Aruba & ProVision-based
cancel
Showing results for 
Search instead for 
Did you mean: 

Is this correct regarding no untagged, untagged and tagged?

 
Highlighted
Occasional Contributor

Is this correct regarding no untagged, untagged and tagged?

Hi.

So I've always been confused about the no-untagged, untagged and tagged VLAN stuff in the HP-world (sorry, my school was a Cisco academy ;=), but now I'm in a situation where I really need to get it straight. I tried to figure it out and make my own guide; any kind soul who can confirm if this is the wrigt mindset or not?

1.1    The no-untagged VLANs:

So basically, when the switch first is out of the box, then all the ports are in VLAN1 as is marked as untagged, see the output below:

vlan 1

   name "VLAN1"

   untagged 1-52

When a port is moved out of VLAN1 to another VLAN, it will show up in VLAN1 as no untagged. Which means that the port has been moved out of VLAN1 and has nothing to do with that VLAN anymore, see the output below (in this case, port 7 and 8 is moved to VLAN10):

vlan 1

   name "VLAN1"

   no untagged 7-8

   untagged 1-6,9-52

vlan 10

   name "VLAN10"

   untagged 7-8

 

1.2    The untagged VLANs

If a port in marked as untagged in a VLAN, it means it’s still has an 802.1Q attached to itself. Think of this as an access port in the Cisco world. If a port is untagged in VLAN10, then the port has an 802.1Q-tag of the current VLAN it’s untagged in.

In the following example below, port 11 and 12 is moved to VLAN20. Port 7 and 8 are still in VLAN10.

vlan 1

   name "VLAN1"

   no untagged 7-8,11-12

   untagged 1-6,9-10,13-52

vlan 10

   name "VLAN10"

   untagged 7-8

vlan 20

   name "VLAN20"

   untagged 11-12

 

1.3    The tagged VLANs

If a port is tagged in a VLAN, then the ports carries all the VLANs the port is currently tagged in. So, for a port to carry multiple VLANs, for example VLAN10 and VLAN20, then it would look as the configuration below:

vlan 1

   name "VLAN1"

   no untagged 7-8,11-12

   untagged 1-6,9-10,13-52

vlan 10

   name "VLAN10"

   untagged 7-8

   tagged 24

vlan 20

   name "VLAN20"

   untagged 11-12

   tagged 24

On port 24, both VLAN10 and VLAN20 is carried out over that port.

So, to make a translation from HP/Aruba to Cisco:

untagged = access port
tagged = trunk port

But I have some question(s): If I have for e.g. port 24 where I tagged VLAN10 and VLAN20, I guess that VLAN1 still will be able to cross that interface since it's the native VLAN? Or am I mistaken?

Thanks alot for the help and if I need to clarify just let me know.

9 REPLIES 9
Highlighted
Honored Contributor

Re: Is this correct regarding no untagged, untagged and tagged?


@cmcarlzon wrote:

Hi.

So I've always been confused about the no-untagged, untagged and tagged VLAN stuff in the HP-world (sorry, my school was a Cisco academy ;=), but now I'm in a situation where I really need to get it straight. I tried to figure it out and make my own guide; any kind soul who can confirm if this is the wrigt mindset or not?

1.1    The no-untagged VLANs:

So basically, when the switch first is out of the box, then all the ports are in VLAN1 as is marked as untagged, see the output below:

vlan 1

   name "VLAN1"

   untagged 1-52

When a port is moved out of VLAN1 to another VLAN, it will show up in VLAN1 as no untagged. Which means that the port has been moved out of VLAN1 and has nothing to do with that VLAN anymore, see the output below (in this case, port 7 and 8 is moved to VLAN10):

vlan 1

   name "VLAN1"

   no untagged 7-8

   untagged 1-6,9-52

vlan 10

   name "VLAN10"

   untagged 7-8

 

1.2    The untagged VLANs

If a port in marked as untagged in a VLAN, it means it’s still has an 802.1Q attached to itself. Think of this as an access port in the Cisco world. If a port is untagged in VLAN10, then the port has an 802.1Q-tag of the current VLAN it’s untagged in.

In the following example below, port 11 and 12 is moved to VLAN20. Port 7 and 8 are still in VLAN10.

vlan 1

   name "VLAN1"

   no untagged 7-8,11-12

   untagged 1-6,9-10,13-52

vlan 10

   name "VLAN10"

   untagged 7-8

vlan 20

   name "VLAN20"

   untagged 11-12

 

1.3    The tagged VLANs

If a port is tagged in a VLAN, then the ports carries all the VLANs the port is currently tagged in. So, for a port to carry multiple VLANs, for example VLAN10 and VLAN20, then it would look as the configuration below:

vlan 1

   name "VLAN1"

   no untagged 7-8,11-12

   untagged 1-6,9-10,13-52

vlan 10

   name "VLAN10"

   untagged 7-8

   tagged 24

vlan 20

   name "VLAN20"

   untagged 11-12

   tagged 24

On port 24, both VLAN10 and VLAN20 is carried out over that port.

