IEEE 802.1Q

Description

IEEE 802.1Q is a protocol that can be used to partition an Ethernet into a number of VLANs. Each frame is tagged with a VID (VLAN ID) to indicate which VLAN it is associated with. Each VLAN behaves as if it were a separate Ethernet.

There are two ways to connect a machine to a switch that carries 802.1Q VLANs:

• via an untag port, where VLAN support is handled by the switch (so the attached machine sees ordinary Ethernet frames); or
• via a tag (trunk) port, where VLAN support is handled by the attached machine (which sees 802.1q-encapsulated Ethernet frames).

The advantage of a tagged port is that it allows multiple VLANs to be carried by a single physical bearer. The disadvantage is that the machine in question must support 802.1Q and be configured to use it. Typical practice is to use tagged ports for machines that need to talk to multiple VLANs and untagged ports for everything else.

A VID is an unsigned 12-bit integer in the range 1 to 4094. The first VLAN, with a VID of 1, is the default VLAN to which ports are presumed to belong if they have not been otherwise configured.

microHOWTOs

• Configure an Ethernet interface as a QinQ VLAN trunk
• Configure an Ethernet interface as a VLAN trunk
• Configure an Ethernet interface as a VLAN trunk (Debian)
• Configure an Ethernet interface as a VLAN trunk (Red Hat)

Tutorials

• IEEE 802.1Q VLAN Tutorial

See also

• Ethernet
• VLAN (Virtual Local Area Network)
• IEEE 802.1ad

Further reading

• Virtual Bridged Local Area Networks, IEEE Std 802.1Q-2005, IEEE Computer Society, May 2006
• 802.1Q VLAN implementation for Linux

• Conventions
• Privacy
• Legal