I. Concept
1, Trunk port, the trunk port can transmit multiple VLANs at the same time Packets are generally used for links between switches.
2, Hybrid port. The Hybrid port can transmit multiple VLAN packets at the same time, which is generally used for the link between the switches or the link between the switch and the server.
3, Access port, Access port can only belong to one VLAN, and is generally used to connect to a computer port.
4, Tag and Untag, tag refers to the tag of the vlan, that is, the id of the vlan, used to name the vlan that the data packet belongs to, and untag means that the data packet does not belong to any vlan and has no vlan tag. untagis ordinary ethernet message, ordinary PC The network card can recognize such messages for communication;tag The change of message structure is the addition of 4bytes of vlan information after the source mac address and destination mac address, which is the vlan tag header; Generally, said that such messages cannot be recognized by the network card of ordinary PCs.
5、 pvid, which is the port vlan id number , Is the vlan id setting of the untagged port. When the untagged data packet enters the switch, the switch will check the vlan setting and decide whether to forward it. When an ip packet enters the switch port, if there is no tag header, and pvid is configured on the port, then the data packet will be marked with the corresponding tag header! If the incoming ip packet already has a tag header (vlan data), then the switch will generally not add a tag header, even if the port is configured with a pvid number; when an unmarked data packet enters the switch.
6、default VLAN
Access port belongs to only one VLAN, so its default VLAN It is the VLAN it is in, no need to set.
Hybrid port and Trunk port belong to multiple VLANs, so need Set the default VLAN ID. By default, the default VLAN of Hybrid port and Trunk port is VLAN1.
If the default VLAN ID of the port is set, when the port receives a message without a VLAN tag, it will forward the message to the port belonging to the default VLAN; when the port sends a message with a VLAN tag If the VLAN ID of the message is the same as the default VLAN ID of the port, the system will remove the VLAN Tag of the message, and then send the message.
Note: The default VLAN for Huawei switches is called “Pvid Vlan”, and for Cisco switches, the default VLAN is called It is “Native Vlan”.
Two. Tag and Untag of the port
If a port is designated as an untagged port in the vlan setting, all data packets forwarded from this port None are untagged. If a tagged packet enters the switch, the tag will be removed when it passes through an untagged port. Because many devices currently do not support marked data packets, and they cannot recognize marked data packets, therefore, the port connected to it needs to be set as non-marked.
If a port is designated as a tagged port in the VLAN settings, all packets forwarded from this port will have a tag ( tagged). If an untagged packet enters the switch, the tag will be added when it passes through the tagged port. At this time, it will use the pvid setting on the ingress port as the vlan id number in the added tag.
3. Port encapsulation type: ISL, 802.1Q
All packages on ISL Trunk are tagged (Cisco< /strong>Special);
802.1q In the design of span>, in order to be compatible with the mixed deployment of switches that do not support VLAN, it is specially designed to not be tagged: but only one VLAN is allowed to not tag, so that N VLANs, (N-1) are all tagged, Untagged packets must come from that special VLAN, so they won’t be messy. (Of course, all VLANs can be tagged).
< /span>
Four. The difference between receiving and sending data on each port
Port type |
Transceiver< /p> |
Description |
Access |
Receive messages |
Determine whether there is VLAN information: If not, add the PVID of the port Discard (default) |
Send report Text |
Strip the VLAN information of the message and send it directly |
|
< p align="center">Trunk |
Receive message |
Receive a message, Judge whether there is VLAN information: if not, add the PVID of the port, and exchange and forward, If there is judge whether the trunk port allows the data of the VLAN to enter: if it is possible, forward it, otherwise discard it > |
Send message |
Compare the PVID of the port with the message to be sent VLAN information, stripped if the two are equal Leave the VLAN information and send it again. If not equal, send it directly |
|
Hybrid |
Receive a message |
Determine whether there is VLAN information after receiving a message: if If not, type the PVID of the port and perform exchange and forwarding. If there is, determine whether the hybrid port allows the data of the VLAN to enter: forward if possible, otherwise discard it |
Send message |
Determine the attributes of the VLAN on this port (disp interface can see the Which VLANs are untagged by the port, Which VLANs are tags) If it is untagged, strip off the VLAN information and send it again, if it is tag, send it directly |
Case: Hybrid port mode of Huawei switch:
[Switch-Ethernet0/1]inte0/1
[Switch-Ethernet0/1]portlink-type hybrid
[Switch-Ethernet0/1]porthybrid pvid vlan 10
[Switch-Eth ernet0/1]porthybrid vlan 10 20 untagged
[Switch-Ethernet0/1] inte0/2
[Switch-Ethernet0/2]portlink-type hybrid
[Switch-Ethernet0/2]porthybrid pvid vlan 20
[Switch-Ethernet0/2]porthybrid vlan 10 20 untagged
At this time, the connected PCs under inter e0/1 and inter e0/2 can communicate with each other, but the round-trip vlan of data is different during the inter-communication.
Use the connected pc1 under inter e0/1 to access all under inter e0/2 Take the connected pc2 as an example to explain:
Data sent by pc1:< /p>
1,located by inter e0/1 The pvid vlan10 encapsulates the vlan10 tag and sends it to the switch
2, the switch finds inter e0/2 Allow vlan 10 data to pass, so the data is forwarded to inter e0/2
3, Since vlan 10 on inter e0/2 is untagged, the switch removes the vlan10 mark on the data packet at this time and sends it to pc2 in the form of a normal packet
At this time pc1->p2 is going to vlan10
The process of pc2 returning packages to pc1:
1, the data sent by pc2 , The pvid vlan20 where inter0/2 is located encapsulates the vlan20 mark and then sends it to the switch,
2 , The switch found that inter e0/1 allows vla The data of n 20 passes, so the data is forwarded to inter e0/1,
3, Because vlan 20 on inter e0/1 is untagged, the switch removes the vlan20 mark on the data packet at this time and sends it to pc1 in the form of a normal packet
At this time pc2->pc1 is going to vlan20