NATIVE VLAN

Unanswered Question
May 8th, 2007
User Badges:

gusy just confused abt this concept abt Native Vlan........by default vlan 1 is a native vlan......so what native Vlan is.....i have tried to search online and its says that packets are not tagged on native Vlan that the diferrence.....what does that statement means.......so the managment vlan shd always be a native vlan.....or what....or if i want to make another vlan as a managment vlan which command shd i pout........i m not getting my concept clear abt this native thing....can normal vlan can be anative vlan....please help.....thanks in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Tue, 05/08/2007 - 05:22
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


The native vlan is the vlan in which packets are not tagged. It is there to allow 802.1q interoperability with 802.3 ports.


You should not leave your native vlan as vlan 1. Nor should you use the management vlan. Best practice is to use an unused vlan that has no switchports allocated to it and has no layer 3 SVI associated with it so that it is not routable. We use vlan 999 in our datacentres for the native vlan on trunk links.


You can make any vlan the native vlan but as stated best to use a totally separate vlan for this purpose.


Attached is a link to 6500 vlan security which covers the concept of the native vlan and the problems associated with it.


http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml#wp39211


HTH


Jon

Actions

This Discussion