Solved: Vlans and 802.1q

pcromwell · ‎12-21-2008

I would like to understand the flow of frames through a switch when using vlans.

1. Are the frames tagged with VLan I.D everytime they arrive at the port from the attached end device and before being processed/forwarded by the switch?

Or are the frames only ever tagged if they are to be forwarded to a 802.1Q device such as a trunk port to another switch or IP Phone?

2. I thought the switch uses a forwarding decision based on Dest Mac address. How does the vlan tag help in a forwarding decision?

Is it only ever used in the case of a broadcast packet?

Giuseppe Larosa · ‎12-22-2008

Hello Paul,

when a switch knows out which port a MAC address X is it will forward the frame with destination MAC address X out it.

This doesn't change if the vlan extends over multiple switches:

the outgoing interface becomes an uplink or trunk port.

A switch knows how to send traffic with a destination that has spoken in the last 300 seconds (default aging time).

If a frame has an unknown unicast destination Y it is treated like a broadcast: sent out all ports in vlan

As soon as that Y MAC address starts to talk again the association MAC Y, vlan id, port is made and frames are processed as unicast traffic.

You could recognize a switch uplink because multiple MAC addresses are associated with the port (if the vlan spans over multiple switches)

This MAC filtering capability is one of the greatest advantages of LAN switches over simple signal repeaters like hubs: they save bandwidth making each collision domain confined at each switch port

Hope to help

Giuseppe

View solution in original post

Giuseppe Larosa · ‎12-21-2008

Hello Paul,

1) frames are tagged when necessary: in/out on trunk ports.

Access ports are associated to a single vlan-id that is information is used in forwarding

2) in the CAM three informations are placed for each entry: MAC address, switch port, Vlan-id the addresses are learned from traffic by looking at source address of frames

This allows for example to use the same MAC address in different Vlans without causing problems

So the vlan information is always used

Hope to help

Giuseppe

pcromwell · ‎12-21-2008

Many thanks for your reply, so if you have 2 ports on the same switch that are in the same vlan, the switch would base its forwarding decision on MAC address and would chaeck it has the same VLAN I. No other frames are sent to the other devices in the same VLAN?

If the frame was destined for the same VLan but on another switch, then I guess the same flow and decision is taken.

Giuseppe Larosa · ‎12-22-2008

Hello Paul,

when a switch knows out which port a MAC address X is it will forward the frame with destination MAC address X out it.

This doesn't change if the vlan extends over multiple switches:

the outgoing interface becomes an uplink or trunk port.

A switch knows how to send traffic with a destination that has spoken in the last 300 seconds (default aging time).

If a frame has an unknown unicast destination Y it is treated like a broadcast: sent out all ports in vlan

As soon as that Y MAC address starts to talk again the association MAC Y, vlan id, port is made and frames are processed as unicast traffic.

You could recognize a switch uplink because multiple MAC addresses are associated with the port (if the vlan spans over multiple switches)

This MAC filtering capability is one of the greatest advantages of LAN switches over simple signal repeaters like hubs: they save bandwidth making each collision domain confined at each switch port

Hope to help

Giuseppe