Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4473
Views
10
Helpful
6
Replies

OT: VLAN Tagging question (Extreme)...

Go to solution
jimmysands73_2
Level 5
Level 5

‎06-18-2011 09:17 AM - edited ‎03-07-2019 12:52 AM

I am trying to understand tagging/untagging, relevant to my Cisco studies, but applying them to Extremes at work. 

If I understand this.....Tagging a port is equivilant of making that port a trunk port, allowing that vlan on it.  Untagging is equivalent of making that port a member of the vlan.

Example topology:

We have a PC-----(port 1) Milan SW (port 9/acting as trunk)------(port 13)Extreme SW--->to goes to router, than to internet...

Milan config:

VLANID:10

Port Member
------------------------
1. UnTagged
2. UnTagged
3. UnTagged
4. UnTagged
5. UnTagged
6. UnTagged
7. No
8. UnTagged
9. Tagged

Then on the extreme side we have (with Legacy Vlan=10)

configure vlan "Legacy" add port 13 untagged

The part that confuses me is that we have equivalent of two access ports in a row (port 1 of Milan and port 1 of extreme).  The packet leaves the pc, goes into port 1, there it is put into VLAN 10....it then exits port 9 as untagged (still belonging to VLAN 10), where it enters extreme, it also gets put into vlan 10.  I posted the question on ethernation.net (extreme newsgroup), and was told...

"How can the Extreme switch put the frame into VLAN10? It does not need to per se, it is already there. It will recognize this frame is in VLAN 10 and will forward traffic accordingly"

So my question here is that this statement is true....a switch that recvs untagged frame, on a ports that is already untagged, it will not manipulate the frame?  OR is my understanding not correct?

Thank you,
Jimmy

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎06-18-2011 12:02 PM

Hello Jimmy,

I am not sure if this answers your question but let me reiterate some basic rules about how the frames are received and sent on trunk ports - perhaps they can form a basis for our further discussion:

When receiving a frame on a trunk port, a switch looks into the frame and checks whether there is a 802.1Q VLAN tag in it. If there is a VLAN tag, the switch will assign the frame to the VLAN identified by the tag. If there is no tag, the switch will assign the frame to the untagged ('native' in Cisco parlance) VLAN.

After this initial assignment, however, you can safely assume that the switch removes the tag from the frame and processes it just like a normal ordinary frame (hardware implementations may differ wildly here but for the sake of simplicity and clarity, let us not complicate things here). So what we have at this point is a frame without a tag, and the switch merely keeps track into which VLAN the frame belongs using its own means.

Now, as the frame is being forwarded out a new trunk port, the switch will verify whether the frame's VLAN is equal to the trunk's native VLAN. If it is, the frame will be forwarded untagged, otherwise, a tag will be inserted into the frame.

Note that this allows us to have different native VLANs on different trunk ports, although this is not a best practice.

To your question: 

So my question here is that this statement is true....a switch that recvs untagged frame, on a ports that is already untagged, it will not manipulate the frame?  OR is my understanding not correct?

It may well manipulate the frame (i.e. insert a tag) if the frame exits a trunk whose native VLAN is different from the frame's VLAN. Note that the manipulation you are asking about takes place when sending a frame, not when receiving it.

Please feel welcome to ask further!

Best regards,

Peter

View solution in original post

6 Replies 6

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎06-18-2011 12:02 PM

Hello Jimmy,

I am not sure if this answers your question but let me reiterate some basic rules about how the frames are received and sent on trunk ports - perhaps they can form a basis for our further discussion:

When receiving a frame on a trunk port, a switch looks into the frame and checks whether there is a 802.1Q VLAN tag in it. If there is a VLAN tag, the switch will assign the frame to the VLAN identified by the tag. If there is no tag, the switch will assign the frame to the untagged ('native' in Cisco parlance) VLAN.

After this initial assignment, however, you can safely assume that the switch removes the tag from the frame and processes it just like a normal ordinary frame (hardware implementations may differ wildly here but for the sake of simplicity and clarity, let us not complicate things here). So what we have at this point is a frame without a tag, and the switch merely keeps track into which VLAN the frame belongs using its own means.

Now, as the frame is being forwarded out a new trunk port, the switch will verify whether the frame's VLAN is equal to the trunk's native VLAN. If it is, the frame will be forwarded untagged, otherwise, a tag will be inserted into the frame.

Note that this allows us to have different native VLANs on different trunk ports, although this is not a best practice.

To your question: 

So my question here is that this statement is true....a switch that recvs untagged frame, on a ports that is already untagged, it will not manipulate the frame?  OR is my understanding not correct?

It may well manipulate the frame (i.e. insert a tag) if the frame exits a trunk whose native VLAN is different from the frame's VLAN. Note that the manipulation you are asking about takes place when sending a frame, not when receiving it.

Please feel welcome to ask further!

Best regards,

Peter

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Peter Paluch

‎06-18-2011 03:27 PM

Good response Peter

+5

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
jimmysands73_2
Level 5
Level 5
In response to Peter Paluch

‎06-19-2011 09:22 AM

So when a a packet leaves a pc, and enters the switch, if its an untagged port (aka access port), the switch puts 802.1q tag into it.   That 802.1q header identifies the VLAN the frame belongs to.  So to apply this to a a work scenario...

We have a PC-----(port 1) Milan SW (port 9/acting as trunk)------(port 13)Extreme SW--->to goes to router, than to internet

Milan VLAN 10 info:

1. UnTagged

9. Tagged

Then on the extreme side we have (with Legacy Vlan=10)

configure vlan "Legacy" add port 13 untagged

The frame goes into the Milan port 1, it puts a 802.1q header, the Milan forwards this out, because we are allowing tagged traffic out port 9 for VLAN 10.  Now the part that gets me, is why the extremes port is untagged, doesnt this mean that any frames it recv's (ingress) it will place into VLAN 10...but the frame already had an VLAN ID of 10 put there by the Milan..

Thanks for your inputs.

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to jimmysands73_2

‎06-19-2011 02:26 PM

On the extreme site, it is untagged, because you only have one vlan going to the router. If you had more then one, you would need to tag port 13

configure vlan "Legacy" add port 13 tagged

In Extreme Networks environment tagged is=trunk

HTH

Go to solution
jimmysands73_2
Level 5
Level 5
In response to Reza Sharifi

‎06-20-2011 06:06 PM

Thanks you all for your replies, every bit helps! 

0 Helpful

Go to solution
jimmysands73_2
Level 5
Level 5
In response to Peter Paluch

‎06-21-2011 09:44 PM

I was totally thrown off track.  But by virtue of here and CLN, my thinking was way wrong. 

The VLAN/MAC/port association info is kept on the switch via the CAM table.

Frames coming that need to be associated to a VLAN must be either untagged or on an access port. 

Frames that need to transverse the switch fabric need to have to be allowed on the trunk link (also known as tagging the frame as it goes accross the trunk).  We also tag frames coming from VLAN aware devices (such as other switches).  If I understand things now.  

0 Helpful
Customers Also Viewed These Support Documents