Can a VLAN interface remain up/up without physical connection

Answered Question
Nov 27th, 2007
User Badges:

On a 4507 (IOS 12.2), I believe you need one physical port to be up in VLAN 5 for the VLAN Interface 5 to be up/up.

Is there any way to over-ride that default?

Jimmyc

Correct Answer by Edison Ortiz about 9 years 7 months ago

Vlan 5 as management network address and (let's say) Vlan 100 for the user Vlan.


If you are connecting from another physical segment (another switch, for instance) over a inter-switch link - it's the inter-switch link configured as trunk ? If so, Vlan 5 will be in forwarding state and the SVI will be up/up.


If the inter-switch link was to be configured as access-vlan 100, you couldn't connect to the management IP on Vlan 5 even if the SVI was to be up/up since the inter-switch link would contain Vlan5 tag packets - hence the need for the trunk.


I can only see an issue if you were to connect local to the switch and the switch didn't have any other connections active on Vlan 5 (no inter-switch links). On this scenario, implement loopback interfaces.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.5 (2 ratings)
Loading.
Edison Ortiz Tue, 11/27/2007 - 11:42
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

A trunk link carrying Vlan5 will also facilitate the up/up status.

jimmyc_2 Tue, 11/27/2007 - 12:11
User Badges:

Thanks Edison,

I understand you can use a trunk to bring up a VLAN interface, but in another companies forum, a member stated there was a way to universally disable this behavior. Sadly, he didn't have specifics. I don't know if it's possible or not, and a modest search on Cisco web sites was fruitless, as is often the case.

thanks.

Jimmyc

Edison Ortiz Tue, 11/27/2007 - 12:43
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

I found the command


switchport autostate exclude but is listed under the Cisco6500 family.


Please read the guidelines where it explains once again what is needed to have a SVI in up/up status.


http://www.cisco.com/univercd/cc/td/doc/product/software/ios122sx/cr/sxir_r/ir_s7sx.htm#wp1013106


Edit: Digging a bit deeper, this command actually does the opposite. For instance, you had 2 interfaces associated to a Vlan and the interface with the command mentioned above is the only one 'up', the SVI will go down

jimmyc_2 Tue, 11/27/2007 - 13:01
User Badges:

I applied the command on an ethernet interface, and it didn't work. I also tried to force the int up with the "loopback" command with and without the autostate exclude command. Still no joy.

andrew.butterworth Tue, 11/27/2007 - 14:06
User Badges:
  • Gold, 750 points or more

Why do you want this behaviour? If all ports in that VLAN are down then how do you expect to communicate with it? If it's an access switch running only at Layer-2 (i.e. your Distribution Layer is the first-hop Layer-3 router for the VLAN's) then it won't go down anyway unless the access-to-distribution links break. At which point it has no way of communicating anywhere anyway?


It might be worth explaining why you want this behaviour as there could be other solutions - i.e. loopback interfaces.


HTH


Andy

Edison Ortiz Tue, 11/27/2007 - 18:32
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Jimmy,


if you see my 'edit', the command is not suppose to work.


I couldn't delete my posting so I basically added more information on why that command did the opposite of what you wanted.


In short, I will echo Andrew's question and tell us on which situation you want a SVI up/up while no ports are active - you can't get to the switch anyway...

jimmyc_2 Wed, 11/28/2007 - 05:55
User Badges:

We use VLAN interface 5 as our network management address, similar to a loopback. When first configuring the switch, we assign a vlan 5 interface IP address, but we can't ping it or do other testing from the console until we plug in a trunk or access port onto vlan 5.

Correct Answer
Edison Ortiz Wed, 11/28/2007 - 08:19
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Vlan 5 as management network address and (let's say) Vlan 100 for the user Vlan.


If you are connecting from another physical segment (another switch, for instance) over a inter-switch link - it's the inter-switch link configured as trunk ? If so, Vlan 5 will be in forwarding state and the SVI will be up/up.


If the inter-switch link was to be configured as access-vlan 100, you couldn't connect to the management IP on Vlan 5 even if the SVI was to be up/up since the inter-switch link would contain Vlan5 tag packets - hence the need for the trunk.


I can only see an issue if you were to connect local to the switch and the switch didn't have any other connections active on Vlan 5 (no inter-switch links). On this scenario, implement loopback interfaces.


Actions

This Discussion