Filter
Top Products
VLANTagging
Packet Processing
Ingress processing ensures that the port accepts only packets with allowed VLANvalues (untagged packets are
assigned the native VLAN, which is implicitly allowed). At this point, all packets are now tagged with a valid VLAN.
The packet is sent to each egress port that can send the packet (because the packet tag value matches the native
VLANor an Allowed VLAN on the port).
Ingress Port
Untagged packet
l packet is tagged with the native VLAN and allowed to proceed
l the Allowed VLAN list is ignored
Tagged packet
l tag VLANvalue must match an Allowed VLAN (which excludes the native VLAN)
l packet keeps the VLANtag and is allowed to proceed
Egress Port
All packets that arrive at an egress port are tagged packets.
If the packet tag value is on the Allowed VLAN list, the packet is sent out with the existing tag.
if the packet tag value is the native VLAN, the tag is stripped and then the packet is sent out.
Otherwise the packet is dropped.
27
FortiSwitchOS-3.2.0