Qtech QSW-2900-24T4-AC [71/209] Vlan interface

4-69

4.3 VLAN Interface

VLAN interfaces are virtual interfaces used for communications between different VLANs. Each VLAN can

have one VLAN interface. Packets of a VLAN can be forwarded on network layer through the corresponding VLAN

interface. As each VLAN forms a broadcast domain, a VLAN can be an IP network segment and the VLAN interface

can be the gateway to enable IP address-based Layer 3 forwarding.

4.4 Port-Based and 802.1Q VLAN

This is the simplest yet the most effective way of classifying VLANs. It groups VLAN members by port. After

added to a VLAN, a port can forward the packets of the VLAN.

4.4.1 Port link type

Based on the tag handling mode, a port’s link type can be one of the following three:

· Access or Hybryd port: the port can belong to multiple VLANs, can receive or send packets for multiple

VLANs, used to connect either user or network devices;

· Trunk port: the port can belong to multiple VLANs, can receive/send packets for multiple VLANs, normally

used to connect network devices;

The differences between Access and Trunk port:

· A Access port allows packets of multiple VLANs to be sent with or without the Tag label;

· A Trunk port only allows packets from the default VLAN to be sent without the Tag label.

4.4.2 Default VLAN

You can configure the default VLAN for a port. By default, VLAN 1 is the default VLAN for all ports.

However, this can be changed as needed.

· An Access port only belongs to one VLAN. Therefore, its default VLAN is the VLAN it resides in and

cannot be configured.

· You can configure the default VLAN for the Trunk port or the Hybrid port as they can both belong to

multiple VLANs.

4.5 Policy-Based VLAN

In this approach, inbound packets are assigned with different VLAN IDs based on ACL policy. For example,

TPID that can be used to categorize VLANs include: IP, IPX, and AppleTalk (AT). A port can be associated to

multipleACL. An untagged packet (that is, packet carrying no VLAN tag) reaching a port associated with a

policy-based VLAN will be processed as follows.

· If the packet matches ACL, the packet will be tagged with the VLAN ID of the policy-based VLAN defined

by theACL.

· If the packet matches no ACL template, the packet will be tagged with the default VLAN ID of the port.

A tagged packet (that is, a packet carrying VLAN tags) reaching the port is processed in the same way as that

of port-based VLAN.

· If the port is configured to permit packets with the VLAN tag, the packet is forwarded.

· If the port is configured to deny packets with the VLAN tag, the packet is dropped.

This feature is mainly used to bind the any type of traffic with VLAN for easy of management and

maintenance. Please refer to the “Traffic rewrite vlan configuration”.