Vlans spanning multiple switches – D-Link DES-3624 User Manual

Stackable NWay Ethernet Switch User’s Guide

Switch Management Concepts

37

Port

PVID

VID

Ports

Port 1

1

1

1,2,3,7

Port 2

1

Port 3

1

Port 7

3

3

1,2,3,7,11,1

2

Port 11

2

2

11,12,7

Port 12

2

Table 5-2. Example of possible VLAN assignments

The server attached to Port 7 is shared by VLAN 1 and VLAN 2 because Port 7 is a member of both VLANs (it
is listed as a member of VID 1 and 2). Since it can receive packets from both VLANs, all ports can successfully
send packets to it to be printed. Ports 1, 2 and 3 send these packets on VLAN 1 (their PVID=1), and Ports 11
and 11 send these packets on VLAN 2 (PVID=2). The third VLAN (PVID=3) is used by the server to transmit
files that had been requested on VLAN 1 or 2 back to the computers. All computers that use the server will
receive transmissions from it since they are all located on ports which are members of VLAN 3 (VID=3).

VLANs Spanning Multiple Switches

VLANs can span multiple switches as well as your entire network. Two considerations to keep in mind while
building VLANs of this sort are whether the switches are IEEE 802.1Q-compliant and whether VLAN packets
should be tagged or untagged.

Definitions of relevant terms are as follows:

♦

Tagging The act of putting 802.1Q VLAN information into the header of a packet. Ports with tagging

enabled will put the VID number, priority, and other VLAN information into all packets that flow into and
out it. If a packet has previously been tagged, the port will not alter the packet, thus keeping the VLAN
information intact. Tagging is used to send packets from one 802.1Q-compliant device to another.

♦

Untagging The act of stripping 802.1Q VLAN information out of the packet header. Ports with untagging

enabled will take all VLAN information out of all packets that flow into and out of a port. If the packet
doesn’t have a VLAN tag, the port will not alter the packet, thus keeping the packet free of VLAN
information. Untagging is used to send packets from an 802.1Q-compliant switch to a non-compliant
device.

♦

Ingress port A port on a switch where packets are flowing into the switch and VLAN decisions must be

made. Basically, the switch examines VLAN information in the packet header (if present) and decides
whether to forward the packet. If the packet is tagged with VLAN information, the ingress port will first
determine if the ingress port itself is a member of the tagged VLAN and can thus receive the packet (if the
Ingress Filter is enabled), and then it decides if the destination port is a member of the VLAN. Assuming
both ports are members of the tagged VLAN, the packet will be forwarded. If the packet doesn’t have
VLAN information in its header (is untagged), the ingress port first determines if the ingress port itself can
receive the packet (if the Ingress Filter is enabled), will tag it with its own PVID (if it defined as a tagging
port), and check to see if the destination port is on the same VLAN as its own PVID and can thus receive
the packet. If Ingress filtering is disabled and the destination port is a member of the VLAN used by the
ingress port, the packet will be forwarded. If the ingress port is an untagging port, it will only check the
filter condition--if the filter condition is enabled-- before forwarding the packet.

♦

Egress port A port on a switch where packets are flowing out of the switch, either to another switch or to

an end station, and tagging decisions must be made. If an egress port is connected to an 802.1Q-compliant
switch, tagging should be enabled so the other switch can take VLAN data into account when making
forwarding decisions. If an egress connection is to a non-compliant switch or end-station, tags should be
stripped so the (now normal Ethernet) packet can be read by the receiving device.