.

Finally got around to doing this....

Here is the command I entered

interface vlan 4
bridge address 08:00:0f:16:e8:ab ethernet e8

e8 is the port the phone switch is connected to, and the mac address is the phone system itself.

I'm still getting the broadcasts though. Did I enter it wrong?