Behaviour of untagged traffic on TRUNK and ACCESS VLAN ports I have a situation where I have a switch with 2 vlans, that needs to connect to an upstream router -- which does not and will not know abut my VLANS (this i...--prophetes.ai

Behaviour of untagged traffic on TRUNK and ACCESS VLAN ports I have a situation where I have a switch with 2 vlans, that needs to connect to an upstream router -- which does not and will not know abut my VLANS (this is in a datacenter, where I cant change this directly). I have 2 vlans: 1. VLAN 1 - Internal management traffic 2. VLAN 24 - External traffic Essentially, I want the port which connects upstream to 1. Assign untagged incoming traffic as VLAN 24. 2. Untag all outgoing traffic (only VLAN24, VLAN1 can be dropped). I have read many conflicting things online as to what happens when untagged traffic arrives on an ACCESS or TRUNK port. How does this behave for each? I currently have this set to ACCESS UNTAGGED with a PVID of 24. Is this correct?

As Adam stated, generally in a well designed network, you should not be receiving untagged frames on a trunk port. Based on your description, you only want and expect to send and receive VLAN 24 on the uplink port. Thus, configure the port as an access port in VLAN 24:

interface gig0/1
switchport access vlan 24

If for whatever reason this needs to remain a trunk port, but you still only want VLAN 24 (untagged), then configure as a trunk, but set the native VLAN to 24:

interface gig0/1
switchport trunk encapsulation dot1q !may not be necessary depending on hardware
switchport mode trunk
switchport trunk native vlan 24