93
2. When a
tagged
frame is received, the
VID
in the frame tag is used.
When Ingress Filtering is
“Enabled”, the Managed Switch will first determine,
1. If the
ingress
port itself is a member of the frame VLAN, it will receive the frame.
2. If the
ingress
port is not a member of the frame VLAN, the frame will be dropped.
3. If it is a member of that VLAN, the Managed Switch then checks its address table to
see whether the destination port is a member of the same VLAN. Assuming both
ports are members of that VLAN, the frame will be forwarded.
Administrators should make sure that each port
‟s
PVID
is set up; otherwise, incoming
frames may be dropped if
Ingress Filtering
is enabled. On the other hand, when Ingress
Filtering is disabled, the Managed Switch will not compare the incoming frame
VID
with the
ingress
port VLAN membership. It will only check its address table to see whether the
destination VLAN exists.
1. If the VLAN is unknown, it will be broadcasted.
2. If the VLAN and the destination MAC address are known, the frame will be
forwarded.
3. If the VLAN is known and the destination MAC address is unknown, the frame will
be flooded to all ports in the VLAN.
Tagging
Every port on an 802.1Q compliant switch can be configured as tagging or un-tagging
.
Ports with taggings Enable will put the VID number, priority and other VLAN information into
the header of all packets that flow into and out of it. If a packet has been tagged previously,
the port will not alter the packet and keep the VLAN information intact. The VLAN
information in the tag can then be used by other 802.1Q compliant devices on the network
to make packet forwarding decisions.
Un-tagging
Ports with un-taggings Enable will strip the 802.1Q tag from all packets that flow into and out
of those ports. If the packet does not have an 802.1Q VLAN tag, the port will not alter the
packet. Thus, all packets received by and forwarded by an un-tagging port will have no
802.1Q VLAN information. (Remember that the PVID is only used internally within the
switch). Un-tagging is used to send packets from an 802.1Q-compliant network device to a
non-compliant network device. Simply put, un-tagging means that once you set up the port
as “
U
” (untagged), all egress packets (in the same VLAN group) from the port will have no
tags.
VLAN-Aware
Packets that are tagged (carrying the 802.1Q VID information) can be transmitted from one
802.1Q compliant network device to another one with the VLAN information intact. This
allows 802.1Q VLANs to span network devices (and indeed, the entire network, if all
network devices are 802.1Q compliant).