1. What is 802.1Q?
IEEE 802.1Q is the standard for VLAN tagging in Ethernet networks. It allows multiple VLANs to exist on a single physical network by inserting a VLAN tag in the Ethernet frame header. This tagging enables switches to distinguish between VLANs and forward traffic accordingly.
Key Features of 802.1Q:
- Adds a 4-byte VLAN tag to Ethernet frames.
- Supports up to 4094 VLANs (VLAN IDs 1-4094).
- Trunk links carry multiple VLANs between switches.
- Defines a Native VLAN (untagged traffic).
2. What is a Native VLAN?
A Native VLAN is the VLAN that carries untagged traffic on a trunk port. Any frame received without a VLAN tag is assumed to belong to the Native VLAN of that trunk.
By default, VLAN 1 is the Native VLAN on most switches, but best practice is to change it to another VLAN for security reasons.
Example Configuration (Changing the Native VLAN):
bashCopyEditinterface GigabitEthernet0/1
switchport mode trunk
switchport trunk native vlan 99
exit
π This sets VLAN 99 as the Native VLAN for trunk port GigabitEthernet0/1.
3. What is an Allowed VLAN?
An Allowed VLAN is a VLAN that is explicitly permitted on a trunk link. By default, all VLANs are allowed on a trunk, but administrators can restrict the VLANs allowed on a specific trunk port to enhance security and reduce unnecessary traffic.
Example Configuration (Restricting Allowed VLANs on a Trunk Port):
bashCopyEditinterface GigabitEthernet0/2
switchport mode trunk
switchport trunk allowed vlan 10,20,30
exit
π This command allows only VLANs 10, 20, and 30 on trunk port GigabitEthernet0/2.
Summary of Key Concepts
| Concept | Description |
|---|---|
| 802.1Q | Standard for VLAN tagging on Ethernet frames. |
| Native VLAN | The VLAN for untagged traffic on a trunk port (default is VLAN 1). |
| Allowed VLANs | VLANs that are explicitly permitted on a trunk link. |
The Lazy Networker 
Leave a comment