Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
416
Views
0
Helpful
7
Replies

Question abount VLANs again

Go to solution
John Blakley
VIP Alumni
VIP Alumni

‎10-16-2008 07:04 AM - edited ‎03-06-2019 01:58 AM

Okay,

I'm about to move several devices to another vlan. My question is this:

If I trunk a port for vlans 1 and 125, and if a device is connected to that port, yet we have NO clue what the device is or where it's at, it's still going to come in on vlan 1 if I can't specify on the device what vlan to use, correct? In order for me to tell it what vlan to use, I'd have to make that port an access port. Am I correct?

In other words, if I have a device on 10.125.125.50 and I trunk the port, yet I move the ip address 10.125.125.1 on the switch to the SVI, the device won't be able to see that SVI unless I tell it someway to come in on that new vlan, right?

Thanks!

HTH, John *** Please rate all useful posts ***
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to John Blakley

‎10-16-2008 01:43 PM

John

I think i understand what you are getting at (sure you'll let me know if not !!)

I don't have anything to test on but the first thing is i don't think if you connect a single device to a port configured as a trunk port that you will get any connectivity.

If the port did come up then the device would send untagged packets and so these would be on the native vlan of the trunk port so that is the vlan they would come in on.

But as i say, never tried connecting non-trunking device to a trunk port.

Jon

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Sebastian Helmer
Level 5
Level 5

‎10-16-2008 10:30 AM

I'M not sure if I understan you.

You can change the native vlan of the port to what you want.

"switchport trunk native vlan XYZ"

So the all untagged frames will go over this VLAN, like on a access port.

would this help?

0 Helpful

Go to solution
John Blakley
VIP Alumni
VIP Alumni
In response to Sebastian Helmer

‎10-16-2008 10:44 AM

No, I understand that part. I have the following situation:

If I have 2 vlans (1, 125) and the native is 1, and I can't tell the device WHAT vlan to go out on other than making that device an access port, yet it NEEDS to be on that VLAN, because I haven't told the device that "you're connected to vlan125", it's going to go out on one. And if that device's IP is on the vlan125 subnet, then it won't see it until the port is converted to an access port of vlan125 or I tell the device that it's a member of that vlan.

--John

HTH, John *** Please rate all useful posts ***
0 Helpful

Go to solution
Istvan_Rabai
Level 7
Level 7

‎10-16-2008 10:42 AM

Hi John,

If you move 10.125.125.1 to the SVI, then for end hosts you need to configure your physical switchport a layer2 access port like this:

interface fa0/1

switchport

switchport access vlan xx

The port will send and receive untagged frames that your PC will understand and it will be in vlan xx.

You will need to configure the SVI interface IP address as the default gateway for the PC.

If you leave the port as a layer2 trunk, then your PC will understand frames from the native vlan of the trunk port (untagged frames).

In other words, the PC will be automatically put into the vlan which is defined as the native vlan for that trunk port.

Cheers:

Istvan

0 Helpful

Go to solution
FiLeinster
Level 1
Level 1

‎10-16-2008 12:58 PM

I think what you're asking is can a port be a member of two VLANs without making it a trunk?

Simple Answer: no, absolutely not!

More accurate answer: usually no, unless you introduce policy based VLANs via a VMPS (additional HW box). You can then let the MAC address be the VLAN decider, but that MAC is still only in one VLAN.

Any node on the network has to be in exactly one VLAN. The only excpetion to this is a trunk, which is usually limited to switches, or a 801.2q aware server!

0 Helpful

Go to solution
John Blakley
VIP Alumni
VIP Alumni
In response to FiLeinster

‎10-16-2008 01:38 PM

Not exactly. I don't know how to explain it by typing.

Let's try this:

Camera: 10.100.100.50 GW: 10.100.100.1

Switchport for camera is NOT an access port

Switch SVI: VLAN100:10.100.100.1

Since I didn't configure the camera's port as an access port, and I didn't configure the camera to be a certain vlan, won't the camera go out as VLAN 1? It won't even be able to see the SVI on the switch even if it's a trunked port because it's tagging its traffic as UNTAGGED because it has no clue that the address moved, right?

I'm sorry that this isn't coming across clear....

--John

HTH, John *** Please rate all useful posts ***
0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to John Blakley

‎10-16-2008 01:43 PM

John

I think i understand what you are getting at (sure you'll let me know if not !!)

I don't have anything to test on but the first thing is i don't think if you connect a single device to a port configured as a trunk port that you will get any connectivity.

If the port did come up then the device would send untagged packets and so these would be on the native vlan of the trunk port so that is the vlan they would come in on.

But as i say, never tried connecting non-trunking device to a trunk port.

Jon

0 Helpful

Go to solution
John Blakley
VIP Alumni
VIP Alumni
In response to Jon Marshall

‎10-16-2008 01:47 PM

That's what I thought :-)

Well, the "reason" behind it was my management is saying "Well, if we don't know what it is we can just trunk it." I told them that it didn't work that way, but I wanted to get clarification.

Thanks!

John

HTH, John *** Please rate all useful posts ***
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card