In this article I describe the Access and Trunk ports for VLAN. VLAN provides multiple virtual networks in a physical network. We can break a local area network into multiple virtual networks. The devices of same virtual network can communicate with each other without interfere to other virtual network. The switchports of a switch can be used as access port or trunk port. The function of access port and trunk port are different.
The switch provide a single broadcast domain to all connected devices by default. Each port of switch creates single collision domain. VLAN breaks the broadcast domain into small broadcast domain. If we need to make communication between different VLANs then we need a router. Router have the feature to provide communication between different networks. VLAN provides the logical network within a single physical network.
VLAN basic concepts
Every switchport works on separate collision domain. We can say each device connected with a switchport remains in separate collision domain. By default all switchports of a switch works in a single broadcast domain. It can be define as all the devices working in a single LAN remains in a single broadcast domain. The big network of single broadcast domain can be divided into different small broadcast domains by creating the VLANs in the network. Every VLAN have its own broadcast domain.
Breaking the large broadcast domain into small broadcast domains provides an extra layer of security in the network. The devices of different broadcast domains can not communicate with each other. The swithports can be configured to restrict the unauthorised use by unwanted devices. Management of networking devices become easier by creating VLANs. Network administrator can monitor the small network more efficiently than a large network.
Methods of adding devices in VLAN
The devices can be added in a VLAN by two methods static and dynamic. Actually we configure the switchports for access by device with these methods. Generally static method assigned to the VLANs as it is easy and secure method. In static method we add the switchports manually to a VLAN. Suppose I assign the switchport number 4 to VLAN 10. This switchport remains assigned to VLAN unless we manually change it or assign to another VLAN. By default all switchports assigned to a single VLAN. We need to assign each port manually to the required VLAN.
The other method is dynamic assignment of swithports to VLAN according to the IP address of a device or MAC address of the device. Suppose a device connected to switchport 2 and it belongs to VLAN 20. If you change the switchport of this device from 2 to 10 then the switchport 10 automatically assigned to VLAN 20 and the device will work as it was. Dynamic method works in high end switches, in normal switch we can use static methods only.
Access port and Trunk port for VLAN basic concepts
Access ports allow a device to access the network by using the NIC or RJ45 connection. The devices connected to access ports remains in same broadcast domain. The device can access, receive and transmit the data via access port. Generally all switchports remains as access ports until we manually convert them to trunk ports.
Trunk port mode allow to transmit and receive the data of multiple VLANs. Generally endpoint devices not connected with trunk ports. The networking devices uses trunk ports to connect with each other. For example when we need to connect two switches which have multiple VLANs, the switches can be connected via trunk ports. The assignment of access ports and trunk ports are logical. A switchport mode can be changed by using the command line interface.
Access and Trunk ports belongs to Layer 3 switch. Function of Access and Trunk ports are different. According to name of ports access ports provide facility to flow the data packets through it. Trunk ports allow to pass the traffic of multiple VLANs through it. Access and Trunk ports play an important role for creating VLANs in a LAN.
VLAN created on access ports in a layer 3 switch. Trunk ports provides connectivity between VLAN to VLAN from one switch to another switch. In this article we discuss only of basic of access and trunk ports. A switch-port can be assigned either access port of trunk port. It is not possible to assign both properties access and trunk ports to a single port of switch.
Access ports of a Later 3 switch
Access port belongs to a particular VLAN. By default, all access ports of a switch remain in a VLAN 1. It means any device connected with any access port can communicate with another device. The condition is that all devices should have a same subnet mask. If all devices have same subnet mask, it means all devices belongs to same network ID can communicate with each other. Access ports receive and transmit the data for the same VLAN. The access port doesn’t check for source address on data packets.
VLAN works as a separate broadcast domain in a LAN. You can say if there are 5 VLANs in a LAN, there are 5 broadcast domains lying in the LAN. Each device belongs to VLAN assume in separate broadcast domain. The access ports in a VLAN works like separate collision domain for the connected device. Devices of different VLAN can communicate by configuring inter-VLAN routing with the help of a router.
The router works like a gateway between the VLANs. One access port can be assigned to a single VLAN only. It is not possible to assign two VLANs to a single access port. For data transfer only single VLAN can be accessed by an access port. When you are working with voice and data transfer via a single access port. You can assign a data VLAN and a voice VLAN to a single access port. But the rule is that only single VLAN of same pattern can be assigned to an access port.
Trunk Ports of a Layer 3 switch
Trunk ports are not separate ports on a layer 3 switch. Any interface can be defined as Access or Trunk port. The task of trunk port is to carry the data of all VLANs available in the whole switch interfaces. I mean to say suppose you have 4 VLANs in a switch and want to carry all 4 VLANs data to another switch via a single port. In this case you must assign a single port as trunk port in that switch.
Similarly, in another switch a single port also assigned trunk port. Both switches should be connected with the trunk port to make communication between all VLANs of different switches. A trunk port can carry the data of all VLANs together for another trunk port. We can say just like a telephone line which can carry multiple voice calls without disturbing each other. The trunk port can carry multiple VLANs data without interfering each other in a network. A trunk link speed may be 100, 1000 or 10000 Mbps point to point link between two switches.
Access and trunk ports explained in a LAN
See the below diagram. Here I have taken three VLANs with same configuration with two different switches. The name of VLANs are HR, Acctt and Admin. The devices belong to HR can not communicate with other VLAN. In a single switch it is possible and feel good. The access ports of each VLAN are assigned the concern VLAN name.
Now my requirement is to establish another office in the same block with different switch. How to manage same thing in another switch and the client of HR switch 1 should be communicate with HR switch 2. Similarly, the user of Admin branch switch 1 should be communicate with Admin branch switch 2.
This requirement can be done by creating an interface to trunk port in both switches and connect them with each other. One thing to remember that the VLAN configuration in both switches should be same. All devices belong to particular VLAN should be connected with same VLAN in another switch and the network ID should be same for all devices in same VLAN.
In this article I describe the Access and Trunk Ports for VLAN. For any query or suggestion on this article you may contact us or drop a comment below. Your suggestions are always welcome by us.