Some of the most confusing topics to network engineers who are coming from the Cisco background are tagged and untagged vlan ports. This is simply because the Cisco learning platform does not make use of the words tagged and untagged ports. As a Cisco certified network engineer, you will run into this confusion in your career as you make your way towards the adoption and configuration of other OEM devices. Since these are what you already know, howbeit, in a different way, I will attempt to explain these terms by comparing them to their Cisco equivalents.
When dealing with VLAN, network engineers attempt to virtually segment a switch by logically grouping the ports on the affected switch. What we know is that all ports on a switch are in a broadcast domain and belong to a vlan – vlan1 by default. With Virtual LAN, network engineers are able to create multiple virtual switches and assigned ports on the physical switch to these virtual switches. The different local area networks on these virtual switches then become VLANs.
The physical ports on the switch can either connect to a PC, Phone, switch or a router and depending on the use case, can either be a tagged port or an untagged port. Okay! So what then are tagged and untagged ports? Do you remember what an access port is? What about a trunk port? Read on.
Whats are Untagged vlan ports?
Untagged VLAN ports, also known as access ports, are switch ports that are configured to be a member of a specific VLAN but do not add any VLAN tags to the incoming or outgoing frames. When a device is connected to an untagged VLAN port, the device will automatically become a member of the VLAN associated with that port. The switch will add the VLAN tag to any outgoing traffic from that device and remove the VLAN tag from any incoming traffic to that device. Untagged VLAN ports are typically used to connect devices that do not support VLAN tagging, such as desktop computers, printers, or servers, to a VLAN-aware switch. This allows the devices to communicate with other devices on the same VLAN without the need for VLAN tagging.
You may also like: How to configure multiple dhcp for different vlans in Cisco Packet Tracer
What are tagged vlan ports?
On the other hand, tagged VLAN ports, also known as trunk ports, are network switch ports that are configured to transmit data for multiple VLANs (Virtual Local Area Networks) by adding a VLAN tag to each packet. When a network device is connected to a tagged VLAN port, the device is able to communicate with all VLANs that are configured on the switch port. This is useful in scenarios where multiple VLANs need to be connected to a single switch port, such as in a virtualization environment where multiple virtual machines require connectivity to different VLANs. Tagged VLAN ports allow network administrators to separate traffic into different logical networks and apply different policies and settings to each VLAN. By using VLAN tags, network traffic can be directed to its intended destination without interference from other traffic on the network.
It’s important to note that devices connected to tagged VLAN ports need to be configured to use the same VLAN tags in order to communicate with each other. If a device is not configured with the correct VLAN tag, it will not be able to communicate with other devices on that VLAN. In conclusion, tagged vlan ports are trunk ports while untagged vlan ports are access ports.
You can read more on Cisco VLAN implementation on Cisco official documentation.
If you enjoyed this tutorial, please subscribe to this blog to receive my posts via email. Also subscribe to my YouTube channel, like my Facebook page and follow me on Twitter.