1 00:00:00,000 --> 00:00:00,500 2 00:00:00,500 --> 00:00:04,670 One rule about Layer 2 Broadcast is that the broadcast needs 3 00:00:04,670 --> 00:00:08,630 to be forwarded to all other devices in that same Layer 2 4 00:00:08,630 --> 00:00:09,170 domain-- 5 00:00:09,170 --> 00:00:10,550 that same Broadcast domain. 6 00:00:10,550 --> 00:00:12,950 Well, what if we have two different switches that 7 00:00:12,950 --> 00:00:17,060 are connected together, and we have a Broadcast in VLAN 100, 8 00:00:17,060 --> 00:00:18,680 for example, on one switch? 9 00:00:18,680 --> 00:00:21,110 How does that switch, when it forwards that broadcast over 10 00:00:21,110 --> 00:00:22,880 to the second device, how does it 11 00:00:22,880 --> 00:00:25,250 let the second switch know that this is a Broadcast 12 00:00:25,250 --> 00:00:29,300 4 just VLAN 100 and not, for example, VLAN 200? 13 00:00:29,300 --> 00:00:31,520 Well, the answer to that question is solved with 14 00:00:31,520 --> 00:00:35,000 a technique called trunking and adding a little tag called 15 00:00:35,000 --> 00:00:38,930 an 802.1Q tag to the frames over trunks. 16 00:00:38,930 --> 00:00:41,540 And one of the analogies that I learned decades 17 00:00:41,540 --> 00:00:43,280 ago and is still pretty effective 18 00:00:43,280 --> 00:00:45,440 is the one about airlines. 19 00:00:45,440 --> 00:00:48,140 And I've got seven kids, and I care a great deal 20 00:00:48,140 --> 00:00:49,160 about every one of them. 21 00:00:49,160 --> 00:00:50,900 And when they were young, if I would ever 22 00:00:50,900 --> 00:00:53,570 have to send one of those kids on an airplane, 23 00:00:53,570 --> 00:00:55,820 we'd want to make sure that they get on the plane 24 00:00:55,820 --> 00:00:58,430 and were delivered correctly to the correct party 25 00:00:58,430 --> 00:00:59,477 on the other side. 26 00:00:59,477 --> 00:01:01,310 So what the airlines do is they create a tag 27 00:01:01,310 --> 00:01:04,250 with all the information for the child who's traveling alone, 28 00:01:04,250 --> 00:01:07,299 and they put it on that child for the duration of their trip. 29 00:01:07,299 --> 00:01:09,090 And then, when they land on the other side, 30 00:01:09,090 --> 00:01:11,510 they use that tag that the child has on them 31 00:01:11,510 --> 00:01:13,940 to correctly deliver that frame to the right VLAN-- 32 00:01:13,940 --> 00:01:16,550 or, in the example of the plane, to deliver that child 33 00:01:16,550 --> 00:01:18,309 to the correct person who's going 34 00:01:18,309 --> 00:01:20,350 to take care of that child on the receiving side. 35 00:01:20,350 --> 00:01:22,940 So in our topology, we've got three computers connected 36 00:01:22,940 --> 00:01:25,490 to the first switch, we have a connection between the two 37 00:01:25,490 --> 00:01:27,590 switches, and then three more computers 38 00:01:27,590 --> 00:01:29,120 connected to the second switch. 39 00:01:29,120 --> 00:01:32,000 Also, the individual ports on their respective switches 40 00:01:32,000 --> 00:01:34,080 are carved out into various VLANs. 41 00:01:34,080 --> 00:01:37,317 The first two ports are in VLAN 100 on switch-1, 42 00:01:37,317 --> 00:01:38,900 and the third port has been configured 43 00:01:38,900 --> 00:01:41,444 to be part of VLAN 200 here on switch-1. 44 00:01:41,444 --> 00:01:42,860 And we have similar configurations 45 00:01:42,860 --> 00:01:47,150 over here on switch-2, with port 1/1 being in VLAN 100 46 00:01:47,150 --> 00:01:51,200 and ports gig 1/2 and 1/3 being in VLAN 200. 