Filter
Top Products
Stackable NWay Ethernet Switch User’s Guide
Switch Management Concepts 37
Port PVID VID Ports
Port 1 1 1 1,2,3,7
Port 2 1
Port 3 1
Port 7 3 3 1,2,3,7,11,1
2
Port 11 2 2 11,12,7
Port 12 2
Table 5-2. Example of possible VLAN assignments
The server attached to Port 7 is shared by VLAN 1 and VLAN 2 because Port 7 is a member of both VLANs (it
is listed as a member of VID 1 and 2). Since it can receive packets from both VLANs, all ports can successfully
send packets to it to be printed. Ports 1, 2 and 3 send these packets on VLAN 1 (their PVID=1), and Ports 11
and 11 send these packets on VLAN 2 (PVID=2). The third VLAN (PVID=3) is used by the server to transmit
files that had been requested on VLAN 1 or 2 back to the computers. All computers that use the server will
receive transmissions from it since they are all located on ports which are members of VLAN 3 (VID=3).
VLANs Spanning Multiple Switches
VLANs can span multiple switches as well as your entire network. Two considerations to keep in mind while
building VLANs of this sort are whether the switches are IEEE 802.1Q-compliant and whether VLAN packets
should be tagged or untagged.
Definitions of relevant terms are as follows:
♦
Tagging
The act of putting 802.1Q VLAN information into the header of a packet. Ports with tagging
enabled will put the VID number, priority, and other VLAN information into all packets that flow into and
out it. If a packet has previously been tagged, the port will not alter the packet, thus keeping the VLAN
information intact. Tagging is used to send packets from one 802.1Q-compliant device to another.
♦
Untagging
The act of stripping 802.1Q VLAN information out of the packet header. Ports with untagging
enabled will take all VLAN information out of all packets that flow into and out of a port. If the packet
doesn’t have a VLAN tag, the port will not alter the packet, thus keeping the packet free of VLAN
information. Untagging is used to send packets from an 802.1Q-compliant switch to a non-compliant
device.
♦
Ingress port
A port on a switch where packets are flowing into the switch and VLAN decisions must be
made. Basically, the switch examines VLAN information in the packet header (if present) and decides
whether to forward the packet. If the packet is tagged with VLAN information, the ingress port will first
determine if the ingress port itself is a member of the tagged VLAN and can thus receive the packet (if the
Ingress Filter is enabled), and then it decides if the destination port is a member of the VLAN. Assuming
both ports are members of the tagged VLAN, the packet will be forwarded. If the packet doesn’t have
VLAN information in its header (is untagged), the ingress port first determines if the ingress port itself can
receive the packet (if the Ingress Filter is enabled), will tag it with its own PVID (if it defined as a tagging
port), and check to see if the destination port is on the same VLAN as its own PVID and can thus receive
the packet. If Ingress filtering is disabled and the destination port is a member of the VLAN used by the
ingress port, the packet will be forwarded. If the ingress port is an untagging port, it will only check the
filter condition--if the filter condition is enabled-- before forwarding the packet.
♦
Egress port
A port on a switch where packets are flowing out of the switch, either to another switch or to
an end station, and tagging decisions must be made. If an egress port is connected to an 802.1Q-compliant
switch, tagging should be enabled so the other switch can take VLAN data into account when making
forwarding decisions. If an egress connection is to a non-compliant switch or end-station, tags should be
stripped so the (now normal Ethernet) packet can be read by the receiving device.