cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
631
Views
10
Helpful
7
Replies

Native VLAN Help

jonhill
Level 1
Level 1

We are just about to start re-addressing our network and at the same time we're looking at breaking the network up into 6 VLAN's and stop using VLAN 1.

Currently on the edge switches we use VLAN 1, 2 (VOICE), 7 (Management) & 50 (Radiology) and originally we were just going to add switchport access vlan x to any ports that don't currently already have a VLAN assigned except for voice. This would mean a manual command entry for each interface.

I remember from a while ago that you can change the Native VLAN so it saves having to enter a command for every interface.

Which is the correct way of doing this manual input or changing the Native VLAN?

Thanks

Jon

7 Replies 7

Jon Marshall
Hall of Fame
Hall of Fame

Jon

Could you just explain what you mean by changing the native vlan saves having to enter a command for every interface ?

Best practice from Cisco recommends having an unused, non-routed vlan for the native vlan.

Don't forget the "interface range .." command on most IOS switches can save a lot of typing.

Jon

Jon

I thought that the native vlan command was a global command but after a bit more investigation it has to be entered into each interface so its no different than using switchport access vlan x.

Thanks

Jon

Marwan ALshawi
VIP Alumni
VIP Alumni

u only need to change the native vlan on the uplinks (trunk links)

with the command

switchport trunk native vlan [vlanID]

this vlan will be passed untaged throughout the network and be care that any mismatching of native vlan between two switches make unexpected problem make it the same on all ur switches better

if u have more than one trunk interface do the folloing

interface range fastethernet 0/1 - 5

switchport trunk native vlan [VLANID]

good luck

if helpful Rate

If then that you change the native on the uplink and other interfaces are say on vlan 50 but the devices are are not sending tagged traffic will these interfaces get re tagged to the native vlan or willdo as they do now and just use vlan 50?

Thanks

native vlan usually used for managment and carring control traffic like bpdu,stp and so on

on the trunk the vlans passed with vlan taging except the native vlan passed untaged

for best practces do not assigne hosts to native vlan just use for managment for example telnet to the switch !!

hope this helpful

Another best practice to be sure you are using is to make sure all unused ports are set to access mode and non-negotiate. Another step I take, is to create a local vlan that is not used. Then I assign non-used ports to that vlan and then dis-allow that vlan down any of my trunk ports.

Hi,

I'd say a really safe approach is not using native VLAN for any data traffic including switch management.

See http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml#wp39211

BR,

Milan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco