Just to muddy the waters, say you have an access port on VLAN 5 with a voice VLAN of 10, and a Cisco VoIP phone operating on, as might be expected, VLAN 10.  Optionally, perhaps another device, attached to the phone, CDP capable.

What CDP packets are present, and are they tagged, and if tagged, with what VLAN ID?

OP didn't mention ARP or PVST, but nice distinction how those are VLAN specific, and have a scope beyond just a need to exchange data beyond a direct neighbor.

Hmm, if Cisco only supported classical STP, i.e. not VLAN aware, it too might always be untagged.  (Hmm, wonder what other hardware vendors do?  Also, wonder about LLDP, LACP, etc.?  Still, I agree you can make a distinction that most protocols that logically function within a VLAN domain, need to be tagged if on a trunk.  Those that don't logically function within a VLAN, wouldn't need to be tagged, they might be tagged, but it's logically unnecessary.)

Hi,

  As Cisco runs per VLAN STP / 802.1d and per VLAN RSTP / 8021.w, BPDU's for native VLAN are untagged, while BPDU's for all other VLAN's are tagged, this way the receiving switch can map incoming BPDU with VLAN / STP instance.

   The reason all other protocols are untagged is for simplicity, and because there's no need to tag it, not being VLAN dependent.

Thanks,

Cristian.

As Cisco runs per VLAN STP / 802.1d and per VLAN RSTP / 8021.w, BPDU's for native VLAN are untagged, while BPDU's for all other VLAN's are tagged, this way the receiving switch can map incoming BPDU with VLAN / STP instance.

I agree, for PVST knowing the applicable VLAN, via a tag, is necessary.

The reason all other protocols are untagged is for simplicity, and because there's no need to tag it, not being VLAN dependent.

So you're saying for all protocols where there's no logical reason for a VLAN tag, Cisco NEVER tags such control plane protocol frames?

Hi,

   Lots of documents make lots of statements. However, reality is that untagged layer 2 packets have nothing to do with native VLAN, as those layer 2 packet are not VLAN dependent, are just being sent over the interface, regardless of what the native VLAN is or if the native VLAN is allowed or not.

Thanks,

Cristian.

Lots of documents make lots of statements. However, reality is that untagged layer 2 packets have nothing to do with native VLAN, as those layer 2 packet are not VLAN dependent, are just being sent over the interface, regardless of what the native VLAN is or if the native VLAN is allowed or not.

Agreed they do.  I would further stipulate even Cisco documentation isn't always error free.  Further, later IOS behavior might have been changed, so possibly newer platforms might have different behavior, but, again, you're saying unless the control plane protocol logically requires tagged frames, all such frames are never tagged, and any documentation saying otherwise is incorrect?

BTW, the first time someone mentioned ISL tagging such frames, which, I believe (?) expects all frames to be VLAN tagged, I can see perhaps why all control plane protocol frames being tagged as VLAN 1, being a default VLAN, being used for the VLAN ID.

Hi,

    Yes, any control-plane protocol that doesn't logically require tagged frames will go out untagged, regardless of what the native vlan is, if the native vlan is allowed on the trunk, or if any vlan is allowed at all over the trunk port; and any documentation stating otherwise, it' wrong.

    As for ISL, never bothered looking into it, however my 100% expectation for the protocol I've previously mentioned is the same, those will go out untagged, and without ISL encapsulation; as for protocols that are logically VLAN dependent, like STP, not sure how Cisco's STP implementation will behave over ISL trunk.

Thanks,

Cristian.

Which book is it from??