47 00:01:51,200 --> 00:01:53,580 Also, to make things functional and work, 48 00:01:53,580 --> 00:01:55,700 we've also configured in this topology-- 49 00:01:55,700 --> 00:01:57,800 all the computers there in VLAN 100, 50 00:01:57,800 --> 00:02:01,100 their IP address starts with 10.100.0. 51 00:02:01,100 --> 00:02:04,370 And all the devices in VLAN 200 have an IP address that begins 52 00:02:04,370 --> 00:02:06,580 with 10.200.0. 53 00:02:06,580 --> 00:02:08,150 And the actual VLAN assignment is 54 00:02:08,150 --> 00:02:11,090 done based on the ports that these devices are connected to, 55 00:02:11,090 --> 00:02:12,890 and the IP addressing can either be 56 00:02:12,890 --> 00:02:16,940 done manually or through some dynamic process like DHCP, 57 00:02:16,940 --> 00:02:18,650 which we'll cover in a different Nugget. 58 00:02:18,650 --> 00:02:21,260 But for now, this is how this network is set up. 59 00:02:21,260 --> 00:02:24,010 So if PC-1 was going to do a ping request-- 60 00:02:24,010 --> 00:02:27,110 so PC 1 is right here at 10.100.0.1-- 61 00:02:27,110 --> 00:02:32,510 if it did a ping request over to PC-4 over here at 10.100.0.4, 62 00:02:32,510 --> 00:02:36,110 when that frame goes in on gig 0/1, the switch-- 63 00:02:36,110 --> 00:02:40,660 because gig 0/1 is configured to be a port in VLAN 100-- 64 00:02:40,660 --> 00:02:43,040 the switch knows that that frame that's coming in 65 00:02:43,040 --> 00:02:45,190 is associated with VLAN 100. 66 00:02:45,190 --> 00:02:46,190 But here's the problem. 67 00:02:46,190 --> 00:02:48,980 When switch-1 forwards that frame over to switch-2 so it 68 00:02:48,980 --> 00:02:52,970 can get to PC-4, it needs to add some information-- a tag, 69 00:02:52,970 --> 00:02:53,780 if you will-- 70 00:02:53,780 --> 00:02:56,270 along with that frame to indicate, hey, buddy, 71 00:02:56,270 --> 00:02:58,370 it says to switch number 2, this frame 72 00:02:58,370 --> 00:03:00,710 is associated with VLAN 100. 73 00:03:00,710 --> 00:03:03,320 And that additional little information that it's adding is 74 00:03:03,320 --> 00:03:05,270 referred to as an 802.1Q. 75 00:03:05,270 --> 00:03:07,610 That's the name of the protocol that does this, 76 00:03:07,610 --> 00:03:09,410 and it's referred to as a tag. 77 00:03:09,410 --> 00:03:12,410 We're adding that information before we send that frame over 78 00:03:12,410 --> 00:03:13,594 to the other switch. 79 00:03:13,594 --> 00:03:15,260 And that way, when switch-2 receives it, 80 00:03:15,260 --> 00:03:18,680 whether it's a unicast frame, or whether it's a broadcast frame, 81 00:03:18,680 --> 00:03:21,810 switch-2 will know right when it receives it, based on the tag, 82 00:03:21,810 --> 00:03:25,550 that this is a frame associated just with that specific VLAN-- 83 00:03:25,550 --> 00:03:26,560 VLAN 100. 84 00:03:26,560 --> 00:03:29,630 And then as switch-2 forwards that frame up to PC-4, 85 00:03:29,630 --> 00:03:32,150 it's going to remove the tag because it's no longer needed 86 00:03:32,150 --> 00:03:34,490 as it forwards the frame up to PC-4, 87 00:03:34,490 --> 00:03:36,060 where that frame needs to go. 88 00:03:36,060 --> 00:03:39,560 So the play by play would be, no tag here on the access port 89 00:03:39,560 --> 00:03:40,850 between PC-1 and the switch. 90 00:03:40,850 --> 00:03:44,390 We'd have the tag added on this interconnection between the two 91 00:03:44,390 --> 00:03:47,189 switches, which is also called a trunk, by the way. 92 00:03:47,189 --> 00:03:49,730 And then when switch-2 forwards that frame out the port where 93 00:03:49,730 --> 00:03:51,990 PC-4 is connected-- that access port-- 94 00:03:51,990 --> 00:03:54,800 there would be no benefit or need to include that 802.1Q 95 00:03:54,800 --> 00:03:57,560 tag, because all PC-4 cares about is the actual frame 96 00:03:57,560 --> 00:03:58,500 itself. 