Unsolved
This post is more than 5 years old
1 Rookie
•
16 Posts
0
74766
February 10th, 2006 01:00
When to tag VLAN ports
Hi.
I am trying to find information on when a VLAN port should be set to "T" (tagged).
I have a vlan (20) on a 3348 switch, and ports communicate fine when
all ports are set to untagged. I have set the PVID to 20 also so, I think,
untagged traffic coming into the port will be tagged (ie. traffic from
server). But as soon as I set any of the ports to T traffic to that
port stops flowing. Why is this?
Also, when are LAG settings used? None of the whitepapers or manuals
explain this in any detail.
Hope somebody can shed some light on this.
I am trying to find information on when a VLAN port should be set to "T" (tagged).
I have a vlan (20) on a 3348 switch, and ports communicate fine when
all ports are set to untagged. I have set the PVID to 20 also so, I think,
untagged traffic coming into the port will be tagged (ie. traffic from
server). But as soon as I set any of the ports to T traffic to that
port stops flowing. Why is this?
Also, when are LAG settings used? None of the whitepapers or manuals
explain this in any detail.
Hope somebody can shed some light on this.
DRNO10
184 Posts
0
February 10th, 2006 02:00
bigboyblue
1 Rookie
•
16 Posts
0
February 10th, 2006 06:00
I have found that unless I set PVID to the same ID as the VLAN nothing works. Is this the way it should be?
eg.
Router
|
| eth0 - Switch 3348 e/1
|- e/2 VLAN 1
|- e/3 VLAN 10
| eth1 |- e/4 VLAN 20
|- e/5 VLAN 20
|- e/6 VLAN 1
eth1 (vlan 20) works when I
1. set e/4 PVID to 20 and add as "U" to VLAN20
2. add e/5 to VLAN20, PVID 20
eth1 - I cannot get this to work. If I set to e/1 trunk,
and have as a member of VLAN 1 & VLAN 10, e/3 cannot
be accessed. But if I set PVID to 10, then e/3 is ok,
but VLAN 1 members are not.
Not sure if this is clear, but any help would be greatly
appreciated.
DELL-Cuong N.
1K Posts
0
February 10th, 2006 13:00
DRNO10 description is absolutely correct. Basically you need VLAN tagging if you are trunking between two switches. You can also use VLAN tagging when connecting a VLAN-aware workstation to a switch if the workstation needs to be connected to more then one virtual LAN at the same time but only have one NIC to use.
So if you have a switch that carries traffic for VLAN 10, 20, and 30 and you need to trunk these VLAN to a router or to another switch then you are sending all these VLANs through the same trunk port (one port) so somehow you have to distinguish between those VLANs when it pass through this port to another switch. You must then make sure that all packets passing through that port are appropriately tagged so that the other switch can properly segragate the packets onto different VLAN when they are received.
The same is true if you are connecting a workstation which has one NIC to a switch and if this workstation needs to connect to more then one network at the same time. So you have one incoming port to the workstation but two network so you must make sure packets are tagged going to the workstation. Now the problem is that the workstation NIC must be able to support VLAN. If you have a VLAN aware NIC you should be able to setup virtual interfaces for each VLAN so your workstation would look like it has two network interface one to each network.
If you have a workstation that is not VLAN aware or a switch that is not VLAN aware then you have to make sure that traffic leaving the switch is untagged otherwise your VLAN-unaware equipment would have no idea what to do with the packet - the Ethernet packet with VLAN tagging looks different then normal non-VLAN Ethernet packet (there are some additional header information). If you send VLAN tagged packets to a VLAN-unware device the packets will be dropped (as you have seen).
I suggest you do a google search online for "VLAN" - you should find many papers and examples which will help you understand this technology.
Cuong.