Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
28204
Views
12
Helpful
2
Replies

Communication between different VLAN

Go to solution
Jacky1999331
Level 1
Level 1

‎11-06-2022 10:43 PM - edited ‎11-06-2022 11:00 PM

In my previous understanding, there is no way to communicate between two VLANs using only layer 2.

After all, this is the purpose of having VLAN. But today, I heard sth really interesting from my coworker(I am really new to networking).

They claim that
1.VLANs can communicate with other VLANs when they both using the same trunk link to connect to the same layer 2 switch.

Others claim that
2.VLANs with the same default gateway can communicate with other VLANs under the same layer 2 switch

Another one said that
3. native VLAN can access other VLANs under the same layer 2 switch.

*Communication between different VLANs means A PC 1 in VLAN10 communicates with PC 2 in VLAN20

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Martin L
VIP
VIP

‎11-07-2022 08:28 PM

1.VLANs can communicate with other VLANs when they both using the same trunk link to connect to the same layer 2 switch

No, not possible on the same switch.  Trunk is used to connect to other switch and then Sw1 Vlan x can connect to Vlan X on sw2.  In case When you use same cable to connect 2 ports on different vlan on same switch, protection kicks in -see below ad.3.

2.VLANs with the same default gateway can communicate with other VLANs under the same layer 2 switch

No, remember L2 switch forwards traffic based on destination MACs and its own MAC address table (vlan id, port, MAC). switches will build such forwarding table based on source MAC. this also means that any unknown traffic (MAC is not in table) will be flooded to all ports in that Vlan x and over the trunk ports that allow Vlan x to pass.  Normally vlans should be on different subnets and have different default gateways (matching subnet).   

3. native VLAN can access other VLANs under the same layer 2 switch

There is native vlan hack when u connect 2 switches with cable and those 2 corresponding ports are in different native vlan id. Then, communication leaks between vlans because tag is striped due to native vlan id.   When you connect 2 ports in the same switch with cable. however, there is switch protection (i forgot name of it)  that put one of ports into error-disabled  state and communication is stopped.  you must disabled

 

Regards, ML
**Please Rate All Helpful Responses **

 

View solution in original post

2 Replies 2

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎11-07-2022 12:23 AM

I am sure somewhere in the network you have a Layer3 router which Holds Layer3 Interface configured for VLAN 10 and VLAN 20

if that Router has routing enabled and there is no ACL, what your mate claim correct. as long as both the VLAN in the Trunk pass to Layer3 Router, the routing takes place, and VLAN10 users can connect to VLAN 20 and vice versa.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
Martin L
VIP
VIP

‎11-07-2022 08:28 PM

1.VLANs can communicate with other VLANs when they both using the same trunk link to connect to the same layer 2 switch

No, not possible on the same switch.  Trunk is used to connect to other switch and then Sw1 Vlan x can connect to Vlan X on sw2.  In case When you use same cable to connect 2 ports on different vlan on same switch, protection kicks in -see below ad.3.

2.VLANs with the same default gateway can communicate with other VLANs under the same layer 2 switch

No, remember L2 switch forwards traffic based on destination MACs and its own MAC address table (vlan id, port, MAC). switches will build such forwarding table based on source MAC. this also means that any unknown traffic (MAC is not in table) will be flooded to all ports in that Vlan x and over the trunk ports that allow Vlan x to pass.  Normally vlans should be on different subnets and have different default gateways (matching subnet).   

3. native VLAN can access other VLANs under the same layer 2 switch

There is native vlan hack when u connect 2 switches with cable and those 2 corresponding ports are in different native vlan id. Then, communication leaks between vlans because tag is striped due to native vlan id.   When you connect 2 ports in the same switch with cable. however, there is switch protection (i forgot name of it)  that put one of ports into error-disabled  state and communication is stopped.  you must disabled

 

Regards, ML
**Please Rate All Helpful Responses **

 

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card