Scenario:
- switch 1 has hosts of vlan 20 and 30 only
- switch 2 has hosts of vlan 30 only
Neither of the switches are connected to any other switches
My questions:
- Why would we need to filter vlan 20 in switch 2? Is it necessary at
all? - How do switches trunk a frame?(Are they looking at MAC address or
just VLAN tags?)
Best Answer
A VLAN is a broadcast domain. Broadcasts and unknown unicasts are flooded to every port in a broadcast domain. Broadcasts received by a host interrupt the host and must be processed, even if the receiving host has no interest in the content of the broadcast, it must still process it to determine that.
VLANs can be used to reduce the size of the broadcast domain. By using two VLANs (20 and 30), you can restrict the broadcasts in one VLAN from being sent to hosts in the other VLAN.
If the second switch has no ports in VLAN 20, why would you even want to send broadcasts and unknown unicasts for VLAN 20 to that switch? You can restrict what goes across the trunk to only VLAN 30 traffic, thereby reducing the traffic on the trunk.
A MAC address is only relevant within the VLAN where the host with that MAC address is a member. The frames traveling on the trunks are tagged (or not tagged for a native VLAN) with the VLAN tag, and those frames will only be sent across a trunk which allows the VLAN in the tag. Frames are only delivered to the interface where the MAC address is connected, unless the switch doesn't know that and delivers it to all the interfaces in the VLAN, and a trunk interface will be one of those if the trunk allows that VLAN.
A switch will learn which interface a particular MAC address is, over time, and will only send frames with a destination MAC address to that interface. The switch MAC address table eventually times out a MAC address when it isn't used for a while. If the switch doesn't have a destination MAC address in its table, it will flood the frame to every interface in that VLAN.