In a SP environment, you need to hand off two VLANs to a customer, is there any advantage or disadvantage in doing the following two setups? - One untagged and one tagged VLAN - Two tagged VLAN and no untagged VLAN I can't think of anything other than some equipment may not let you have no untagged VLAN. But it's bugging me that something could go wrong by not having untagged native VLAN that I can't think of.
I'd think that going with two tagged VLAN's is the better route. You will then be forcing the customer to adhere to the VLAN's that you have specified and reserved for them. It's also a security advantage because if you go with untagged, who knows if someone might be able to vlan hop/double tag their way into someone elses network....
Date: Tue, 28 Sep 2010 21:27:32 -0400 Subject: tagged vs. untagged VLAN From: zeusdadog@gmail.com To: nanog@nanog.org
In a SP environment, you need to hand off two VLANs to a customer, is there any advantage or disadvantage in doing the following two setups?
- One untagged and one tagged VLAN - Two tagged VLAN and no untagged VLAN
I can't think of anything other than some equipment may not let you have no untagged VLAN. But it's bugging me that something could go wrong by not having untagged native VLAN that I can't think of.
-----Original Message----- From: Jay Nakamura [mailto:zeusdadog@gmail.com] Sent: den 29 september 2010 03:28 To: NANOG Subject: tagged vs. untagged VLAN
In a SP environment, you need to hand off two VLANs to a customer, is there any advantage or disadvantage in doing the following two setups?
- One untagged and one tagged VLAN - Two tagged VLAN and no untagged VLAN
I can't think of anything other than some equipment may not let you have no untagged VLAN. But it's bugging me that something could go wrong by not having untagged native VLAN that I can't think of.
I would go with tagged for both VLANs. If you can't tag the native in your equipment create a dummy VLAN and use it as native on the link and all VLANs will be tagged. If you know the customer will be using more VLANs later on Q-in-Q might be a good solution or you will have to transport a lot of VLANs in your network and they might collide with other customers etc. /Daniel
participants (3)
-
Brandon Kim
-
Daniel Dib
-
Jay Nakamura