8-2
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Chapter8 Configuring Interface Characteristics
Understanding Interface Types
Port-Based VLANs
A VLAN is a switched network that is logically segmented by function, team, or application, without
regard to the physical location of the users. For more information about VLANs, see Chapter 9,
“Creating and Maintaining VLANs.” Packets received on a port are forwarded onl y t o p orts t ha t be lo ng
to the same VLA N as the receiv ing port. Network devices in different VLANs cannot communicate with
one another without a Layer 3 device to route traffic between the VLANs.
VLAN partitions provide hard firewalls for traffic in the VLAN, and each VLAN has its own MAC
address table. A VLAN comes into existence when a local port is configured to be associated with the
VLAN, when the VLAN Trunking Protocol (VTP) learns of its existence from a neighbor on a trun k, or
when a user adds a VLAN to the local VTP database.
To configure VLANs, use the vlan database privileged EXEC command to enter VLAN configuration
mode.
Add ports to a VLAN by using the switchport interface configuration commands:
Identify the interface.
For a trunk port, set trunk characteristics, and if desired, define th e V L ANs to wh ich it ca n be long .
For an access port, set and define the VLAN to which it belongs.
Switch Ports
Switch ports are Layer 2 only interfaces associated with a physical port. A swit ch por t ca n be ei the r an
access port or a trunk port. You can configure a port as an access port or trunk port or let the Dynamic
Trunking Protocol (DTP) operate on a per-port basis to determine if a switch port should be an access
port or a trunk port by negotiating with the port on the o ther e nd of t he lin k. Swit ch por ts a re us ed f or
managing the physical interface and associated Layer 2 protocols and d o not handle routing or bridging.
Configure switch ports (access ports and trunk ports) by using the switchport interface configuration
commands. For detailed information about configuring acce ss p orts an d trunk po rts, see Chapter 9,
“Creating and Maintaining VLANs.”

Access Ports

An access port carries the traffic of and belongs to only one VL AN. T raf fic is received and sent in na tive
formats with no VLAN tagging. Traffic arriving on an access port i s assu med to b elo ng t o the VL A N
assigned to the port. If an access port receives a tagged pa ck et (In ter-Switch L ink [I SL] or 80 2. 1Q
tagged), the packet is dropped, the source address is not learned, and the frame is counted in the No
destination statistic.
Two types of access ports are supported:
Static access ports are manually assigned to a VLAN.
VLAN membership of dynamic access ports is learned through inco min g p acke ts. By de fa ult, a
dynamic access port is a member of no VLAN, and forwarding to and fr om the port is enabled only
when the VLAN membership of the port is discovered. In the Catal yst 35 50 s witch, dynam ic acc ess
ports are assigned to a VLAN by a VLAN Membership Policy Server (VMPS). The VMPS can be
a Catalyst 6000 series switch; the Catalyst 3550 switch does not support the function of a VMPS.