A switch supports two types of VLAN connections: access link and trunk link. An access link connection carries the traffic of a single VLAN, whereas a trunk link connection carries the traffic of multiple VLANs.
VLAN is a switch feature. It allows you to break a large broadcast domain into smaller broadcast domains. VLANs are not limited to a single switch. They can span across the network. For example, if your network has five Ethernet switches, you can create and configure the same VLAN on all five Ethernet switches.
If you create the same VLAN on two switches, you must change the default connection type on the port that connects the switches. There are two types of connections: access link and trunk link.
Access Link
An access link belongs to and carries the traffic of only one VLAN. It transports the traffic in native formats with no VLAN information. It connects an end device to an access port.
An access port works only with a single VLAN. It forwards all incoming frames from the ports that belong to the VLAN configured on it. Any device attached to an access port through an access link is unaware of a VLAN membership. It does not understand the VLAN concept and physical network topology. It assumes the connected link and network as a single broadcast domain.
Switches remove all VLAN information from frames before forwarding them through access ports.
Trunk link
A trunk link belongs to and carries the traffic of multiple VLANs. It transports the traffic with VLAN information. It connects another switch or the device that understands VLANs to a trunk port.
A trunk port works with multiple VLANs. It adds VLAN information to frames before forwarding them. Since it attaches VLAN information to frames, the device connected to it must understand VLAN concepts. You can attach a switch or a router to a trunk port.
Administrators use trunk ports to connect switches in a multi-VLAN environment.
Differences between an access link and a trunk link
The following table lists the differences between an access link (or port) and a trunk link (or port)
| Access link (or port) | Trunk link (or port) |
| It connects an end device to the switch. | It connects a switch or a router to the switch. |
| It works with a single VLAN. | It works with multiple VLANs. |
| It removes all VLAN information from frames before forwarding them. | It adds VLAN information to frames before forwarding them. |
| By default, all switch ports work as access ports. | By default, no switch port works as a trunk port. |
| It carries the traffic on a single VLAN. | It carries the traffic of many VLANs. |
You can only configure a switch port to be either an access port or a trunk port—not both. So you’ve got to choose one or the other and know that if you make it an access port, that port can be assigned to one VLAN only. And if you make it a trunk port, you need to add a device that understands VLANs on the other end of it.
This tutorial is a part of the tutorial series on VLAN, VTP, and DTP Concepts and Configurations on Cisco Routers. Other parts of this series are the following.
Chapter 01 VLAN Basic Concepts Explained with Examples
Chapter 02 Advantages and Disadvantages of VLANs
Chapter 03 Static and Dynamic VLAN Membership Explained
Chapter 04 Access Link and Trunk Link Explained
Chapter 05 VLAN Tagging Explained with DTP Protocol
Chapter 06 DTP Modes and Protocol Explained
Chapter 07 802.1Q Native VLAN concept Explained
Chapter 08 Cisco Inter-Switch Link (ISL) Explained
Chapter 09 Trunk Tagging and Frame Tagging Explained
Chapter 10 VTP Modes and VTP Protocol Explained
Chapter 11 VTP Pruning on switches Explained
Chapter 12 VLAN Practice Lab Setup in Packet Tracer
Chapter 13 Configure VTP Server and Client in Switch
Chapter 14 VLAN Configuration Commands Step by Step Explained
Chapter 15 Router on Stick Configuration Explained
