Chapter 21
| VLAN Commands
Configuring VLAN Interfaces
– 586 –
â—† If a trunk has switchport mode set to trunk (i.e., 1Q Trunk), then you can only
assign an interface to VLAN groups as a tagged member.
â—† Frames are always tagged within the switch. The tagged/untagged parameter
used when adding a VLAN to an interface tells the switch whether to keep or
remove the tag from a frame on egress.
â—† If none of the intermediate network devices nor the host at the other end of the
connection supports VLANs, the interface should be added to these VLANs as
an untagged member. Otherwise, it is only necessary to add at most one VLAN
as untagged, and this should correspond to the native VLAN for the interface.
â—† If a VLAN on the forbidden list for an interface is manually added to that
interface, the VLAN is automatically removed from the forbidden list for that
interface.
Example
The following example shows how to add VLANs 1, 2, 5 and 6 to the allowed list as
tagged VLANs for port 1:
Console(config)#interface ethernet 1/1
Console(config-if)#switchport allowed vlan add 1,2,5,6 tagged
Console(config-if)#
switchport
ingress-filtering
This command enables ingress filtering for an interface. Use the no form to restore
the default.
Syntax
[no] switchport ingress-filtering
Default Setting
Disabled
Command Mode
Interface Configuration (Ethernet, Port Channel)
Command Usage
â—† Ingress filtering only affects tagged frames.
â—† If ingress filtering is disabled and a port receives frames tagged for VLANs for
which it is not a member, these frames will be flooded to all other ports (except
for those VLANs explicitly forbidden on this port).
â—† If ingress filtering is enabled and a port receives frames tagged for VLANs for
which it is not a member, these frames will be discarded.
To Next Page
Loading...
Need help?
General