Native Vlan Question

Answered Question
Mar 24th, 2014
User Badges:

Good Afternoon,

 

I'm studying for my CCENT and I have a question on the following setup as I'm not sure how it works to be honest. The following is setup in production.

Cisco Switch 2960

Cisco Router 1841

 

On the switch vlan 1 is shutdown which from my understanding is the default vlan aka Native vlan. 

we have two other active vlans 100 data and 200 voice we use VOIP with Mitel phones.

The router has one Native vlan which is fa0/0 this interface is subbed out to fa0/.100 and fa0/.200.

Each subinterface on the router has 802.1q with the correct vlan enabled.

I know from the switch documentation a trunk port configured with 802.1q can receive tagged and untagged traffic and by default the switch forwards untagged traffice in the native vlan configured for the port and the native vlan is 1 by default.

Here is the crux of me not understanding: quick side note the pc's sit behind the phone. 

if vlan 1 has been disabled on the switch and a pc that sits on vlan 100 and that doesn't support 802.1q. Sends a packet out the trunk port, the trunk say's ok this is untagged so it must be using the native vlan and sends it to the router. The router get's this packet know's it's not tagged and say's it must be a member of the native vlan which is aslo 1. Since the packet comes in untagged and the router has 2 vlans that sit technically witin vlan 1 since it's subbed interfaced out it by default goes to 100? Because if a phone sent the packet it would be tagged with 200 and the trunk knows to send it to .200 interface.

I'm not sure if this reads the best but if you have any thoughts I would like to hear them.

 

Thanks,

 

Correct Answer by Jon Marshall about 3 years 4 months ago

It does depend on how the port is configured on the switch but if you have a "switchport access vlan 100" then yes the switch then knows the data traffic is meant to be in vlan 100.

You can have a PC NIC be in more than one vlan but the NIC needs to support tagging ie. the port would be configured as a trunk on the switch.

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jon Marshall Mon, 03/24/2014 - 14:02
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Since the packet comes in untagged and the router has 2 vlans that sit technically witin vlan 1 since it's subbed interfaced out it by default goes to 100?

The vlans are not technically within vlan 1, they are just separate vlans. The trunk port from the switch sends tagged traffic ie. vlan 100 or vlan 200 traffic and these go the relevant subinterface on the router.

The physical interface of the router could be used for untagged traffic (it would need an IP address) but any traffic it receives on that interface would not then be sent to the vlan 100 subinterface. The only traffic that goes to the vlan 100 subinterface is traffic that has been tagged with a vlan 100 tag on the trunk link.

Bear in mind the native vlan is vlan 1 by default but you can change the native vlan to be anything you want ie. we used vlan 999.

In terms of the PC and the phone it depends on how you have configured the port on the switch and also whether the phone is actually tagging the traffic from the PC. But if the switch received the traffic untagged from the PC and the native vlan was the default then it would have no way of knowing it was meant to send the PC traffic to the vlan 100 subinterface on the router. 

So something on your switch or the phone is allocating the PC packets into vlan 100 so the switch then tags them with a vlan 100 tag and sends them to the router.

Jon

dcanady55 Mon, 03/24/2014 - 15:34
User Badges:

Thanks Jon,

I believe I was over thinking it. I want to expand on this to make sure my thinking is correct.

In the scenario above the pc sends a packet and the port only has two vlans data and voice and since the packet is not voice based it knows it's data and tags it as vlan 100? Then sends it over to the router who then knows which vlan it goes to based on the tag. I wasn't taking into consideration the source of the packet earlier.

My other question is could you have one pc with one nic plugged into a port and be on two vlans at the same time? I wouldn't think you could but wanted to be sure.

 

Thanks,

Correct Answer
Jon Marshall Tue, 03/25/2014 - 04:48
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

It does depend on how the port is configured on the switch but if you have a "switchport access vlan 100" then yes the switch then knows the data traffic is meant to be in vlan 100.

You can have a PC NIC be in more than one vlan but the NIC needs to support tagging ie. the port would be configured as a trunk on the switch.

Jon

Actions

This Discussion