Ethernet Switches & Routers

Reply
New Contributor
Posts: 2
Registered: ‎12-20-2016

What is the best way to tag and untag ports?


I am preparing to install an ICX 7450 as our core switch. It's to replace an old netgear switch. The equipment provider that sold me these switches has an in house engineer that is helping me with the configuration.

 

Below is part of the startup-config regarding Vlans:

 

vlan 1 name DEFAULT-VLAN by port
spanning-tree 802-1w
spanning-tree 802-1w priority 0
!
vlan 10 name DATA by port
tagged ethe 1/1/1 to 1/1/48 ethe 1/2/1 to 1/2/4
router-interface ve 10
spanning-tree 802-1w
spanning-tree 802-1w priority 0
!
vlan 20 name DATAW by port
tagged ethe 1/1/1 to 1/1/48 ethe 1/2/1 to 1/2/4
router-interface ve 20
spanning-tree 802-1w
spanning-tree 802-1w priority 0
!
vlan 30 name VIDEO by port
tagged ethe 1/1/1 to 1/1/48 ethe 1/2/1 to 1/2/4
router-interface ve 30
spanning-tree 802-1w
spanning-tree 802-1w priority 0
!
vlan 40 name MGMT by port
tagged ethe 1/1/1 to 1/1/48 ethe 1/2/1 to 1/2/4
router-interface ve 40
spanning-tree 802-1w
spanning-tree 802-1w priority 0
!
vlan 50 name WiFi by port
tagged ethe 1/1/1 to 1/1/48 ethe 1/2/1 to 1/2/4
router-interface ve 50
spanning-tree 802-1w
spanning-tree 802-1w priority 0
!
vlan 60 name VOICE by port
tagged ethe 1/1/1 to 1/1/48 ethe 1/2/1 to 1/2/4
router-interface ve 60
spanning-tree 802-1w
spanning-tree 802-1w priority 0

 

As you can see, the engineer is having me tag all ports for all Vlans. My question: is this the best/appropriate way to do this?

My background: I've only done desktop support in the past, so I've never done this before in a production environment. So I want to make sure I'm doing this correctly. I have my CCNA and have setup Vlans with Cisco equipment in test environments. I am familiar with trunks (tagged links between switches - switchport mode trunk) and assigning switchports to Vlans (switchport mode acess, switchport access vlan x) but the tag/untag that Brocade does confuses me.

 

Below is a port configuration:

 

interface ethernet 1/1/5
loop-detection
dual-mode 10
spanning-tree root-protect
spanning-tree 802-1w admin-edge-port
no flow-control both

 

Can someone explain in simple terms tag/untagging, dual-mode and voice-vlan commands so that I can get the concepts solidified in my mind?

 

Thank you

Brocade Moderator
Posts: 71
Registered: ‎06-10-2009

Re: What is the best way to tag and untag ports?

Hello,

 

Tagged mode for a port is the equivalent of "switchport mode trunk" for a Cisco switch.  So the Brocade switch will be expecting to see an 802.1Q VLAN header for these VLANs on that particular interface.

 

To answer your question about tagging all VLANs on all interfaces.  That depends on your use case, security policy and how easy you want administration to be (the latter two will often conflict).

 

If you want an easy life then tagging all of your VLANs on all interfaces is good, since you can then plug any device - eg AP, desktop, phone etc into any interface without any further configuration work.

 

If a VLAN is untagged on an interface then it would be the equivalent of "switchport mode access".  On Brocade campus type switches, if you have untag an interface into a VLAN then the interface can only reside in that VLAN and will not accept any traffic with a VLAN header.  This works fine if you just need to have a desktop/laptop connected to the interface. 

 

If you need to support an IP phone with a PC on an interface then you need to configure the interface for "dual-mode".  This now means that the interface will accept untagged traffic (ie no VLAN header) and associate it with the VLAN mentioned in the dual-mode command, in your case the DATA VLAN.  The interface will also accept traffic from any VLANs that are tagged.  Typically IP phones will use an 802.1Q VLAN tag for their voice signalling and pass through the untagged traffic to the PC.

 

The voice vlan command is used with Cisco and other phones that support CDP (Cisco Discovery Protocol).  Voice-vlan is a way to tell the phone which VLAN it needs to be in.  You can also use LLDP to do this. 

 

Hope that helps.

 

Steve

New Contributor
Posts: 2
Registered: ‎12-20-2016

Re: What is the best way to tag and untag ports?

Thank you for the clarification.

One question: You wrote that tagging all my interfaces allows me to plug in any device. But I still have to configure the port as Dual-Mode, correct?
Sorry if this is obvious. I'm pulling cable all week and can't do any testing at this time.

Thanks again for taking the time to answer,
Brocade Moderator
Posts: 71
Registered: ‎06-10-2009

Re: What is the best way to tag and untag ports?

Yes you would still need to configure them as dual-mode.  What I meant, was that if you configure all interfaces to be the same then it makes life simpler as an admin.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.