What is the purpose of frame tagging in Virtual LAN (VLAN) configurations?
A.
inter-VLAN routing
B.
encryption of network packets
C.
frame identification over trunk links
D.
frame identification over access links
Explanation:
Frame tagging is used when VLAN traffic travels over a trunk link. Trunk links carry frames for multiple VLANs. Therefore, frame tags are used for identification of
frames from different VLANs. Inter Switch Link (ISL) and Institute of Electrical and Electronics Engineers (IEEE) 802.1q are the two frame tagging methods
supported on Cisco devices.
The purpose of frame tagging is not inter-VLAN routing. A Layer 3 device, such as a router or multilayer switch, is used for inter-VLAN routing. To configure interVLAN routing a logical or subinterface for each VLAN must be created on the single physical interface used to connect to the switch. An IP address is NOT applied
to the physical interface; instead, each subinterface is configured with an IP address that will become the default gateway of all devices residing in that VLAN.
Consequently, each subinterface and its VLAN devices must reside a different subnet as well. If a subinterface on the router is NOT configured with an IP address
that resides in the same network as the hosts that reside in the VLAN that the subinterface serves, the hosts in that VLAN will be isolated from the other VLANs.
The hosts in the VLAN served by the subinterface should also use this address as their default gateway, or the hosts in the VLAN will likewise be isolated form the
other VLANs
To verify the IP address of the subinterface, execute the show interfaces subinterface ID command. As shown below, the IP address will appear in line 3 of the
output. Compare this IP address will the IP address set as the default gateway of each host in the VLAN served by the subinterface. They should be the same, and
the IP address of the hosts should be in the same subnet as this address as well.
router# show interfaces fastEthernet 0/0.1
FastEthernet0/0.1 is up, line protocol is up
Hardware is AmdFE, address is 0003.e36f.41e0 (bia 0003.e36f.41e0)
Internet address is 10.10.10.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ISL Virtual LAN, Color 1.
ARP type: ARPA, ARP Timeout 04:00:00
Frame tagging does not provide encryption of network packets. Packets are transmitted unencrypted unless the network device or the application uses an additionalencryption mechanism. A Virtual Private Network (VPN) is a popular solution for providing encrypted network communication.
An access link is a connection between a switch and an end-user computer with a normal Ethernet Network Interface Card (NIC). On these links, Ethernet frames
are transmitted without frame tagging.
Objective:
LAN Switching Fundamentals
Sub-Objective:
Configure, verify, and troubleshoot VLANs (normal/extended range) spanning multiple switchesCisco > Cisco IOS LAN Switching Configuration Guide, Release 12.4 > Part 1: Virtual LANs > Routing Between VLANs Overview
Cisco > Technology Support > LAN Switching > Virtual LANs/VLAN Trunking Protocol (VLANs/VTP) > Design > Design Technotes > Inter-Switch Link and IEEE
802.1Q Frame Format > Document ID: 17056