jorg.ramakers Thu, 11/13/2008 - 03:11
User Badges:

Hi Vinothlb1,

A managementvlan is a vlan where you do management of you switches / routers / network devices. Via this vlan you do the telnet / http sessions, snmp traffic is sent via this vlan. You can configure to do the vtp updates via this vlan. If you don't do extra configuration most of the switch packets like vtp/cdp are flowing over vlan 1.



andrew.butterworth Thu, 11/13/2008 - 03:46
User Badges:
  • Gold, 750 points or more

A Management VLAN is now a bit of a loose description. Previously switches were only Layer-2 and couldn't 'route' packets between VLANs - this was the job of Core Routers where your VLAN trunks would terminate. These Layer-2 switches however still required remote management - i.e. an IP interface you can telnet to, send SNMP requests to, receive SNMP traps & Syslog from etc. It is the entry point to the management interface of the switch. It was previously best practise to keep this interface on a separate VLAN than User traffic.

Now however having flat layer-2 switched networks is not the way you should be deploying campus networks as they simply aren't scalable and since 99.9% of traffic is IP is can be routed as quick as it can be layer-2 switched.

With Cisco switches control-plane traffic such as DTP, VTP & PaGP is ALWAYS sent on VLAN trunks with a tag of 1 and this cannot be changed. Management traffic (traffic to the Managment Interface of the switch) is sent on whatever VLAN you happen to have an SVI that is reachable on the switch. With Layer-2 only switches only one SVI can ever be active, with Layer-3 switches you can have multiple active SVI's since it is effectively a router.

Have a read of the Campus SRND's -




This Discussion