Trunk interface

A trunk interface can carry traffic for one or more VLAN IDs. In most cases, a trunk interface is used to transport data to other switches or routers.

A trunk interface has two important settings:

  • Native VLAN: This is the VLAN to which incoming untagged traffic is assigned. Only one VLAN can be assigned as the native VLAN. By default, VLAN 1 is assigned as the native VLAN for all trunk interfaces.
  • Allowed VLANs: This is the list of VLANs that can be transported by the trunk. If the native VLAN is not included in the allowed list, all untagged frames that ingress on the trunk interface are dropped.

Example 1: Native untagged VLAN

This example shows ingress and egress traffic behavior when a trunk interface has a native untagged VLAN.

  • An ingress tagged frame with VLAN ID of 25 arrives on interface 1/1/1. The switch accepts this frame and sends it to its target address on interface 1/1/2, where it egresses with a VLAN ID of 25 untagged since port 1/1/2 is configured with a native VLAN ID of 25.
  • An ingress untagged frame arrives on interface 1/1/1. The switch accepts this frame and sends it to its target address on interface 1/1/2, where it egresses with a VLAN ID of 25 untagged since port 1/1/2 is configured with a native VLAN ID of 25.
  • An ingress tagged frame with VLAN ID of 4 arrives on interface 1/1/1. The switch accepts this frame and sends it to its target address on interface 1/1/2, where it egresses with a VLAN ID of 4 tagged since port 1/1/2 is configured to allow traffic with a VLAN ID of 4.
  • An ingress tagged frame with VLAN ID of 50 arrives on interface 1/1/1. The switch drops this frame as VLAN ID 50 is not in the allowed list for interface 1/1/1.

Example 2: Native tagged VLAN

This example shows ingress and egress traffic behavior when a trunk interface has a native tagged VLAN.

  • An ingress tagged frame with VLAN ID of 6 arrives on interface 1/1/13. The switch accepts this frame and sends it to its target address on interface 1/1/21, where it egresses with a VLAN ID of 6 tagged since port 1/1/2 is configured with a native VLAN ID of 6.
  • An ingress untagged frame arrives on interface 1/1/13. The switch drops this frame since the interface is configured as native tagged (all untagged frames a dropped in such a configuration).
  • An ingress tagged frame with VLAN ID of 17 arrives on interface 1/1/13. The switch accepts this frame and sends it to its target address on interface 1/1/21, where it egresses with a VLAN ID of 17 tagged since port 1/1/2 is configured to allow traffic with a VLAN ID of 17.
  • An ingress tagged frame with VLAN ID of 50 arrives on interface 1/1/13. The switch drops this frame as VLAN ID 50 is not in the allowed list for interface 1/1/13.