852-1328
Configuration in the WBM
70
Product manual | Version: 1.2.0
Industrial Managed Switch
A Tagged VLAN uses an explicit tag (VLAN ID) in the MAC header to identify the VLAN
membership of a frame across Bridges; they are not confined to the switch on which they
were created. VLANs can be created statically (manually by users) or dynamically via the
GVRP (GARP VLAN Registration Protocol). The VLAN ID associates a frame with a spe-
cific VLAN and provides the information that switches need to process the frame across
the network. A tagged frame is four bytes longer than an untagged frame and contains
two bytes of TPID (Tag Protocol Identifier, residing within the type/length field of the ETH-
ERNET Frame) and two bytes of TCI (
T
ag
C
ontrol
I
nformation, starting after the source
address field of the ETHERNET Frame).
Forwarded Tagged and Untagged Frames
Each port on the switch is capable of forwarding tagged or untagged frames. To forward
a frame from an 802.1Q VLAN-aware switch to an 802.1Q VLAN-unaware switch, the
switch first decides where to forward the frame and then strips off the VLAN tag. To for-
ward a frame from an 802.1Q VLAN-unaware switch to an 802.1Q VLAN-aware switch,
the switch first decides where to forward the frame and then inserts a VLAN tag reflecting
the ingress port's default VID. The default PVID is VLAN 1 for all ports, but this can be
changed.
A broadcast frame (or a multicast frame for a multicast group that is known by the sys-
tem) is duplicated only on ports that are subscribers of the VID (except the ingress port it-
self), thus confining the broadcast to a specific domain.
Port-Based 802.1Q VLAN
As a subscriber of a port-based VLAN, the port is assigned to a specific VLAN indepen-
dent of the user or system attached to the port. This means all users attached to the port
should be subscribers of the same VLAN. The network administrator typically performs
the VLAN assignment. The port configuration is static and cannot be automatically
changed to another VLAN without manual reconfiguration.
Two roles can be assigned to a port in a Port-Based VLAN:
• Access port: A port that carries only traffic to and from the specific VLAN to which it is
assigned.
• Trunk port: A port that can carry traffic for one or all VLANs that a specific switch can
access.
As with other VLAN approaches, the packets forwarded using this method are not trans-
mitted to other VLAN domains or networks. After a port has been assigned to a VLAN,
the port cannot send to or receive from devices in another VLAN without the intervention
of a Layer 3 device.
The device that is attached to the port likely has no understanding that a VLAN exists.
The device simply knows that it is part of a subnet and that the device should be able to
talk to all other network subscribers by simply sending information via the cable connec-
tion. The switch is responsible for identifying that the information came from a specific
VLAN and for ensuring that the information gets to all other subscribers of the VLAN. The
switch is also responsible for ensuring that ports in a different VLAN do not receive the in-
formation.