understanding vlan

vlan

Solution 1:

1) Yes, when it's connected to a trunk port, and no when it's connected to an access port. Access port is a "normal" port, so it's meant for untagged traffic to go through. Trunk port is for tagged traffic, and usually acts as an "uplink". It is also possible to send untagged data via trunk port, and it will be trated as "default vlan" data.

2) In a "normal" setup, the switches do the tagging. So the PC sends an untagged packet, and the switch adds the tag. But since you usually have the router connected to a trunk port, the router has to do the tagging too. But end-user pc's (connected to access ports) only use untagged traffic. Also some servers are connected to trunk ports, and send tagged packets (usually virtualization servers, or simmilar)

3) Access port is meant for end-devices. For example, you set the port to vlan100, and connect a pc. Computer sends a packet to the switch, and the switch knows the port is in vlan100, and tags the packet accordingly, and sends it where needed. When a packet is going to the pc, the switch knows it's an access port, and strips the vlan tag from the packet.

Solution 2:

1.) An access port by definition has no tags applied to packets. Trunk ports have tags. If your laptop is connected to a trunk port then it will be able to see packets with VLAN tags applied.

2.) Under normal circumstances the switch does the tagging.

3.) Again, definition of access port = no VLAN tagging, definition of trunk port = VLAN tagging present. The idea is that the switch will apply a VLAN tag on ingress based on its configuration (i.e. port x/y is on VLAN 5). The tagged frame is then switched according to that tag - potentially across trunks. When it arrives at its destination the egress port strips the tag off. The hosts on the VLAN simply see a common broadcast domain.

It is reasonably common that certain servers (especially virtualization servers) can be configured to apply and strip VLAN tags, effectively giving them the ability to run a larger number of virtual interfaces on top of a single physical NIC.

Solution 3:

  1. while your laptop is unlikely to have an interface that will do vlan tagging, some servers can. vlan tagging just adding some info to the ethernet frame so presumably you can do it with programming, but usually it is done by switches to send them through trunk lines where frames from all vlans are mixed together.

  2. yes, generally switches, but other devices can do tagging as well.

  3. the end devices should only see untagged ethernet frames, as the vlan tags are stripped before handing it to the end devices, unless the end devices have interfaces that does the stripping.

Related

Can disk space be the reason for a server crash?
Clients didn't switch to secondary DNS server during fail over
Internal LTO tape drive becomes hot
websockets , loadbalancers and 64k ports
Vagrant / puppet workflow
Sendmail doesn't work with iptables, even though smtp and dns are allowed
Is it possible to clear the Pager field in AD users & computer using a command?
Free/Cheap Exchange backup option?
NTFS: Deny all permissions for all files, except where explicitly added
Making alarm in disk space using cloudwatch
500 oops bad bool value in config file for anonymous_enable
I don't understand how these recursive calls could finish