Three modes of VLAN Access, Trunk, Hybrid

By Hybrid

  1. The tag message structure is added after the source mac address and destination mac address With 4bytes of vlan information, ordinary PC network cards cannot recognize it.

  2. Access ports belong to only one VLAN, and are generally used to connect to computer ports.

  3. Trunk type ports can be used for multi-VLAN communication.

  4. Hybrid type ports allow multiple VLANs to pass through, can receive and send multiple VLAN packets, and can be used for the connection between the switch and the switch, and can also be used for the connection between the switch and the computer.

  5. Hybrid port and trunk port process data packets in the same way. The only difference is that when sending data packets, the hybrid port can allow data packets of multiple VLANs to be sent without tags, while the truck port only allows data packets of the default vlan (native vlan or default vlan) to be sent without tags.

  6. The Access port belongs to only one vlan, so its default VLAN is the VLAN where it is located, and there is no need to set it. Hybrid port and trunk port belong to multiple VLANs, so you need to set the default VLAN. By default, their default VLAN is VLAN 1.

  7. Save VLAN ID, when the port receives a data packet without a VLAN tag, it will forward the data packet to the switch port where the default VLAN is located; when the port sends a data packet with a VLAN tag, if the VLAN ID of the data packet is Same as the default VLAN of the port, the switch will remove the VLAN tag carried in the data packet, and then forward it to the port.

  8. The default VLAN of Huawei switches is called PVID, and Cisco switches are called Native VLAN.

  9. Switch port processing The process of entering and leaving data packets is as follows:

  • Access port receiving data packets:

    When receiving a data packet, judge whether there is VLAN information, if not, mark the Native VLAN ID of the port, and exchange and forward.

    Someone asked: What if there is VLAN information? Under normal circumstances, you should not connect the access port to another port with VLAN, because access is originally designed to connect to a normal computer, and the network card of a normal computer sends data packets without VLAN. If it is connected to the trunk port of the opposite end due to a configuration error, or the network cards of some computers can already send and receive packets with VLAN tags, in these two cases, my understanding is that if the data sent from the trunk port is VLAN If the ID is the same as the native vlan of the Access port, the switch forwards the data packet. If the VLAN ID of the data packet sent from the trunk port is different from the native VLAN of the access port, the switch discards the data packet.

  • Access port sends data packets:

    The VLAN information of the data packet is stripped and sent directly.

  • Trunk port to receive packets:

    When a data packet is received, it is judged whether there is VLAN information, if not, it will be marked with the Native VLAN ID of the port, and then exchanged and forwarded.

    If there is VLAN information, it is judged whether the trunk port allows the data packet of this VLAN to enter, if it is allowed, it will be forwarded, otherwise it will be discarded.

  • Trunk port sends data packets:

    Compare the native VLAN of the port with the VLAN information of the sending data packet, if the two are equal, strip the VLAN information, and then send. If they are not equal, send directly.

  • Hybrid port receives data packets:

    When a data packet is received, it is judged whether there is VLAN information, if not, it will be marked with the Native VLAN ID of the port, and then exchanged and forwarded.

    If there is VLAN information, it is judged whether the hybrid port allows the data packet of the VLAN to enter, if it is allowed, it will be forwarded, otherwise it will be discarded.

  • Hybrid port sends data packets:

    Judging the attributes of the VLAN configured on this port, if the attribute is untag, strip off the VLAN tag and forward. If the attribute is tag, it will be sent directly.

One thing must be clear, that is, when processing data packets inside the switch, all data packets It must have been tagged with the VLAN tag. Knowing this, the specific process of the switch processing VLAN is easy to understand.

Example 1:

Two switches, one port is configured with trunk, native vlan is 100, and the other is port Configure access, native vlan as the default 1.

Q: Can the PCs connected to the two switches communicate with each other? Is it hairy?

, , , , ,

Leave a Comment

Your email address will not be published.