parking vlan

Unanswered Question
Jun 15th, 2008

how do I Place all unused ports in a parking vlan,wich is dedicated to grouping unused ports until they are proactively placed into service .

This is part of Switch security .. I know I can execute the shut command and that should do it , but I needed to learn more


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.6 (7 ratings)
n.nandrekar Sun, 06/15/2008 - 09:26


All switchports are by default members of the native vlan (vlan 1 in cisco). You can call that as a parking vlan if you want :).

If you want a seperate vlan you can create it and then tnter into the interface configs to make all the ports as access of that vlan. You could use the "interface range xxxx" command to configure multiple interfaces at the same time.



cisco steps Sun, 06/15/2008 - 10:43

I think there is more to it then that for security. I know they all members of vlan1 .. on my notes it says other way to secure port is to place them to parking vlan " if parking vlan= vlan1 then why they mentioned that you can place them there if the are members by default" hehe :-)

Thanks Niranjan

thotsaphon Sun, 06/15/2008 - 11:13


As Niranjan mentioned,Seems you want to put the unused ports into the vlan,Called Parking vlan. It should be fine to do that way. Just make that vlan and no need to make the vlan interface for routing. Then shutting those ports down. I wouldn't use vlan 1 for parking or management devices(Vlan management).



foxbatreco Sun, 06/15/2008 - 12:45

This type of unused vlans lot are to be placed in a random far off vlan.

Create a vlan which is different from ur current group of vlans.Say Vlan 905 and assign all unused interfaces onto this vlan.

By default Vlan 1 ( native vlan) accomodates all unused interfaces.But its always better from security perspective to assign different vlan to unused ports.

Pls rate if this helps!!!

glen.grant Sun, 06/15/2008 - 15:37

Put all unused ports into a dummy or parking vlan that is not used for anything . then put that vlan into suspend mode and it will not pass data. I think any ports in that vlan will show inactive then if you look at it via show interface status". .

cisco steps Mon, 06/16/2008 - 05:04

hey Thanks alot for making things clear to me. now it makes more since on how to do it and why to do it... again Thanks to all of you//



This Discussion