So, to make a translation from HP/Aruba to Cisco:

untagged = access port
tagged = trunk port


IMHO that's really correct (indeed that's the HPE way about VLAN tagging/untagging naming as opposed to what Cisco uses).

See also this presentation WRT Switch-to-Switch and Switch-to-Host HPE/Aruba versus Cisco VLAN untagging/tagging configuration comparisons and terminology meanings.

About your question:


@cmcarlzon wrote: But I have some question(s): If I have for e.g. port 24 where I tagged VLAN10 and VLAN20, I guess that VLAN1 still will be able to cross that interface since it's the native VLAN? Or am I mistaken?

 


You're not mistaken.

About the configuration example you provided above the port/interface 24 still belongs to VLAN 1 as untagged member of that VLAN (you didn't removed it from VLAN 1 as you did for ports/interfaces 7, 8, 11 and 12) and so, yes, it will still be able to carry traffic into VLAN 1.

Highlighted
Honored Contributor

Re: Is this correct regarding no untagged, untagged and tagged?

Cisco:
When you change a port to "switchport mode trunk":
- VLAN1 becomes the native/untagged VLAN
- all other VLANs configured on the switch become tagged VLANs

HP:
You don't configure the switchport in an equivalent "trunk" mode
VLAN1 is the default untagged VLAN
You can add additional VLANs as "tagged"
If you remove VLAN1 or configure VLAN1 as "tagged" you have no native VLAN

So the differences are that Cisco by default allows all VLANs as tagged on a trunk v. HP you need to explicitly add VLANs, and Cisco always has a native untagged VLAN v. HP you can have no native VLAN at all.

Highlighted
Occasional Contributor

Re: Is this correct regarding no untagged, untagged and tagged?

Hi parnassus. Thanks for the answer.

However, the .pdf link you sent just get stuck at 36kb and does a loop in Chrome atleast.

You got any other URL you might share since I got really interested in reading it?

Thanks.

Highlighted
Honored Contributor

Re: Is this correct regarding no untagged, untagged and tagged?

Strange, I'm able to download it (about 740 kB) flawlessly from that link (try this one although I suspect the download URL is always the same...or use Google to look for "VLAN and Link-Aggregation ArubaOS-Switches Cisco", it will be the very first result).

The focus is about differences in terminology about VLAN and Link Aggregation between Cisco and HP/Aruba.

Highlighted
Occasional Contributor

Re: Is this correct regarding no untagged, untagged and tagged?

See the below image:

 

VLANS.PNGSo in order for PC-A on SWITCH01 to communicate with PC-A on SWITCH02, PC-B on SWITCH01 to communicate with PC-B on SWITCH02 and PC-C on SWITCH1 to communicate with PC-C on SWITCH02 (other other words, just L2), the following configuration is what is should look like:

SWITCH01:

vlan1
No untagged 7-8,11-12
Untagged 1-6,9-10,13-24

vlan 10
untagged 7-8
tagged 24

vlan 20
Untagged 11-12
Tagged 24

SWITCH01:

vlan1
No untagged 7-8,11-12
Untagged 1-6,9-10,13-24

vlan 10
untagged 7-8
tagged 24

vlan 20
Untagged 11-12
tagged 24

 

Correct?

Highlighted
Honored Contributor

Re: Is this correct regarding no untagged, untagged and tagged?

In order to let hosts belonging, each one, to its respective VLAN ID (1, 10 or 20) - VLAN ID that should be available and assigned on all involved switches - to speak with other hosts belonging to the same VLAN ID (no IP Routing is involved here) you need that ports used for uplinking Switch-01 and Switch-02 (ports 24 on both ends) should be tagged members of VLAN IDs you want to transport - in this case VLAN 10 and VLAN 20 - other than being also members of the Native VLAN ID, in this case the VLAN 1, which is the VLAN untagged on ports 24 of both ends.

On each switch VLAN IDs must be the same. On each switch each ports belonging to desired VLAN ID should be untagged member of that VLAN ID.

Doing so PC-A (VLAN 10) on Switch 01 will be able to speak with PC-A (VLAN 10) on Switch 02 provided that both are configured with the same IP Subnet, same for PC-B hosts pair (VLAN 20) and PC-C hosts pair (VLAN 1) connected on both switches.

Highlighted
Honored Contributor

Re: Is this correct regarding no untagged, untagged and tagged?

Correct.

Highlighted
Occasional Visitor

Re: Is this correct regarding no untagged, untagged and tagged?

Dear all, 

If my edge switch have three vlan, such as vlan1, vlan101, vlan102. How can we determine the access port with 2 different edge switch? Thanks a lot.

Best Regards, Hsu Yao Chang

Honored Contributor

Re: Is this correct regarding no untagged, untagged and tagged?

Unclear question.

Do not hijack an old thread (the OP never answered to latest reply given): open your new one and describe your issue in detail. Help us to help you.