5 Replies Latest reply: Apr 11, 2013 8:16 AM by Maurice RSS

    Tagged vs Untagged Traffic

    Maurice

      Hello All,

       

      This seems like a simple concept but I'm having a hard time grasping which traffic is tagged vs that which is not tagged.  

       

      We have a network of primarily 3750 switches with several VLANs, and dot1q trunks setup between the switch stacks.   I've always thought that traffic going through a VLAN access switchport is tagged with the VLAN ID, along with VLAN traffic going over trunk ports (when the devices are both setup for the same VLANs). 

       

      The confusion came with the implementation of a new phone system, where the vendor states that certain (non-Cisco) components must not receive tagged traffic.   I'm not sure how that is possible if all of our switch ports belong to VLANs.   Could this meant that these devices must use the native VLAN on our switches (which, in our case, the native VLAN is disabled on our switches)?   Currently these devices are on switchports with fairly simple configs, such as:

       

      ...

      switchport mode access

      switchport access vlan 100

      no cdp enable

      ...

       

      Thanks for any insight into this

        • 1. Re: Tagged vs Untagged Traffic
          jason

          yes you need to use the native vlan.

          that is the only vlan that isnt tagged....plus you must ensure that the same native vlan is used through out the network....

           

          you dont want to set up vlan 1 as native vlan on switch 1 ...

          and then this traffic gets sent out to switch 2 untagged...

          and switch 2 has native vlan as being 50

          so now you got vlan 1 traffic on vlan 50

           

          anyway good luck.....

          you definitely need to enable native vlan....and check it out thoughout your whole network.

           

          ps all traffic is tagged...apart from that of your native vlan

          and you yourself set up which vlan you want that to be

           

           

          to select a specific vlan to have as native vlan

          go into your trunk port. eg

           

          #interface fa 0/30

          #switchport trunk native <vlan Number>

          so the acutal command will be something like

          #switchport trunk native vlan 33

           

          thing is you have to do this on all trunk ports on all switches

          native vlan is by defalut vlan 1

          but as you have disabled it....(which you cant do on cisco devices)

          i assume you hve just set your native vlan to be some obscure unused vlan.

          if you mean you have disabled it by using ISL encapsulation rather than dot1q encapsulation

          then you are going to have to use dot 1 q encapsulation.......as this is the only encapsulation type that understands the concept of an untagged vlan...the native vlan.

          ISL tags everything.

           

          anyway good luck

          • 2. Re: Tagged vs Untagged Traffic
            Daniel Dib CCIE #37149 CCDE #20160011

            Hi Maurice,

             

            Access ports don't send tagged frames as most PCs would not support 802.1Q and even if they did you would not want to tag frames unless you had the need for multiple VLANs and that would require a trunk.

             

            When a port is set to access it means that the port is part of the VLAN forwarding wise (MAC table) but all frames are sent untagged. When frames from that VLAN are sent over a trunk they get a tag added so the receiving switch knows to which VLAN the traffic belongs.

             

            The native VLAN is always untagged unless you enable tagging for it. By default it is VLAN 1 but that can be changed. Untagged frames received on trunk are assumed to be part of native VLAN.

            • 3. Re: Tagged vs Untagged Traffic
              Chandan Singh Takuli

              Hi Maurice

               

              suppoes u have a vlan 10 assigned on an access port fa0/3.

               

              SW(config)#int fa0/3

              SW(config-if)#switcport mode access

              SW(config-if)#switcport acces vlan 10

               

              no always remember, vlan 10 on port no. fa0/3 will be sent as un-tagged because vlan 10 is native for it.

               

              if you assign a voice vlan on fa0/3 suppose vlan 11. vlan 10 packets will sent as un-tagged but vlan 11 wil sent as tagged.

              • 4. Re: Tagged vs Untagged Traffic
                Maurice

                Thank you Jason

                • 5. Re: Tagged vs Untagged Traffic
                  Maurice

                  Thank you Daniel, thats exactly the explanation that I needed