cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
293
Views
0
Helpful
6
Replies
Highlighted
Beginner

question about the behavior of "switchport trunk native vlan" in specific circumstances

I have been trying to get this question answered and have found no document that addresses it directly.  Suppose I currently have the standard native vlan (1) on my switch and I have an interface that looks like this:

 

interface po1

 switchport mode trunk

 switchport trunk allowed vlan 100,200

 

If I were to add the command "switchport trunk native vlan 100" to interface po1, what would the results be, exactly?  My understanding is that it adds the "vlan100" tag to any untagged (vlan 1) packet that arrives on the interface and sends it on.  First, is this correct?  If so, my next question is what, if anything, is done to packets that arrive on the po1 interface that are *already* tagged as vlan100?  Does it just forward them on, or does it do something else to them?  Or is there some aspect of this that I am missing altogether?

 

 

Thanks,

-Mat

2) 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Hall of Fame Guru

Mat

 

Perhaps it might help to start with a reminder about several aspects of vlan tagging. 

- A standard Ethernet frame has no tag.

- vlan tags are applied to an Ethernet frame that is being sent out a trunk interface.

- vlan tags are interpreted and then removed on Ethernet frames being received on a trunk interface.

- vlan tags are not used on Ethernet frames inside a switch.

 

With these in mind let us address the questions you are asking:

interface po1 is configured as a trunk, carrying vlans 100, 200 and you have now configured native vlan 100. 

- An Ethernet frame arrives at the trunk interface to be transmitted over the trunk. This frame is associated with vlan 100 inside the switch (was received on an access port in vlan 100). This frame will be transmitted over the trunk with no tag.

- An Ethernet frame arrives at the trunk interface to be transmitted over the trunk. This frame is associated with vlan 200 inside the switch (was received on an access port in vlan 200). This frame will be transmitted over the trunk with a tag for 200.

- An Ethernet frame arrives at the trunk interface to be transmitted over the trunk. This frame is associated with vlan 1 inside the switch (perhaps it is a protocol frame such as BPDU). This frame will be transmitted over the trunk with a tag for 1.

- An Ethernet frame is received on the trunk interface. This frame has no tag. This frame will be processed in the switch associated with vlan 100.

- An Ethernet frame is received on the trunk interface. This frame has a tag for 200. The tag will be removed and this frame will be processed in the switch associated with vlan 200.

- An Ethernet frame is received on the trunk interface. This frame has a tag for 1. The tag will be removed and this frame will be processed in the switch associated with vlan 1.

HTH

Rick

View solution in original post

6 REPLIES 6
Highlighted
Enthusiast

 is that adds the "vlan100" tag to any untagged (vlan 1) packet that arrives on the interface and sends it on

untagged doesn't mean VLAN1, but it depend on your native VLAN setting.

 

Concretely, the switch will treat the un-tagged packets received from the Po1 interface belong to VLAN100. but whether the packet being forwarded out with tag or no tag is depend on the out going port setting. For example, the outgoing interface is an VLAN100's access port, then it will not have any tag. Or if the outgoing interface is an trunk interface with default native VLAN, it will tag VLAN100.

 

 if anything, is done to packets that arrive on the po1 interface that are *already* tagged as vlan100

If the packet already have a VLAN tag (e.g. vlan100) on it, the switch will simply treat the packet belong to VLAN100. Native VLAN should have no effect for this situation. 

 

 

 

 

Highlighted
VIP Expert

(NB: basically same information as already provided by Nkin2010, just worded differently.)

"If I were to add the command "switchport trunk native vlan 100" to interface po1, what would the results be, exactly?"

Two (changed) things:  1) untagged ingress frames would be considered VLAN 100 frames.  2) VLAN 100 egress frames would be untagged.

"My understanding is that it adds the "vlan100" tag to any untagged (vlan 1) packet that arrives on the interface and sends it on."

Besides the correction already noted by Nkin2010, i.e. "(vlan 1)", (or perhaps you meant "VLAN 100"), there's no different treatment for how untagged or VLAN 100 tagged frames are processed upon ingress.

"If so, my next question is what, if anything, is done to packets that arrive on the po1 interface that are *already* tagged as vlan100?"

They too are (still) considered to be VLAN 100 frames.

Highlighted
Hall of Fame Guru

Mat

 

Perhaps it might help to start with a reminder about several aspects of vlan tagging. 

- A standard Ethernet frame has no tag.

- vlan tags are applied to an Ethernet frame that is being sent out a trunk interface.

- vlan tags are interpreted and then removed on Ethernet frames being received on a trunk interface.

- vlan tags are not used on Ethernet frames inside a switch.

 

With these in mind let us address the questions you are asking:

interface po1 is configured as a trunk, carrying vlans 100, 200 and you have now configured native vlan 100. 

- An Ethernet frame arrives at the trunk interface to be transmitted over the trunk. This frame is associated with vlan 100 inside the switch (was received on an access port in vlan 100). This frame will be transmitted over the trunk with no tag.

- An Ethernet frame arrives at the trunk interface to be transmitted over the trunk. This frame is associated with vlan 200 inside the switch (was received on an access port in vlan 200). This frame will be transmitted over the trunk with a tag for 200.

- An Ethernet frame arrives at the trunk interface to be transmitted over the trunk. This frame is associated with vlan 1 inside the switch (perhaps it is a protocol frame such as BPDU). This frame will be transmitted over the trunk with a tag for 1.

- An Ethernet frame is received on the trunk interface. This frame has no tag. This frame will be processed in the switch associated with vlan 100.

- An Ethernet frame is received on the trunk interface. This frame has a tag for 200. The tag will be removed and this frame will be processed in the switch associated with vlan 200.

- An Ethernet frame is received on the trunk interface. This frame has a tag for 1. The tag will be removed and this frame will be processed in the switch associated with vlan 1.

HTH

Rick

View solution in original post

Highlighted

That clarifies things, thanks.

Highlighted

Mat

 

You are welcome. I am glad that my explanation was helpful. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick
Highlighted

While my posting didn't mention VLAN 1 and/or control plane protocols frames, Rick's mentioning VLAN 1, since it doesn't distinguish between VLAN 1 "normal" data frames and other control plane frames, might, in some respects, not be totally accurate since VLAN 1 is pruned, in OP's case.

For example: "An Ethernet frame arrives at the trunk interface to be transmitted over the trunk. This frame is associated with vlan 1 inside the switch (perhaps it is a protocol frame such as BPDU). This frame will be transmitted over the trunk with a tag for 1."

My understanding, if VLAN 1 is pruned, its "normal" data frames, are not transmitted.

VLAN 1 control plane frames, such as Rick's mention of BPDU, is particularly messy.  You might want to read this thread How BPDU is transmitted with Native VLAN for PVST and MSTP 

VLAN 1 control plane frames, depending on the particular protocol, will either be tagged and transmitted as VLAN 1, as Rick describes, or they will be sent untagged, appearing to be in VLAN 100, but they are really not, or even, according to the above thread, for some control plane protocols, such as STP, possibly transmitted both tagged and untagged.

Content for Community-Ad