Cisco Support Community
Community Member

how vlan work?

i have some confusion in my network environment, as i previously understanding was, access port allow only 1 vlan. 


but, in my situation, i got 2 switch, sw-01 and sw-02 connect directly, using access mode, configuration goes like this, 

sw-02#sh run int fa0/12

Building configuration...


Current configuration : 128 bytes


interface FastEthernet0/12

 description ## to m cloud##

 switchport access vlan 104

 switchport mode access

 duplex full





sw-01#sh run int gi0/39

Load for five secs: 7%/0%; one minute: 7%; five minutes: 6%

Time source is NTP, 02:36:29.334 UTC Tue Sep 9 2014


Building configuration...


Current configuration : 88 bytes


interface GigabitEthernet0/39

 switchport access vlan 50

 switchport mode access



even though, both end carry different vlan, they could communicate well between another end, even on diff vlan, i'm confuse.

anyone care to explain?


thanks a lot. 

Cisco Employee

This below might help:We

This below might help:

We should always use the terminology of network and subnet properly. When we talk about networks we should always remember it is a classful either /8, /16, or /24 ex: ; ;


And for the subnets it means a major network is divided into smaller networks.

Example: Network:



                      and so on...


So to answer your question, I think you cannot configure two switches with different vlan within same subnet because it will overlap other vlan or the ip address that was already configured.


I made and example for this situation, you can create different vlans in both switches and still communicate if they are in the same vlans. For example in switch1 have vlan 10, 20 and 30 same as in the switch2  and pc1( can ping with pc2 in switch2 ( because both are in the same vlan. In switch1 there are 2 pc in vlan 30 and they ping each other together with the laptop in switch2 (



I hope this will help you understand.

Cisco Employee

Simple way:If the link

Simple way:

If the link between the switches is access link it will work


PC1--------(Vlan 10)-SW1-(Vlan 10)-------Accesslink---------------(Vlan 100)--SW2--(Vlan 100)------------PC2



Think both  the ports on SW1 are in Vlan 10 and all the ports on SW2 are in VLAN  100, and PC1 and PC2 are in same subnet, they can communicate each other



Cisco Employee

Some more information on this

Some more information on this:

Vlan is a single broadcast domain.

But your understanding is correct you cant ping the networks between the vlan if you dont have the layer 3 device.

But understand the reason suggested above only this is the way it will work else the other option would be that if the vlans 10 and vlan 100 of other side is in native vlan configured then it will again works.


When it would not work:


PC1--Vlan 10--Sw1======Trunk Port========Sw2---Vlan 20--PC2

Above diagram though you have the same network confiugred on PC's still you wont be able to ping each other.

Ping only works when you configured the switches interconnect links to be part of respective access vlan port or native vlan for that respective vlan configuration.





Community Member

tq, now i undesrtand well.. :

tq, now i undesrtand well.. :)

Cisco Employee

Hi, VLAN matters when frame



VLAN matters when frame enters to switch and this is to limit the broadcast scope on that switch for frame coming on particular vlan. To retain information of vlan, if frame goes out of a trunk, switch tags the frame with that particular vlan. But when frame goes out an access port (vlan A), it goes untagged and other switch receives the untagged packet. For the other switch frame is part of that clan only (vlan B).


—Pls don’t forget to rate helpful posts—



Community Member

tq.. i understand well now..

tq.. i understand well now.. untagged is the key point...

highly appreciate

Community Member

hi akash, in my situation, on

hi akash,


in my situation, on this connecting link, only vlan 10 and 20 traffic reside on this link (untagged packet), am i correct?


Community Member

Hi Tin,In your case , 50 and

Hi Tin,

In your case , 50 and 104 tagged traffic will flow between Sw-01 and Sw-02

Suppose Packet-A flow from Sw-02 to Sw-01

 Sw-02 port @ fe0/12 only accept   104 tagged packet-A  and send untagged traffic towards Sw-01 port @ Gi 0/39

And Sw-01 port @ Gi 0/39  will tag 50 to this packet-A and forward it to Vlan 50 tagged (Access or trunk ) port


and Vice versa for Sw-01 to Sw-02

Community Member

This type of desigh is used

This type of desigh is used for P2P connectvity through switch

Community Member

mistakenly quote vlan 10 and

mistakenly quote vlan 10 and 20, :P


ok understood, tq 

CreatePlease to create content