Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Tag and Untag?

Tag and Untag? 12 years 2 months ago #4487

  • apit
  • apit's Avatar
  • Offline
  • Senior Member
  • Posts: 227
  • Karma: 0
when configuring switch port , i often make it untag for utp and tag for fiber but i don't really understand why should i do that.Just read from the books but not really understand the concept. Can expert out there give clear discription to me.tq
The administrator has disabled public write access.

Re: Tag and Untag? 12 years 2 months ago #4511

  • varun
  • varun's Avatar
  • Offline
  • New Member
  • Posts: 9
  • Karma: 0
Basically if you make UTP tagged, your switch will not accept untagged frames and drop them. There might be a case when someone just wants to send untagged frames (eg. broadcast messages). Therefore, the need to have untagged UTP.

Fibre is needed to be tagged because it almost always forms the backbone of a network and therefore we only need tagged frames to be transmitted from VLANs spread across multiple switches.

I hope this brief information has helped you in answering your query to a certain extent.
The administrator has disabled public write access.

Re: Tag and Untag? 12 years 2 months ago #4525

  • apit
  • apit's Avatar
  • Offline
  • Senior Member
  • Posts: 227
  • Karma: 0
so, that mean we MUST configure tag for fiber and untagged for utp..
we set fiber to tag because it always been use but utp not always in use; sp we set utp to untagged..
is that true?
what is the effect when we set fiber to untagged?
The administrator has disabled public write access.

Re: Tag and Untag? 12 years 2 months ago #4527

  • varun
  • varun's Avatar
  • Offline
  • New Member
  • Posts: 9
  • Karma: 0
ok lets consider the basics first ....

When you're referring to fibre, i believe that means a Gigabit (1000 Mbps) port (interface) that is the trunk port of Switch A that forms a tunnel (trunk) to the Gig port (again a trunk port) of Switch B and a tunnel (trunk) is established between these two ports of Switch A & B.

Suppose we have VLANs (port-based) 100 and 200 in Switch A and Switch B also has devices (attached to ports) that are members of VLANs 100 and 200 i.e. both VLANs 100 and 200 exist on both the Switches. Now, when Switch A receives a broadcast from a host in VLAN 100, it has to broadcast it to all the members of VLAN 100 i.e Switch A also has to forward the broadcast to Switch B since VLAN 100 also exists on Switch B.

Now, Switch A adds a VLAN tag (header) to the frame it received from the host in VLAN 100. Among other things, the VLAN tag has the VLAN number which identifies from which VLAN the frame originated. The frame is sent via the Gig port (tagged) of Switch A to the Gig port (tagged) of Switch B. The Gig ports on both the Switches are members of all the VLANs that exist on their respective Switches (this is manually configured by the network admin).

When Switch B receives the VLAN tagged frame from Switch A, it looks into the VLAN tag and sees that it's from VLAN 100 and switches the frame to all the ports that are members of VLAN 100 in Switch B. And similarly with frames coming from VLAN 200, Switch B, switches the frames to all the ports that are members of VLAN 200 in Switch B.

Now if the Gig port on Switch A was untagged, it would send out frames as untagged no matter from which VLAN in Switch A, the frames originated. It means that if the host on VLAN 100 sends a broadcast, it will be sent to Switch B as an untagged frame i.e. with no VLAN id and if the Gig port on Switch B is tagged, it will drop the incoming frame from Switch A since it's untagged (this depends on the Ingress filtering rules enabled for that port). If, however, the Gig port of Switch B is untagged, it receives the untagged frame from Switch A and assigns it a Port Vlan Id (PVID). PVID is the default VLAN ID set for a particular port. It is usually set to 1 in almost all switches. And so the frame will incorrectly be sent out to all the members of VLAN 1.

However if we assign the PVID on the Gig port of Switch B as 100. Then the untagged frames coming from Switch A will be assigned a PVID of 100 and sent out to all the ports that are members of VLAN 100. But what if the untagged frame came from VLAN 200 in Switch A?? Therefore, though not compulsory, it is HIGHLY advisable to always keep your Gig ports (trunk ports) as tagged.
The administrator has disabled public write access.

Re: Tag and Untag? 12 years 2 weeks ago #4981

  • apit
  • apit's Avatar
  • Offline
  • Senior Member
  • Posts: 227
  • Karma: 0
oic..
now i can understand..
what is the mening of trunk?
is it a tunnel?
The administrator has disabled public write access.

Re: Tag and Untag? 12 years 2 weeks ago #4999

  • sahirh
  • sahirh's Avatar
  • Offline
  • Honored Member
  • Posts: 1700
  • Karma: 0
www.firewall.cx/vlans-links.php
Should help you out
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
The administrator has disabled public write access.
Time to create page: 0.080 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup