HPE Community
Switches, Hubs, and Modems
1752827 Members
4018 Online
108789 Solutions
New Discussion юеВ

vlan'ing best practices

 
monodactylus
Occasional Contributor

тАО02-01-2010 07:21 AM

тАО02-01-2010 07:21 AM

vlan'ing best practices

Hello,

Just a quick question on what people feel is the best practice for vlan'ing in the HP world. Over in that other world (cisco) I've read some documentation that tagging all ports w/ vlans is considered the best practice even though almost no one does it. Is that the same feeling in the HP world? So that no untagged ports would ever be used?

Thanks,
Will
0 Kudos
3 REPLIES 3
Mohammed Faiz
Honored Contributor

тАО02-01-2010 08:36 AM

тАО02-01-2010 08:36 AM

Re: vlan'ing best practices

Hi,

On switch interlinks I never have VLANs untagged. The main reason is because it avoids accidental VLAN "leaking" where, for example VLAN 1 is untagged on one switch but VLAN 2 is untagged on the other switch causing VLAN 1 to "leak" into VLAN 2.
Also there's no advantage to having VLANs untagged between switches so why do it?
Obviously access ports have to be untagged..
0 Kudos
monodactylus
Occasional Contributor

тАО02-01-2010 08:57 AM

тАО02-01-2010 08:57 AM

Re: vlan'ing best practices

Hello,

If your network cards can tag the vlan right on the card, is there a reason why you wouldn't tagged the access ports also?

Thanks,
Will
0 Kudos
Manfred M.
Advisor

тАО02-02-2010 12:46 AM

тАО02-02-2010 12:46 AM

Re: vlan'ing best practices

Hi!

I'm working in the HP and Cisco Network Business as well. I prefer the HP recommendations (and default settings). Clients on untagged ports will always work - no matter what OS or NIC technology. You should also consider, that a lot of server administrators still aren't aware of the possibility of using tagged ports on their NICs and Operating systems! I only use tagged ports on interswitch links and eventually on firewalls - and only the one I need (avoid traffic at the source). In an environment with IP telephony I'm setting the data vlan untagged and the voice vlan tagged.
If you plan to use GVRP read the HP Advanced Traffic Management Guide of the switch:
'To understand and use GVRP you must have a working knowledge of 802.1Q VLAN tagging' - that's very true...
Cisco always set's every VLAN tagged in a trunk unless you filter it - my opinion is, that it should be the opposite way around per default.

With regards
Manfred
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.