Important VLAN Concepts for 802.1Q VLAN Configuration:
There are two key concepts to understand.
- The Default Port VLAN ID (PVID) specifies the VID to the switch port that will assign the VID to
untagged traffic from that port.
- The VLAN ID (VID) specifies the set of VLAN that a given port is allowed to receive and send
labeled packets.
Both variables can be assigned to a switch port, but there are significant differences between them.
An administrator can only assign one PVID to each switch port (since the 802.1Q protocol assigns
any single packet to just one VLAN). The PVID defines the default VLAN ID tag that will be added
to un-tagged frames receiving from that port (ingress traffic).
On the other hand, a port can be defined as a member of multiple VLAN (multiple VID). These
VIDs constitute an access list for the port. The access list can be used to filter tagged ingress
traffic (the switch will drop a tagged packet as belonging in one VLAN if the port on which it was
received is not a member of that VLAN). The switch also consults the access list to filter packets it
sends to that port (egress traffic). Packets will not be forwarded unless they belong to the VLANs
that the port is one of the members.
The differences between Ingress and Egress configurations can provide network segmentation.
Moreover, they allow resources to be shared across more than one VLAN.
To Next Page
Loading...
Need help?
General
