>>>
2. A packet from port 16 will be sent to both port 1,2,3 and port 14 since that port has membership in two VLANS.
<<<
Dave, you misunderstand the mechanism of vlans.
Each packet is only sent to a single vlan!
At first : a packet "originates" in a certain vlan and will first be processed in this vlan.
If you got a standard server NIC, that is not vlan-aware the packet is sent without a vlan-id (vlan-tag).
The packet is recieved at the switchport and handled as addressed in the default/private/untagged vlan configured for this port .
Only a single vlan can be untagged/default/private vlan.
Default this is vlan1.
It will NOT be sent to the other vlans where the port is a tagged member!
Only tagged packets are forwarded to the corresponding vlan where the port is a tagged member.
results :
- an untagged packet from port 16 may be sent to both ports 1,2,3. (vlan-1)
as the switch maintains a mac-address table, the port that actually receives the packet will only be the one where the connected device has the correct mac-address!
if the connected device can send a vlan-tagged packets (switch or vlan aware-network driver) also :
- a vlan-1 tagged packet from port 16 may also be sent to both port 1,2,3.
- a vlan- tagged packet from port 16 will be forwarded to port 14.
(with the same restriction about mac-adresses).
After this process comes a next step.
if a tcp/ip packet needs to be transferred to another subnet, then a router may forward the packet to another subnet (commonly in another vlan).
