VLAN Tagging and PVID

This is one of the best descriptions I’ve read about VLAN tagging and PVID (port virtual id).


From Cerbrea:

There’s two things you can set on the port for VLANs….tagged or untagged and PVID.

If the port is set as untagged, then it tells the switch that the device(s) connected to that port are VLAN unaware, so any packet to be forwarded from that port out of the switch must be forwarded with the VLAN tag removed. If the port is set as tagged, then the destination device is VLAN aware, and packets will be forwarded with VLAN tags…so tagged /untagged is for packets leaving the switch.

Now for packets arriving at the switch port….if the packet arrives with a VLAN tag , then – providing that port is in the VLAN matching the tag – the packet will be forwarded; so if you have set a server NIC for instance to apply a VLAN ID , then¬† the packet arriving at the port will be tagged…so in this case you have a VLAN aware device forwarding packets already tagged , so you would configure the port into the appropraite VLAN as a tagged port. Note that if the packet arrives at the port tageed for a VLAN of which¬† the port is not a member, the switch will drop the packet.

If a packet arrives at the port from an end device carrying no VLAN tag, then the switch will add a VLAN tage which corresponds to the PVID, and then forward it within that VLAN; so the PVID mechanisim allows you to have traffic originating from a non-VLAN aware device to become an 802.1q packet, so that it can traverse to other switches and still be contained within the correct VLAN; so PVID is for non tagged packets arriving at a port on the switch.

Hope this helps