How does 802.1q work

In simple terms, VLAN segregates traffic within a network. Native ports accept traffic from a single VLAN and are used to link end devices like routers, servers, terminals etc. They do not need to accommodate an additional identification tag as they are involved in exchanging traffic with a single end device.

Hence the name, untagged ports. They are also referred to as access ports. Trunk ports are used to pass traffic from multiple VLANs and are used to link switches. In order to distinguish between frames from different VLANs, trunk ports add identification tags to the frames. Hence the name, tagged ports. A trunk is a point-to-point link between two network devices that carry more than one VLAN. Note that native VLANs transport untagged frames.

However, when these untagged frames reach a trunk end, they need to be tagged to make sure the switch on the other side of the trunk can forward the frames to the right destinations. As a result, the switches with trunk ports add tags to the frames for identification - a process typically known as VLAN Encapsulation.

Switch 2, on receiving the tagged frames, decapsulates them to check which VLAN they are destined for and forwards them accordingly. When a switch port is configured to function as a trunk port, it adds unique identification tags — either IEEE It is the most widely used encapsulation method for VLAN tagging.

A trunk connection is simply said nothing more but a normal link but it is able to pass traffic from different VLANs and has a method to separate traffic between VLANs. As you can see we have computers on both sides and they are in different VLANs, by using trunks we can make sure all VLAN traffic can be sent between the switches. This is how switches know to which VLAN our traffic belongs. If you want to know how to configure trunks…take a look at this lesson that I wrote earlier. It explains how to configure trunks on Cisco Catalyst switches.

Tags: The switch will tag the frame when it leaves the trunk. Virtual local area networks, or VLANs , segregate traffic within a network. VLANs keep traffic from different networks separated when traversing shared links and devices within a topology. This process, also known as VLAN tagging, is invaluable to limiting broadcast network traffic and securing network segments. This can be done for both data, and management traffic independently.

VLAN - Virtual local area network; logical identifier for isolating a network. This is the method used by Meraki devices. VLAN-enabled ports are generally categorized in one of two ways, tagged or untagged.