97 00:03:58,500 --> 00:04:02,930 And one of the big questions is, to tag or not to tag? 98 00:04:02,930 --> 00:04:04,380 That is the question. 99 00:04:04,380 --> 00:04:05,900 And the primary method that switches 100 00:04:05,900 --> 00:04:08,810 know whether to include a tag or not include a tag 101 00:04:08,810 --> 00:04:11,840 is the type of port that that frame is going across. 102 00:04:11,840 --> 00:04:14,570 If it's an access port, which implies that we're 103 00:04:14,570 --> 00:04:16,769 connected to end user devices-- 104 00:04:16,769 --> 00:04:18,844 devices that are not other switches 105 00:04:18,844 --> 00:04:21,260 or don't need to have that tagging information-- those are 106 00:04:21,260 --> 00:04:23,344 referred to as access ports. 107 00:04:23,344 --> 00:04:25,010 And that's why, when we configure VLANs, 108 00:04:25,010 --> 00:04:26,750 we configure both the type of port-- 109 00:04:26,750 --> 00:04:29,284 whether it's an access port or a trunk port. 110 00:04:29,284 --> 00:04:30,950 And then if it's an access port, we also 111 00:04:30,950 --> 00:04:35,060 assign what VLAN that access port is a member of. 112 00:04:35,060 --> 00:04:36,810 So that way, when the switch is forwarding 113 00:04:36,810 --> 00:04:39,120 a frame over a trunk, it's going to add the tag. 114 00:04:39,120 --> 00:04:41,840 And when it's forwarding that frame over an access port, 115 00:04:41,840 --> 00:04:44,120 it won't bother including the tag. 116 00:04:44,120 --> 00:04:46,620 And to reinforce this and have some fun with this, 117 00:04:46,620 --> 00:04:50,030 here's a quick little snippet from Wireshark packet capture 118 00:04:50,030 --> 00:04:56,030 of the frame as it went over the trunk when PC-1 at 10.100.0.1 119 00:04:56,030 --> 00:05:00,470 was doing a ping request over to PC-4 at 10.100.0.4. 120 00:05:00,470 --> 00:05:03,590 And once again, the capture was taken over the trunk link. 121 00:05:03,590 --> 00:05:06,350 And as a result, here we have the Layer 2 information 122 00:05:06,350 --> 00:05:08,930 with the source and destination Layer 2 addresses. 123 00:05:08,930 --> 00:05:11,780 And then it wedged in here this next little piece-- 124 00:05:11,780 --> 00:05:13,040 this additional little piece-- 125 00:05:13,040 --> 00:05:16,010 which is the 802.1Q tag. 126 00:05:16,010 --> 00:05:19,880 And then that tag, it includes the ID, which is the VLAN ID. 127 00:05:19,880 --> 00:05:21,680 Effectively, that says, this frame 128 00:05:21,680 --> 00:05:24,710 is associated with VLAN 100. 129 00:05:24,710 --> 00:05:27,260 So if switches had a voice, maybe they'd sound like that. 130 00:05:27,260 --> 00:05:30,170 So any frames associate with VLAN 100 that are going across 131 00:05:30,170 --> 00:05:32,360 this trunk link between switch-1 and switch-2, 132 00:05:32,360 --> 00:05:35,330 whether they're unicast frames for a specific host, 133 00:05:35,330 --> 00:05:38,270 or whether they're a broadcast for all devices in that same 134 00:05:38,270 --> 00:05:40,460 VLAN, as those frames cross the trunk, 135 00:05:40,460 --> 00:05:43,020 they're going to get this additional little 802.1Q tag 136 00:05:43,020 --> 00:05:46,310 so that the receiving switch knows exactly which VLAN that 137 00:05:46,310 --> 00:05:47,880 frame belongs to. 138 00:05:47,880 --> 00:05:49,970 I hope this has been informative for you, 139 00:05:49,970 --> 00:05:53,470 and I'd like to thank you for viewing.