CHAPTER 10: VLAN VLAN
MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH – INSTRUCTION MANUAL 10–3
10.1.2 Tag VLAN vs. Port VLAN
What is the difference between tag and port VLAN? In a nutshell - port VLAN sets a specific
port or group of ports to belong to a VLAN. Port VLANs do not look for VLAN identifier (VID)
information nor does it manipulate the VID information. It thus works “transparently” and
propagates the VLAN information along.
In the tag VLAN, an identifier called the VLAN identifier (VID) is either inserted or
manipulated. This manipulated VLAN tag allows VLAN information to be propagated
across devices or switches, allowing VLAN information to span multiple switches.
As described earlier, VLAN is an administratively configured LAN or broadcast domain.
Instead of going to the wiring closet to move a cable to a different LAN segment, the same
task can be accomplished remotely by configuring a port on an 802.1Q-compliant switch
to belong to a different VLAN. The ability to move end stations to different broadcast
domains by setting membership profiles for each port on centrally managed switches is
one of the main advantages of 802.1Q VLANs.
802.1Q VLANs aren't limited to one switch. VLANs can span many switches. Sharing VLANs
between switches is achieved by inserting a tag with a VLAN identifier (VID) into each
frame. A VID must be assigned for each VLAN. By assigning the same VID to VLANs on
many switches, one or more VLAN (broadcast domain) can be extended across a large
network.
802.1Q-compliant switch ports, such as those on the MultiLink family of switches, can be
configured to transmit tagged or untagged frames. A tag field containing VLAN
information can be inserted into an Ethernet frame. If a port has an 802.1Q-compliant
device attached (such as another switch), these tagged frames can carry VLAN
membership information between switches, thus letting a VLAN span multiple switches.
Normally connections between switches can carry multiple VLAN information and this is
call port trunking or 802.1Q trunks.
There is one important caveat: administrators must ensure ports with non-802.1Q-
compliant devices attached are configured to transmit untagged frames. Many network
interface cards such as those for PCs printers and other “dumb” switches are not 802.1Q-
compliant. If they receive a tagged frame, they will not understand the VLAN tag and will
drop the frame. In situations like these, its best to use port based VLANs for connecting to
these devices.
Sometimes a port may want to listen to broadcasts across different VLANs or propagate
the VLAN information on to other ports. This port must thus belong to multiple VLANs so
that the broadcast information reaches the port accurately. If the port also wants to send
broadcast traffic, the proper leave (sending out of information) and join rules (receiving
information) have to be configured on the MultiLink family of switches.
It is recommended to use IEEE 802.1q tagged based VLANs over port based VLANs
because of there multi-vendor interoperability and capability of carrying the isolated
tagged VLAN information when more than one switch is involved.