VLAN pvid vid access Port trunk port

A brief talk on VLAN technology http://www.h3c.com.cn/MiniSite/H3care_Club/Data_Center/Net_Reptile/The_One/Home/Catalog/200911/655250_ 97665_0.htm

Baidu Encyclopedia VLAN Http://baike.baidu.com/view/1362579.htm?fr=aladdin

3.2 VLAN member connection mode

There are three ways to connect VLAN members: Access,trunk,hybrid;

L Access connection: message without tag tag, generally used to connect with Tag-unaware (not support 802.1Q package) device, or do not need to distinguish between different VLAN members when used;

L Trunk Connection: In the pvid belongs to the VLAN without tag tag forwarding, the other VLAN packets must have tag tag, for Tag-aware (Support 802.1Q package) device connected, generally used for interconnection between the switches;

L Hybrid Connection: Some VLAN packets can be set as required with tag, some messages without tag. The biggest difference with trunk connection is that the trunk connection only pvid belongs to the VLAN without tag, the other VLAN must have tag, and the hybrid connection is can be set up multiple VLANs without tag;

In practice, various connection methods are implemented according to the access, Trunk, and hybrid properties of the device ports. The application of port attributes is also far beyond the simple VLAN member interconnect, especially our division, with Port properties to implement some relatively complex functions, such as Isolated-user VLAN, multicast VLAN.

Principles of processing 3.3 Tag/untag messages

In order to understand the forwarding of the packets within the VLAN, it is necessary to know the tag/untag principle of the switch for different VLAN messages.

First of all, it is necessary to be clear that in the internal switch, for fast and efficient processing, the messages are tagged with tag forwarding. In fact, this is a good understanding, because the switch is likely to configure multiple VLANs, that different VLAN traffic is differentiated only by the tag tag.

The following is presented in two directions from the message entry and the message.

L message in direction:

In the direction, the fundamental task of the switch is to determine whether the message is allowed to enter the port, according to the Tag/untag attribute of the incoming message and the port attribute, subdivided into the following cases:

1) The message is UNTAG: Allow the message to enter the port, and hit the Pvid VLAN tag, regardless of the port properties;

2) The message is tag: In this case, the switch is required to determine whether the message is allowed to enter the port;

Øaccess Port: The Pvid and the VLAN in the message are consistent, receive and process the message, otherwise discarded.

Øtrunk/hybrid Port: If the port allows the VLAN indicated in tag to pass, the message is received and processed; otherwise discarded.

L Message Direction:

In the direction, the switch has completed the forwarding of the message, the fundamental task is to transfer the port, whether to carry tag forward, according to the Port properties, subdivided into the following cases:

1) Access port: The label is stripped off, without tag forwarding;

2) Trunk port: The message is located in the same VLAN and Pvid, then the message does not take tag;

3) Hybrid port: The VLAN of the message is configured as tag, then the message is tagged with tag;

The access port is responsible for receiving the terminal equipment, when it receives a frame, if the frame is not marked, it uses its own pvid to mark him, it emits a frame if the vid=pvid to remove the mark to ensure that the frame transmitted to the terminal device has not been changed, Pvid is a property on each port when the VLAN is partitioned, and by default the initial pvid of each port in the Cisco switch is 1, indicating that he is a member of Vlan1 if you divide the other VLAN for him then pvid corresponding changes to the Access port feature is Only traffic that complies with Pvid is allowed to pass. Trunk means that it is a relay link that allows various VLANs to pass through. Its rules and access, when you receive a tag without tag when you use their own pvid to mark him, when sending a frame if vid=pvid is removed pvid, unlike access, the trunk has a own intrinsic VLAN, Used to send some of the CDP,BPDU and other exchanges between the data or management traffic, the frame generated from the switch itself is not tagged when sent out, because the vid=pvid so that the mark is removed, and the peer receives the unmarked frame when it will use their own intrinsic VLAN information to tag him, Then view the Swap table if the destination address is found to be the same, remove the tag, if you find the destination MAC address is not yourself, continue to forward to the other trunk while removing the tag (because a switch has only one eigen VLAN all pvid= Vid minus mark) hybrid is a mixed mode of access and trunk that allows Vid=pvid. Hybrid, like a trunk, can carry packets of multiple VLANs on that port, typically for a link between a switch and a switch, or between a switch and a server. If the received packet does not have a VLAN, then the pvid is forwarded, and if the received packet has a VLAN, it is determined whether the port allows the VLAN to enter, or if it can be forwarded, otherwise discarded.

VLAN pvid vid access Port trunk port