802.1Q is an IEEE standard that defines VLAN tagging on Ethernet frames, enabling network devices to identify which VLAN a frame belongs to as it traverses trunk links between switches, routers, and other network equipment.
When a frame travels across a trunk port, 802.1Q inserts a 4-byte tag into…802.1Q is an IEEE standard that defines VLAN tagging on Ethernet frames, enabling network devices to identify which VLAN a frame belongs to as it traverses trunk links between switches, routers, and other network equipment.
When a frame travels across a trunk port, 802.1Q inserts a 4-byte tag into the Ethernet frame header between the source MAC address and the EtherType field. This tag contains critical information including the Tag Protocol Identifier (TPID), which has a value of 0x8100, identifying the frame as an 802.1Q tagged frame. The tag also includes Priority Code Point (PCP) for Quality of Service purposes, Drop Eligible Indicator (DEI), and most importantly, the 12-bit VLAN Identifier (VID) that can represent VLAN numbers from 0 to 4095.
The native VLAN concept is essential in 802.1Q implementations. Frames belonging to the native VLAN are transmitted untagged across trunk links by default. Both ends of a trunk link must agree on the native VLAN to prevent VLAN hopping attacks and ensure proper frame delivery. Cisco switches use VLAN 1 as the default native VLAN.
Trunk ports configured with 802.1Q can carry traffic from multiple VLANs simultaneously, making efficient use of physical connections between switches. Access ports, in contrast, belong to a single VLAN and handle untagged traffic for end devices like computers and printers.
For the CCNA exam, understanding the difference between access and trunk ports, how 802.1Q tagging works, and native VLAN configuration is crucial. Common commands include configuring trunk encapsulation with switchport trunk encapsulation dot1q and setting the native VLAN using switchport trunk native vlan commands. Proper VLAN tagging ensures logical network segmentation while maintaining connectivity across the physical infrastructure, supporting security policies and traffic management strategies.
802.1Q Tagging - Complete CCNA Guide
Why 802.1Q Tagging is Important
802.1Q tagging is fundamental to modern network design because it enables VLANs to span across multiple switches. In enterprise environments, you cannot have a separate physical link for each VLAN between switches - this would be impractical and expensive. 802.1Q solves this by allowing multiple VLANs to share a single physical connection, known as a trunk link.
What is 802.1Q?
802.1Q is an IEEE standard that defines how Ethernet frames are tagged to identify which VLAN they belong to. When a frame travels between switches over a trunk link, a 4-byte tag is inserted into the Ethernet frame header. This tag contains:
- Tag Protocol Identifier (TPID): 2 bytes set to 0x8100, indicating an 802.1Q tagged frame - Priority Code Point (PCP): 3 bits for Quality of Service (QoS) priority levels (0-7) - Drop Eligible Indicator (DEI): 1 bit indicating if the frame can be dropped during congestion - VLAN Identifier (VID): 12 bits identifying the VLAN (values 0-4095, with 0 and 4095 reserved)
How 802.1Q Works
On Access Ports: When a frame enters an access port, the switch associates it with the configured VLAN. The frame remains untagged within the access port.
On Trunk Ports: When that frame needs to cross a trunk link, the switch inserts the 802.1Q tag before transmission. The receiving switch reads the tag, determines the VLAN, and forwards accordingly.
Native VLAN: One VLAN per trunk is designated as the native VLAN. Frames belonging to the native VLAN are sent untagged across the trunk. By default, this is VLAN 1. Both ends of a trunk must have matching native VLAN configurations.
Key Configuration Commands
switchport mode trunk - Configures the port as a trunk switchport trunk native vlan [vlan-id] - Sets the native VLAN switchport trunk allowed vlan [vlan-list] - Specifies which VLANs can traverse the trunk
Exam Tips: Answering Questions on 802.1Q
1. Remember the tag size: The 802.1Q tag is exactly 4 bytes. This is a commonly tested fact.
2. VLAN ID range: The 12-bit VID field supports 4096 values (0-4095), but usable VLANs are 1-4094. VLAN 1 is the default and cannot be deleted.
3. Native VLAN security: Mismatched native VLANs between trunk endpoints cause frames to be placed in the wrong VLAN - this is a security vulnerability and a common troubleshooting scenario.
4. 802.1Q vs ISL: If a question mentions Cisco proprietary trunking, that refers to ISL (Inter-Switch Link). 802.1Q is the industry standard and is more commonly used today.
5. Frame size increase: Tagged frames are 4 bytes larger than untagged frames. The maximum frame size becomes 1522 bytes instead of 1518 bytes.
6. DTP awareness: Dynamic Trunking Protocol negotiates trunk links. Know that switchport nonegotiate disables DTP on a trunk port.
7. Allowed VLANs: By default, all VLANs (1-4094) are allowed on a trunk. Best practice is to limit this to only necessary VLANs.
8. Watch for tricky wording: Questions may ask about tagged versus untagged traffic. Remember: access ports carry untagged traffic, trunk ports carry tagged traffic (except for native VLAN).