802.1Q (VLAN Trunking Protocol)

📘 CCNA 200-301 v1.1

2.2 Configure and verify interswitch connectivity

2.2.b — 802.1Q (VLAN Trunking Protocol)

Profile

1. What is IEEE 802.1Q?

IEEE 802.1Q is the official VLAN tagging standard used on Ethernet networks.
It allows multiple VLANs (Virtual Local Area Networks) to be carried over a single physical link between switches.

In other words, 802.1Q enables VLAN trunking.

Without 802.1Q, a network switch link could only carry traffic from one VLAN.
With 802.1Q, a single cable (trunk link) can carry traffic from many VLANs at the same time.

2. Why 802.1Q is Needed

In a network with many VLANs (for example, VLAN 10 for Sales, VLAN 20 for IT, VLAN 30 for Admin),
each VLAN is like a separate broadcast domain.

If you have multiple switches and want to connect them together,
you need a way for all VLANs to pass between switches — not just one.

802.1Q tagging makes that possible by marking each Ethernet frame with a VLAN ID,
so switches know which VLAN the frame belongs to when it travels across a trunk link.

3. How 802.1Q Works — VLAN Tagging

Normally, an Ethernet frame does not contain VLAN information.

When 802.1Q is used, the switch adds a small tag into the Ethernet frame header.
This tag identifies the VLAN that the frame belongs to.

The 802.1Q tag is 4 bytes (32 bits) long and is inserted inside the Ethernet frame:

[ Destination MAC | Source MAC | 802.1Q TAG | Type | Data | FCS ]

The 802.1Q tag is placed between the Source MAC Address and the EtherType fields.

4. 802.1Q Tag Structure (4 bytes total)

Field NameSizeDescription
Tag Protocol Identifier (TPID)16 bitsAlways set to 0x8100 to identify this as an 802.1Q-tagged frame
Priority Code Point (PCP)3 bitsUsed for Quality of Service (QoS) — sets frame priority (0–7)
Drop Eligible Indicator (DEI)1 bitMarks if a frame can be dropped in case of congestion
VLAN Identifier (VID)12 bitsIdentifies the VLAN number (range: 1–4094)

5. VLAN ID Range in 802.1Q

  • Valid VLAN IDs: 1 to 4094
  • VLAN 0: Reserved for QoS priority tagging only
  • VLAN 4095: Reserved (not usable)

So, 4094 usable VLANs are supported by 802.1Q.

6. Native VLAN (Untagged VLAN)

When using 802.1Q, most VLANs are tagged, but one VLAN can remain untagged.
This untagged VLAN is called the Native VLAN.

By default, VLAN 1 is the native VLAN on Cisco switches.

Behavior:

  • Frames from the native VLAN are sent without a VLAN tag.
  • When an untagged frame is received on a trunk port, the switch associates it with the native VLAN.

This ensures backward compatibility with older (non-trunking) devices.

Important for CCNA:
Both ends of the trunk must have the same native VLAN; otherwise, VLAN mismatches and network issues can occur.

7. Example: How VLAN Tags Work Between Switches

Let’s say two switches (Switch1 and Switch2) are connected with a trunk link.

Switch1 Port Fa0/1 — Trunk
Switch2 Port Fa0/1 — Trunk

Configured VLANs:

  • VLAN 10: Accounting
  • VLAN 20: HR
  • VLAN 30: IT

When a PC in VLAN 10 sends traffic:

  1. Switch1 adds an 802.1Q tag (VLAN ID = 10) to the frame before sending it over the trunk.
  2. Switch2 receives the tagged frame.
  3. Switch2 reads the VLAN ID = 10 in the tag and forwards it to the correct VLAN 10 ports on its side.

This way, VLAN separation is maintained across switches using one physical link.

8. Cisco Commands for 802.1Q (Configuration and Verification)

Step 1: Enter interface configuration mode

Switch(config)# interface FastEthernet0/1

Step 2: Set the interface as a trunk

Switch(config-if)# switchport mode trunk

Step 3: Specify allowed VLANs on the trunk

Switch(config-if)# switchport trunk allowed vlan 10,20,30

Step 4: (Optional) Change the native VLAN

Switch(config-if)# switchport trunk native vlan 99

Step 5: Verify trunk status and encapsulation

Switch# show interfaces trunk

Example Output:

Port      Mode         Encapsulation  Status        Native vlan
Fa0/1     on           802.1q         trunking      1

Port      Vlans allowed on trunk
Fa0/1     10,20,30

✅ This confirms that the trunk is using 802.1Q encapsulation.

9. Important Notes for the CCNA Exam

ConceptDescription
802.1QThe IEEE standard for VLAN tagging
ISLCisco’s older, proprietary VLAN tagging method (no longer used)
Trunk LinkA switch port carrying multiple VLANs using 802.1Q
TaggingAdding VLAN ID info to a frame
Native VLANThe VLAN whose frames are sent untagged
VLAN Range1–4094 usable VLANs
EncapsulationDefines how VLAN information is added (802.1Q for CCNA)

10. Common Issues and Troubleshooting

ProblemCauseFix
Trunk not formingOne side not set to trunkUse switchport mode trunk on both ends
VLAN mismatchDifferent VLAN IDs on each switchUse show interfaces trunk and match VLAN lists
Native VLAN mismatchDifferent native VLANs on each endSet the same native VLAN using switchport trunk native vlan <id>
Untagged frames confusionNative VLAN misconfiguredVerify native VLAN consistency

11. Summary (Key Points for CCNA)

  • 802.1Q allows multiple VLANs to share one physical link using tagging.
  • The tag (4 bytes) includes VLAN ID, priority bits, and identifiers.
  • Native VLAN frames are not tagged.
  • VLAN ID range is 1–4094.
  • Configure trunk ports using: switchport mode trunk switchport trunk allowed vlan <list> switchport trunk native vlan <id>
  • Verify with: show interfaces trunk
  • Always ensure native VLANs and allowed VLANs match on both switches.

Leave a Reply

Your email address will not be published. Required fields are marked *

Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by