Introduction to port-based VLAN
Port-based VLANs group VLAN members by port. A port forwards traffic for a VLAN only after it is assigned to the VLAN.
Port link type
You can configure the link type of a port as access, trunk, or hybrid. The link types use the following VLAN tag handling methods:
Access port—Belongs to only one VLAN and sends traffic untagged. Access ports are usually used to connect a terminal device unable to identify VLAN-tagged packets, or are used when separating different VLAN members is unnecessary. As shown in Figure 5, Device A is connected to common PCs that cannot recognize VLAN-tagged packets, and you must configure Device A's ports that connect to the PCs as access ports.
Trunk port—Carries multiple VLANs to receive and send traffic for them. Except traffic from the port VLAN ID (PVID), traffic sent through a trunk port will be VLAN-tagged. Usually, ports that connect network devices are configured as trunk ports. As shown in Figure 5, Device A and Device B need to transmit packets of VLAN 2 and VLAN 3, and you must configure the ports interconnecting Device A and Device B as trunk ports and assign them to VLAN 2 and VLAN 3.
Hybrid port—A hybrid port allows traffic of some VLANs to pass through untagged and traffic of some other VLANs to pass through tagged. Usually, hybrid ports are configured to connect devices whose support for VLAN-tagged packets you are uncertain about. As shown in Figure 5, Device C connects to a small-sized LAN in which some PCs belong to VLAN 2 and other PCs belong to VLAN 3, and Device B is uncertain about whether Device C supports VLAN-tagged packets. On Device B, configure the port connecting to Device C as a hybrid port to allow packets from VLAN 2 and VLAN 3 to pass through untagged.
Figure 5: Network diagram
PVID
By default, VLAN 1 is the port VLAN ID (PVID) for all ports. You can configure the PVID for a port as required.
When you configure the PVID on a port, follow these restrictions and guidelines:
An access port can join only one VLAN. The VLAN to which the access port belongs is the PVID of the port.
A trunk or hybrid port can join multiple VLANs, and you can configure a PVID for the port.
You can use a nonexistent VLAN as the PVID for a hybrid or trunk port, but not for an access port. After you use the undo vlan command to remove the VLAN where an access port resides, the PVID of the port changes to VLAN 1. The removal of the VLAN specified as the PVID of a trunk or hybrid port, however, does not affect the PVID setting on the port.
Do not set the voice VLAN as the PVID of a port in automatic voice VLAN assignment mode. For information about voice VLAN, see "Configuring voice VLANs."
Hewlett Packard Enterprise recommends that you set the same PVID for local and remote ports.
Make sure that a port permits the traffic from its PVID to pass through. Otherwise, when the port receives frames tagged with the PVID or untagged frames, the port drops these frames.
Frame handling on a port
Actions | Access | Trunk | Hybrid | |
|---|---|---|---|---|
Incoming untagged frame | Tags the frame with the PVID tag. | Determines whether the PVID is permitted on the port, as follows:
| ||
Incoming tagged frame |
|
| ||
Outgoing frames | Removes the VLAN tag and sends the frame. |
| Sends the frame if its VLAN is permitted on the port. The frame is sent with the VLAN tag removed or intact depending on your configuration with the port hybrid vlan command. This is true of the PVID. | |