Per Vlan Management IP@

Unanswered Question
Feb 2nd, 2009

For an L2 switch is it possible to define one IP@ for each vlan used on that switch ?

And best practice is to use one single IP@ for management of an L2 switch or one IP@ per vlan ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.5 (2 ratings)
Loading.
Tshi M Mon, 02/02/2009 - 07:36

A layer 2 switch will typically have one IP address for management.

Regards,

Giuseppe Larosa Mon, 02/02/2009 - 07:45

Hello,

a l2 switch can have only one management vlan.

I saw this on C2950 when you define a second SVI the first one is put in shudown.

if you enable the one disabled the second is shutted.

if the device is L3 capable but acts as a L2 switch it could have multiple SVIs but there is no need for this as Etienne noted

Hope to help

Giuseppe

badalam_nt Mon, 02/02/2009 - 07:50

And is it recommended to always use vlan 1 for defining management IP@ ? Or better a separate dedicated vlan, which is not used for any other traffic except for remote connection to the switch?

Tshi M Mon, 02/02/2009 - 07:55

I usually avoid to use VLAN1 and create a specific VLAN for management.

Regards,

Giuseppe Larosa Mon, 02/02/2009 - 08:17

Hello Badalam,

use only one different from Vlan 1 and different from vlans where end users connect.

The suggestion is that every campus should have a dedicated management vlan to reach all devices.

This is for telnet/ssh and snmp, syslog and so on.

using vlan1 is not recommended for security reasons.

Having a dedicated management vlan can help keep devices reachable while there are problems on user vlans

Hope to help

Giuseppe

glen.grant Mon, 02/02/2009 - 09:12

Vlan1 is also used for control plane traffic such as cdp , vtp etcc so it is better not to run production traffic across vlan 1. It can be any other vlan.

Actions

This Discussion