You may be confused with concepts of and differentiation between Layer 2 and Layer 3 interfaces, and concepts of VLANIF and PVID. In this post, let's figure them out.

Layer 2 interfaces are interfaces with Layer 2 switching capabilities, for example, a physical interface on a Layer 2 switch or a physical interface on a Layer 3 switch. (Typically, these interfaces work in Layer 2 mode by default, and can be switched to Layer 3 mode in some switch models.)

IP addresses cannot be directly configured for Layer 2 interfaces and the interfaces cannot directly terminate broadcast frames. After receiving a broadcast frame, a Layer 2 interface floods the frame to all the other interfaces in the same VLAN.

Layer 3 interfaces maintain IP and MAC addresses.

Layer 3 interfaces can terminate broadcast frames. After receiving a broadcast frame, a Layer 3 interface does not flood the frame.

After receiving a unicast frame, a Layer 2 interface searches for the destination MAC address of the frame in the MAC address table, and then forwards the frame based on the matched MAC address entry. If no entry is matched, the interface floods the frame. After receiving a unicast frame, a Layer 3 interface checks whether the destination MAC address of the frame is the local MAC address. If so, the interface decapsulates the frame, parses the destination IP address of the frame, searches the routing table, and forwards the frame. Therefore, Layer 2 and Layer 3 interfaces differ from each other in data processing.

Layer 2 interfaces (Ethernet Layer 2 interfaces in this document) are classified into access, trunk, and hybrid interfaces. Layer 3 interfaces do not have the preceding interface types.

Layer 3 interfaces can be physical or logical. A typical case of physical Layer 3 interfaces is physical Layer 3 interfaces on a router. Typical cases of logical Layer 3 interfaces are VLANIF interfaces and Ethernet sub-interfaces, such as GE0/0/1.1. VLANIF interfaces correspond to IDs of their associated VLANs. For example, VLANIF 10 corresponds to VLAN 10. As a logical Layer 3 interface, VLANIF 10 can communicate at Layer 2 with devices in VLAN 10. Generally, Ethernet sub-interfaces are also bound to VLAN IDs. IP addresses can be configured for such two types of Layer 3 interfaces.

VLAN is fundamental for an Ethernet Layer 2 switching network. Each VLAN is a logical broadcast domain, and is identified by a VLAN ID.

The default VLAN ID of a Layer 2 interface is called PVID. Each Layer 2 interface has a unique PVID, and the PVID must be a specific VLAN ID. When a Layer 2 interface receives a packet that does not carry any 802.1Q tag (VLAN ID information), the interface considers that the packet belongs to the VLAN corresponding to the PVID. In addition, the PVID also affects data frame sending of an interface, which is not described here. By default, the PVIDs of all interfaces are VLAN 1.

The default VLAN of an access interface is the VLAN from which packets are allowed by the interface to pass through. To change the default VLAN of an access interface, change the VLAN from which packets are allowed to pass through the interface.

A trunk or hybrid interface allows packets from multiple VLANs to pass through, but has only one default VLAN. If the VLANs from which packets are allowed by a trunk or hybrid interface to pass through are changed, the default VLAN remains unchanged. That is, you need to run the specific command to change the default VLAN of a trunk or hybrid interface.

A Layer 3 interface does not necessarily correspond to a VLAN ID. For example, a physical Layer 3 interface of a router does not maintain VLAN ID information. This interface cannot identify data frames carrying a VLAN ID unless a logical sub-interface is created on the physical interface, and the sub-interface is divided into the VLAN corresponding to the VLAN ID.

On a Layer 3 switch, each VLAN has a VLANIF interface that is a logical Layer 3 interface corresponding to the VLAN. After the VLAN is created, an IP address can be configured for the Layer 3 interface and the interface has routing and forwarding capabilities. A VLAN corresponds to a VLANIF interface, and the VLAN and VLANIF interface have the same ID.


