The Layer 2 devices use Ethernet frame header information to forward packets without having routing tables. Usually, Ethernet frame header does not contain any information about VLAN, so, when Ethernet frames arrive in a trunk, information about its VLAN must be added. This method called tagging. The standard for VLAN tagging is IEEE 802.1Q. The 802.1Q header includes a 32-bits tag inserted inside the original Ethernet frame header, specifying the VLAN to which the frame belongs. When the switch receives an Ethernet frame on a port in access mode and assigned a VLAN, the switch inserts a VLAN tag into the received frame header, calculates the FCS again, and sends out the tagged frame to the trunk port. The figure below illustrates different fields of VLAN tag:
- Type– Type field is 16 bits field also called the tag protocol ID (TPID) value. For Ethernet, it is set to hexadecimal 0x8100.
- User priority– It has a 3-bit value that supports service implementation.
- Canonical Format Identifier (CFI)– This is a 1-bit identifier that enables Token Ring frames to be carried across Ethernet links.
- VLAN ID (VID)– It is 12-bit VLAN identification number that supports up to 4096 VLAN IDs.
Native VLANs and 802.1Q Tagging
Tagged Frames on the Native VLAN
Some devices that support trunking, insert a VLAN tag to native VLAN traffic. If a port configured on 802.1Q trunk receive a tagged frame with VID and the same as the native VLAN, it drops the frame. So when configuring a switch port on Cisco switch, configure devices that they send untagged frames on the native VLAN. Other vendor devices, routers, non-Cisco switches, and servers support tagged frames on the native VLANs.
Untagged Frames on the Native VLAN
When a trunk port receives untagged frames, it forwards these untagged frames to the native VLAN. If there are no devices associated with the native VLAN and also there are no other trunk ports, then the switch dropped the frame. During configuring an 802.1Q trunk port, a default Port VLAN ID is assigned the value of the native VLAN ID. All untagged traffic coming in and out the 802.1Q port is forwarded based on the PVID. For example, if VLAN 10 is configured as a native VLAN. The PVID is 10 and every untagged frame is forwarded to VLAN 10. If the native has not been configured, the PVID value for native VLAN is 1. Because the default native VLAN is 1.
Voice VLAN Tagging
To Support Voice over IP a separate voice VLAN is required. Port that connects Cisco IP phone can be configured to use two separate VLANs. One for voice and another for data traffic. The link between IP phone and switch work like trunk to carry both voice and data VLAN traffic. The Cisco IP Phone has three-port 10/100 switch. These ports give dedicated connections to these devices:
- Port-1 – This port connects the IP phone to the switch or other VoIP devices.
- Port-2 – This port is an internal 10/100 interface that carries the IP phone traffic.
- Port-3 – This is an access port which connects to a PC or other device.
On the switch, the switch port is configured to send CDP packets that instruct an attached IP phone to send voice traffic to the switch in one of the following ways, depending on the type of traffic:
- In a voice VLAN tagging with a Layer 2 class of service priority value.
- In; an access VLAN tagging with a Layer 2 class of service priority value.
- In an access VLAN, untagged without a Layer 2 class of service priority value.