Thank you all again so much for your generous help.
This is a lot to take in. I clearly did not (possibly still don’t) have a correct understand of VLANS.
I understand VLANs segment (or create) networks on layer 2 (Data Link), thereby making each VLAN function as if it were a different physical LAN (whereby a router would be needed to pass traffic between the VLANs).
VLANs use tags (bits added to an ethernet frame (or packet)) that specify the VLAN ID (e.g., 0, 10, 20, 100, etc.) of the frame.
When a device such as a PC sends out a frame that does not have a VLAN tag the frame is an UNTAGGED frames.
When a device such as a switch or router (or other VLAN-aware devices) sends out a frame with a VLAN tag the frame is a TAGGED frame.
All frames with the same ID comprise a single VLAN.
An ACCESS port is used for devices that send and receive UNTAGGED frames. That same port will have a default ID – that is, that port will have a single VLAN ID.
Trunk ports have multiple IDs assigned to them. One ID is the NATIVE VLAN which passes traffic of frames that do not have a tag (and therefore do not have an ID). Frames with IDs matching the other IDs assigned to the trunk port are passed.
Different IP subnets (layer 3 --Network) are commonly used to facilitate routing between VLANs.
Therefore, when configuring VLANs on a switch, we set the following for each port:
VLAN MODE [Optional, Enabled, Disabled, Strict]:
RX VLAN MODE [Any, Only Untagged, Only Tagged]: This determines whether the switch will accept (allow in) frames that either have and/or don’t have VLAN tags.
DEFAULT VLAN ID [VLAN number]: Assigns ID to any untagged frames that arrive at the switch.
Therefore, any VLAN-UNAWARE devices (devices that do not attach or recognize VLAN tags) must be connected to ACCESS ports, and frames arriving at and sent from these switch ports will effectively be assigned the DEFAULT VLAN ID. That means that if port 1 is an access port with a DEFAULT VLAN ID of 10, and port 2 has a DEFAULT VLAN of 20, the VLAN-UNAWARE devices each plugged into ports 1 and 2 will not be able to communicate.
I am still confused about how VLAN membership comes into play.