Tagging Ethernet Frames for VLAN Identification

The Layer 2 devices use Ethernet frame header information to send packets without having routing tables. Usually, the Ethernet frame header does not contain any information about virtual local area network (VLAN), so, when Ethernet frames arrive in a trunk, The virtual local area network (VLAN) information should add to the frame.

This method called tagging. The standard for VLAN tagging is IEEE 802.1Q. The 802.1Q header includes a 32-bits tag inserted inside the original Ethernet frame header, specifying the VLAN to which the frame belongs.

When the switch receives an Ethernet frame on a port in access mode and assigned a VLAN, the switch inserts a virtual local area network (VLAN) tag into the received frame header, calculates the FCS again, and sends out the tagged frame to the trunk port. The figure below illustrates the different fields of VLAN tag:

  • Type– Type field is 16 bits field also called the tag protocol ID (TPID) value. The value for Ethernet hexadecimal 0x8100.
  • User priority– It has a 3-bit value that supports service implementation.
  • Canonical Format Identifier (CFI)– This is a 1-bit identifier that enables Token Ring frames to be carried across Ethernet links.
  • VLAN ID (VID)– It is a 12-bit VLAN identification number that supports up to 4096 VLAN IDs.

Native VLANs and 802.1Q Tagging

Tagged Frames on the Native virtual local area network (VLAN)

Some devices that support trunking, insert a VLAN tag to native VLAN traffic. If a port configured on 802.1Q trunk receive a tagged frame with VID and the same as the native VLAN, it drops the frame.

So when configuring a switch port on Cisco switch, configure devices that they send untagged frames on the native VLAN. Other vendor devices, routers, non-Cisco switches, and servers support tagged frames on the native VLANs.

Untagged Frames on the Native VLAN

When a trunk port receives untagged frames, it forwards these untagged frames to the native VLAN. If there are no devices associated with the native VLAN and there are no other trunk ports, then the switch dropped the frame. During configuring an 802.1Q trunk port, the native VLAN Id is assigned as a default Port VLAN ID.

All untagged traffic coming in and out of the 802.1Q port is forwarded based on the PVID. For example, if VLAN 10 is a native VLAN. So, every untagged data is sent to VLAN 10 which PVID is 10. If the native has not been configured, the PVID value for native VLAN is 1. Because the default native VLAN is 1.

Voice VLAN Tagging

To Voice over IP Support, a separate voice VLAN is required. Port that connects the Cisco IP phone can be configured to use two separate VLANs. One for voice and another for data traffic.

The link between IP phone and switch work like the trunk to carry both voice and data VLAN traffic. The Cisco IP Phone has a three-port 10/100 switch. These ports give dedicated connections to these devices:

  1. Port-1 – This port connects the IP phone to the switch or other VoIP (Voice Over Internet Protocol) devices.
  2. Port-2 – This port is an internal 10/100 interface that carries the IP phone traffic.
  3. Port-3 – This is an access port that connects to a PC or other device.

On the switch, the switch port is configured to send CDP (Cisco Discovery Protocol) packets and instruct an attached IP phone to send voice traffic to the switch in one of the following ways, depending on the type of traffic:

  1. In a voice VLAN tagging with a Layer 2 class of service priority value.
  2. In; an access VLAN tagging with a Layer 2 class of service priority value.
  3. In an access VLAN, untagged without a Layer 2 class of service priority value.