I have been going off the basis that the HP equivalent to "switchport mode access" and "switchport access vlan <vlan-id>" is simply to mark a port as untagged in the appropriate VLAN. Recently I found some information that leads me to believe it is only partially true. The untagging is more the equivalent of "switchport trunk native vlan <vlan-id>". Thinking in terms of ingress/egress and what actually happens to the frame headers (I think frame is the appropriate encapsulation term at layer 2) I think there is some confusion on this (at least in my mind).
Note: this is how I understand it and may not be completely correct. I am thinking out loud and am looking for someone to please explain either where I am wrong or to confirm what I understand.
When we use "switchport mode access" and "switchport access vlan 10" for example, a frame ingress on that port will will only be accepted if it is untagged (meaning no VLAN information in the frame header). Also, the frame will be modified and the header will be updated with a tag for VLAN 10. The frame is placed in the appropriate tables for VLAN 10 inside the switch, and then when it leaves the switch (egress), the frame is still marked with VLAN 10.
When we use "switchport mode trunk" and "switchport trunk native vlan 10" and assume all other VLAN's are allowed, a frame ingress on that port will be accepted if it is tagged in another known VLAN or if it is untagged. If the frame is not tagged when it enters the port, it will not be altered, but within the switch will be treated as if it is in VLAN 10. When the frame goes to leave the switch (egress), the VLAN information in the header is still empty. Moreover, if we have an egress port marked as native VLAN 10, it will remove the tag from a frame that is already tagged in VLAN 10 so that the frame leaving the port will have no VLAN header information.
On an HP switch, when we mark a port untagged in a VLAN, that port will behave the same way that native VLAN'ing works in the Cisco world. On egress, a port untagged in that VLAN will not add a VLAN tag, but may remove it if one already exists. It looks like if we tag VLAN 10 on egress though it would actually apply the VLAN 10 header information to the outgoing frame.
If this is correct, what is the real equivalent to "switchport mode access" on an HP switch so that ingress frames will be modified to include the tag as soon as they enter the switch so that we do not have to rely on tagging at egress?
Is any of this correct or is my understanding of this warped? Please enlighten me.
Note: this is how I understand it and may not be completely correct. I am thinking out loud and am looking for someone to please explain either where I am wrong or to confirm what I understand.
When we use "switchport mode access" and "switchport access vlan 10" for example, a frame ingress on that port will will only be accepted if it is untagged (meaning no VLAN information in the frame header). Also, the frame will be modified and the header will be updated with a tag for VLAN 10. The frame is placed in the appropriate tables for VLAN 10 inside the switch, and then when it leaves the switch (egress), the frame is still marked with VLAN 10.
When we use "switchport mode trunk" and "switchport trunk native vlan 10" and assume all other VLAN's are allowed, a frame ingress on that port will be accepted if it is tagged in another known VLAN or if it is untagged. If the frame is not tagged when it enters the port, it will not be altered, but within the switch will be treated as if it is in VLAN 10. When the frame goes to leave the switch (egress), the VLAN information in the header is still empty. Moreover, if we have an egress port marked as native VLAN 10, it will remove the tag from a frame that is already tagged in VLAN 10 so that the frame leaving the port will have no VLAN header information.
On an HP switch, when we mark a port untagged in a VLAN, that port will behave the same way that native VLAN'ing works in the Cisco world. On egress, a port untagged in that VLAN will not add a VLAN tag, but may remove it if one already exists. It looks like if we tag VLAN 10 on egress though it would actually apply the VLAN 10 header information to the outgoing frame.
If this is correct, what is the real equivalent to "switchport mode access" on an HP switch so that ingress frames will be modified to include the tag as soon as they enter the switch so that we do not have to rely on tagging at egress?
Is any of this correct or is my understanding of this warped? Please enlighten me.
