I have (a) question(s) about VLANs and Tagging. A customer wants an interface on a Cisco 1921 to be configured for traffic with VLAN 10 tagging. Because the customer is an difficult one, I'm starting to question myself. So i just looking for some answers;
1) To tagg from a switch, one simply puts the interface in the VLAN right?
1.a) If this is correct, then the router just needs an interface configured with an IP in the same subnet, nothing more?
This is not necessary right? Or if there is a DHCP for VLAN10, you will need the sw acc command?
switchport access vlan 10
no ip address
In this construction there is no need for trunking, only one VLAN passes through and tagging is only important for the switch right?
When creating an Router-on-a-stick the router needs subinterfaces and be in trunking mode.
I'm a starting engineer and this still confuses me. :(
Thanks in advance for helping.
@Jaderson Pessoa wrote:
If you use just one network, yes... you just can tag switch's port and it will work... But if you need more than one network you will need create a sub-interface on the router, for exemple:
SW1: interface gi0/1
switchport mode trunk
switchport trunkencapsulation dot1q 10
switchport trunkencapsulation dot1q 20
ip address 192.168.20.1 255.255.255.0
Also the physical interface in the above example if used by any subnet with be the untagged
ip address 192.168.5.1 255.255.255.0 <untagged
or you can specify another subnet as untagged and use a subinterface
no ip address
encapsulation dot1q 5 native
ip address 192.168.5.1 255.255.255.0 <un tagged
encapsulation dot1q 10
ip address 192.168.10.1 255.255.255.0 < tagged
encapsulation dot1q 20
ip address 192.168.20.1 255.255.255.0 < tagged
Lastly the sub interface numbering doesn’t have relate to the vlans on the switch it is just the encapsulation number that does however it is recommended to keep them the same for clarification purposes
encapsulation dot1q 10 <vlan 10
encapsulation dot1q 20 < vlan 20
There are things about this environment that we do not know and that might impact our advice. But based on what we know so far I believe that we can give this advice:
- this is to be configured on a 1921 router. So we have a layer 3 router connected to some kind of switch.
- the customer has requested tagging for vlan 10.
- if the switch port connecting to the router is set up as an access port in vlan 10 then there will be no tagging.
- if the switch port connecting to the router is to do tagging for vlan 10 then the switch port must be configured as a trunk port, and the native vlan can not be vlan 10.
- on the router if an IP address is configured on the main interface it will process untagged traffic. So to process traffic tagged for vlan 10 the router must be configured with a subinterface for vlan 10.