Native VLAN: (Dot1q trunk links)

colmgrier · ‎01-21-2009

Switches in the network are using VLan:100 as the management VLAN, with a SVI configured on all switches.

VLAN:1 SVI is shutdown on all switches security)

Q. What native VLAN should I use for the dot1q trunk links? What is the advantage/disadvantage (Cisco best practice) for using VLAN:100 or the default VLan:1 as the native VLAN.

Please advice

### Switches ###

management interface VLAN:100

Core SW: 10.100.0.1/24

Edge SW1: 10.100.0.10/24

Edge SW2: 10.100.0.20/24

interface vlan 1

description "shutdown"

shutdown

interface vlan 100

description "MGMT"

ip address 10.100.....

vlan 100

name MGMT

### Option 1 ###

interface g0/1

switchport trunk encapsulation dot1q

switchport mode trunk

no shutdown

### option 2 ###

interface g0/1

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk native vlan 100

no shutdown

Jon Marshall · ‎01-21-2009

Colm

Cisco best practice is to use a completely separate vlan for the native vlan ie. the native vlan should not be

1) vlan 1

2) your management vlan

3) any vlan with end user devices in it

So create a new unused vlan (we used to use vlan 999 at my last place of work). Do not create a L3 SVI for it because it doesn't need one. And then configure this as the native vlan on your trunk links.

Jon