In VLAN (Virtual Local Area Network) switch configuration, "tagged" and "untagged" are terms used to describe how VLAN traffic is handled on switch ports. Here are the key differences:
Untagged
Definition: An untagged port is a port that belongs to a single VLAN and does not include a VLAN tag in the Ethernet frames.
Use Case: Used to connect end devices (like PCs, printers, etc.) that do not understand VLAN tagging.
Behavior: Frames sent from an untagged port are not marked with a VLAN tag. When a frame is received on an untagged port, it is assumed to belong to the VLAN assigned to that port.
Example: If port 1 is untagged in VLAN 10, any device connected to port 1 sends and receives traffic as if it is on VLAN 10, but without any VLAN tags in the Ethernet frames.
Tagged
Definition: A tagged port is a port that can carry traffic for multiple VLANs, and it includes VLAN tags in the Ethernet frames to indicate which VLAN the traffic belongs to.
Use Case: Used for connections between switches (trunk links) or between a switch and a device that understands VLAN tags (like a server or a router).
Behavior: Frames sent from a tagged port include a VLAN tag in the Ethernet frame header. When a frame is received on a tagged port, the switch uses the VLAN tag to determine which VLAN the frame belongs to.
Example: If port 2 is tagged for VLANs 10 and 20, it can carry traffic for both VLANs. Frames will have VLAN tags indicating whether they belong to VLAN 10 or VLAN 20.
Practical Example:
Untagged Port (Access Port):
Tagged Port (Trunk Port):
Key Points:
By understanding these concepts, network administrators can design and configure their VLAN setups to ensure proper traffic segregation and management.
Post a Comment