Ingress Filtering - D-Link DES-3226L Manual

Managed 24-port 10/100mbps and 2ge ports layer 2 ethernet switch

Hide thumbs Also See for DES-3226L:

Cli command reference (128 pages)

Reference manual (228 pages)

User manual (110 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

page of 134

/ 134
Contents
Table of Contents
Bookmarks

Table of Contents

DES-3226L Layer 2

Ingress Filtering

A port on a switch where packets are flowing into the switch and VLAN decisions must be

made is referred to as an ingress port. If ingress filtering is enabled for a port, the switch will

examine the VLAN information in the packet header (if present) and decide whether or not to

forward the packet.

If the packet is tagged with VLAN information, the ingress port will first determine if the

ingress port itself is a member of the tagged VLAN. If it is not, the packet will be dropped. If

the ingress port is a member of the 802.1Q VLAN, the switch then determines if the

destination port is a member of the 802.1Q VLAN. If it is not, the packet is dropped. If the

destination port is a member of the 802.1Q VLAN, the packet is forwarded and the destination

port transmits it to its attached network segment.

If the packet is not tagged with VLAN information, the ingress port will tag the packet with

its own PVID as a VID (if the port is a tagging port). The switch then determines if the

destination port is a member of the same VLAN (has the same VID) as the ingress port. If it

does not, the packet is dropped. If it has the same VID, the packet is forwarded and the

destination port transmits it on its attached network segment.

This process is referred to as ingress filtering and is used to conserve bandwidth within the

switch by dropping packets that are not on the same VLAN as the ingress port at the point of

reception. This eliminates the subsequent processing of packets that will just be dropped by

the destination port.

Initial VLAN Configuration

The Switch initially configures one VLAN, VID = 1, called the "default." The factory default

setting assigns all ports on the Switch to the "default." As new VLANs are configured in Port-

based mode, their respective member ports are removed from the "default."

Packets cannot cross VLANs. If a member of one VLAN wants to connect to another VLAN,

the link must be through an external router.

Note: If no VLANs are configured on the switch, then all packets will be

forwarded to any destination port. Packets with unknown source

addresses will be flooded to all ports. Broadcast and multicast packets will

also be flooded to all ports.

An example is presented below:

VLAN Name

System (default)

Engineering

Marketing

Finance

Sales

Fast Ethernet Switch User's Guide

VID

Switch Ports

5, 6, 7, 8, 21, 22, 23, 24

9, 10, 11, 12

13, 14, 15, 16

17, 18, 19, 20

1, 2, 3, 4

Table 6-1. VLAN Example – Assigned Ports

Table of Contents

Show Quick Links

Quick Links:
Command Line Console Interface through the...

Hide quick links:

Table of Contents

Ingress Filtering - D-Link DES-3226L Manual

Ingress Filtering

Hide quick links:

Related Manuals for D-Link DES-3226L

Related Content for D-Link DES-3226L

Table of Contents