11

Let's say we have a 4-port switch that is VLAN capable. 

1     2     3     4       

Port 1 is TAGGED to VLAN10` and `UNTAGGED to Default_VLAN(1)

Port 2 is UNTAGGED to VLAN10

Port 3 is UNTAGGED to VLAN10

For the sake of this question, we have a packet coming into Port 1 which is tagged with VID 10. Port 1 preserves the tag.

It just so happens the device it needs to send the packet to is connected to Port 2. Does the switch remove the VLAN 10 tag from the packet as it is sending the packet out of a port UNTAGGED to that VID?

Furthermore, let's say this was a ICMP packet, and the device on Port 2 sends the reply, which goes to Port 2 untagged, and becomes part of VLAN 10. Does it get TAGGED with VID 10 when it leaves Port 1 to its destination device because Port1 is TAGGED to that VID? (Let's also make a large assumption for the sake of the question the switch is doing the layer 3 IP routing).

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
PnP
  • 1,684
  • 8
  • 37
  • 65

3 Answers3

9

Switches strip or add tags depending on the port's settings. Your hypothetical packet tagged VLAN 10 ingressing on port 1 would have its tag stripped and when it egressed port 2 (or port 3, because both are untagged members of VLAN 10).

Similarly, when a packet ingresses port 2 it will be tagged VLAN 10 before egressing port 1, as per the second part of your question.

I know of at least one Ethernet switch implementation that tags frames on ingress on an untagged port, moves all frames around inside the switch as tagged frames. That particualr switch strips tags only when frames egress an untagged port.

I would assume that this type of behavior is probably fairly common, seeing as how the switch needs some way to keep track of the origin VLAN of frames as they move around inside the switch. Since I only know the low-level details of one (now very outdated and no longer manufactured) switch, though, I won't make sweeping generalizations that I can't back up.

Evan Anderson
  • 141,071
  • 19
  • 191
  • 328
5

A tag is only applied to a frame as the frame is carried across the medium between two network devices. The tag is added as it is sent out an interface and stripped when received by the second device.

The tag is only needed when received to identify where the traffic should be processed. It is not preserved while being processed (routed/switched) by the network device itself.

So to your examples/questions:

For the sake of this question, we have a packet coming into Port 1 which is tagged with VID 10. Port 1 preserves the tag.

It just so happens the device it needs to send the packet to is connected to Port 2. Does the switch remove the VLAN 10 tag from the packet as it is sending the packet out of a port UNTAGGED to that VID?

P1 does not preserve the tag. It is stripped when the frame is received, so when it forwards the frame out P2, there is no tag.

Further more, let's say this was a ICMP packet, and the device on Port 2 sends the reply, it goes to Port 2 untagged, becomes part of VLAN 10, does it get TAGGED with VID 10 when it leaves Port 1 to its destination device because Port1 is TAGGED to that VID? (Let's also make a large assumption for the sake of the question the switch is doing the layer 3 IP routing).

Since VLAN 10 is tagged on P1, then all traffic on VLAN 10 that egresses P1 will be tagged. Whether the switch is doing L3 or not has no bearing at all on the function of 802.1Q tagging.

YLearn
  • 1,237
  • 7
  • 17
3

It's simpler than you think, basically any packet hitting the switch in stripped of any tags and put on the right VLAN (unless it's tagged with a VLAN not carried by that port anyway).

So in your scenario a packet comes in on port 1 tagged with VLAN 10, is stripped of that tag and placed onto VLAN 10. The CAM table states that the destination MAC is on port 2 and the packet is sent up that port untagged. It's as simple as that.

As for your second question the packet would be tagged with VLAN 10 on the way out of port 1 yes.

Chopper3
  • 100,240
  • 9
  • 106
  • 238