142
Configuring port-based VLANs
Introduction
Port-based VLANs group VLAN members by port. A port forwards packets from a VLAN only after it
is assigned to the VLAN.
Port link type
You can set the link type of a port to access, trunk, or hybrid. The port link type determines whether
the port can be assigned to multiple VLANs. The link types use the following VLAN tag handling
methods:
•
Access
—An access port can forward packets only from one VLAN and send these packets
untagged. An access port is typically used in the following conditions:
{
Connecting to a terminal device that does not support VLAN packets.
{
In scenarios that do not distinguish VLANs.
•
Trunk
—A trunk port can forward packets from multiple VLANs. Except packets from the port
VLAN ID (PVID), packets sent out of a trunk port are VLAN-tagged. Ports connecting network
devices are typically configured as trunk ports.
•
Hybrid
—A hybrid port can forward packets from multiple VLANs. The tagging status of the
packets forwarded by a hybrid port depends on the port configuration. In one-to-two VLAN
mapping, hybrid ports are used to remove SVLAN tags for downlink traffic. For more
information about one-to-two VLAN mapping, see "Configuring VLAN mapping."
PVID
The PVID identifies the default VLAN of a port. Untagged packets received on a port are considered
as the packets from the port PVID.
When you set the PVID for a port, follow these restrictions and guidelines:
•
An access port can join only one VLAN. The VLAN to which the access port belongs is the PVID
of the port.
•
A trunk or hybrid port supports multiple VLANs and the PVID configuration.
•
When you use the
undo vlan
command to delete the PVID of a port, either of the following
events occurs depending on the port link type:
{
For an access port, the PVID of the port changes to VLAN 1.
{
For a hybrid or trunk port, the PVID setting of the port does not change.
You can use a nonexistent VLAN as the PVID for a hybrid or trunk port, but not for an access
port.
•
As a best practice, set the same PVID for a local port and its peer.
•
To prevent a port from dropping untagged packets or PVID-tagged packets, assign the port to
its PVID.
How ports of different link types handle frames
Actions Access
Trunk
Hybrid
In the inbound
direction for an
untagged frame
Tags the frame with the
PVID tag.
•
If the PVID is permitted on the port, tags the frame with
the PVID tag.
•
If not, drops the frame.
In the inbound
direction for a
tagged frame
•
Receives
the
frame if its VLAN
ID is the same as
the PVID.
•
Drops the frame if
•
Receives the frame if its VLAN is permitted on the port.
•
Drops the frame if its VLAN is not permitted on the port.