Will Host A Be Able to Communicate with Host B?
Take a close look at the diagram:
Host A is connected to Switch A on VLAN 10.
Host B is connected to Switch B on VLAN 20.
The inter-switch link between Switch A and Switch B is not a trunk — it’s configured as an access port.
Both hosts are in the same IP subnet: 10.1.1.0/24.
So the big question is: Will Host A (10.1.1.10) be able to talk to Host B (10.1.1.20)?
The Explanation
At first glance, you might think the answer is no. After all, VLAN 10 and VLAN 20 are supposed to be separate broadcast domains. Without a Layer 3 device (router or Layer 3 switch) to perform inter-VLAN routing, traffic from VLAN 10 shouldn’t be able to reach VLAN 20.
But here’s the catch:
VLANs are locally significant to each switch. Switch A has no knowledge of VLAN 20, and Switch B has no knowledge of VLAN 10.
The link between Switch A and Switch B is configured as an access port, not a trunk. That means frames leaving Switch A are untagged when they traverse the link.
When those untagged frames arrive at Switch B, the receiving port is assigned to VLAN 20. Switch B therefore assumes all incoming traffic on that port belongs to VLAN 20.
Effectively, this means Host A’s traffic on VLAN 10 (Switch A) is reclassified into VLAN 20 (Switch B). Since both hosts are in the same subnet, ARP resolves successfully, and Host A and Host B can communicate.
👉 Yes, communication will succeed — but for the wrong reason.
The Learning
While Host A and Host B can talk, this design completely breaks VLAN segmentation. Instead of isolating VLANs, you’ve unintentionally collapsed VLAN 10 on Switch A into VLAN 20 on Switch B.
This kind of misconfiguration is surprisingly common and can lead to:
Security risks – traffic from one VLAN leaking into another.
Operational confusion – engineers expecting isolation when none exists.
Troubleshooting nightmares – inconsistent VLAN assignments across switches.
Key Takeaways
VLAN tagging happens only on trunk ports. Access ports always send and receive untagged traffic.
VLANs don’t magically extend across switches. Unless you use trunks, each switch treats VLAN IDs independently.
Plan your VLAN design carefully. Misconfigured inter-switch links can silently undermine your segmentation and security model.
Always double-check port modes. A single access port in the wrong VLAN can collapse your network isolation.
Final Thought
Yes, Host A and Host B can communicate in this setup — but not because VLANs are working correctly. They’re communicating because VLANs are misconfigured. As a network engineer, these “it works, but it’s wrong” scenarios are the ones to watch out for.
Thanks Imran, this was helpful especially the explanation of trunk function. My question is, even after assigning specific vlan to a host using different switches, the traffic will still not have vlan tagging? How will traffic flow outside an assigned vlan to another vlan?
Hi Ryan,
VLAN Tagging is a concept applicable to only the TRUNK links. In case the link between the two switches was TRUNK, then the communication would not have happened. But since its an access port, traffic moves out of one switch and goes into the other without any of the switch detecting any anomalies.
Hope this helps.
Switch to switch connected in trunk port mode – so it will ping
no it wil not ping because it is in different vlans
Hi chaps!
What happens if I do the tagging on the PC?
Cheers, Michael
Normally the 2 Diff Valn means Its not communicate na then how its ping sir can u expalin the concept