Assigning Ports to vLANs
Before enabling vLANs for the switch, you must first assign each port to the vLAN groups in which it will participate. By default, all ports are assigned to vLAN 1 as untagged ports. You should add a tagged port (a port attached to a vLAN-aware device) if you want it to carry traffic for one or more vLANs and the device at the other end of the link also supports vLANs. Assign the port at the other end of the link to the same vLANs. However, if you want a port on this switch to participate in one or more vLANs and the device at the other end of the link does not support vLANs, you must add an untagged port (a port attached to a vLAN-unaware device).
Port-based vLANs are tied to specific ports. The switch's forwarding determination is based on the destination MAC address and its associated port. Therefore, to make valid forwarding and flooding decisions, the switch learns the relationship of the MAC address to its related port (and to the vLAN) at run-time.
Think of it this way - untagged port is when you have an end device that doesn't know what tagging is, but you still need to assign it to a particular vLAN. Basically, you're telling the switch that "All traffic in from this port that doesn't explicitly have a tag will get tagged with this vLAN ID"
If your switches understand vLANs, then you would tag the ports between them. You tell the switch that traffic with these vLAN tags is allowed to pass.
For inter vLAN routing you need to either go through your router, or enable routing in your switches. You need to explicitly allow this, otherwise you can't reach one vLAN from another
"Trunk" ports are those between switches or a switch and a device like an access point or firewall, where you could need more than one vLAN to pass.
No comments:
Post a Comment