Solved: VLAN removed prior to moving ports to another VLAN, shutdown? how to check ?

AdamBudzinski · ‎02-04-2016

hello guys,

yes, me again :D

CISCO Catalyst 2960 switch.

I' running the following commands:

S1(config)#int fa 0/24

S1(config-if)#swit

S1(config-if)#switchport mo

S1(config-if)#switchport mode ac

S1(config-if)#switchport mode access

S1(config-if)#swi

S1(config-if)#switchport acc

S1(config-if)#switchport access vl

S1(config-if)#switchport access vlan 111

% Access VLAN does not exist. Creating vlan 111

S1(config-if)#

S1#show vlan brief

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/7, Fa0/8, Fa0/9

Fa0/10, Gig0/1, Gig0/2

10 Student active Fa0/6, Fa0/22, Fa0/23

20 Faculty active Fa0/11, Fa0/12, Fa0/13, Fa0/14

Fa0/15, Fa0/16, Fa0/17, Fa0/18

Fa0/19, Fa0/20, Fa0/21

99 Management active

111 VLAN0111 active Fa0/24

1002 fddi-default active

1003 token-ring-default active

1004 fddinet-default active

1005 trnet-default active

Next I'm deleting the VLAN 111 but after running the show vlan brief command I cannot locate the fastEthernet port 0/24 ....

S1(config)#no vlan 111

S1(config)#exi

S1(config)#exit

S1#

%SYS-5-CONFIG_I: Configured from console by console

S1#sh

S1#show vl

S1#show vlan bri

S1#show vlan brief

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/7, Fa0/8, Fa0/9

Fa0/10, Gig0/1, Gig0/2

10 Student active Fa0/6, Fa0/22, Fa0/23

20 Faculty active Fa0/11, Fa0/12, Fa0/13, Fa0/14

Fa0/15, Fa0/16, Fa0/17, Fa0/18

Fa0/19, Fa0/20, Fa0/21

99 Management active

1002 fddi-default active

1003 token-ring-default active

1004 fddinet-default active

1005 trnet-default active

I know best practice would be to move the ports to another VLAN first but I'm just curious so I started to google and found this:

"When you delete a specified VLAN, the ports associated to that VLAN are shut down and no traffic flows. However, the system retains all the VLAN-to-port mapping for that VLAN, and when you reenable, or recreate, the specified VLAN, the system automatically reinstates all the original ports to that VLAN."

Why do they say that the ports associated to that VLAN are shut down? When running show ip interface brief I can see the port is not in shutdown state

FastEthernet0/24 unassigned YES manual up up

I next tested it with 2 PC's in same VLAN, removed the VLAN and ping failed in both directions so it's true that no traffic is flowing.

I was checking also with #show port-security interface fastEthernet xxx but from what i've found "If there is nothing plugged into the port or if port security is disabled it will show secure-down. "

Any ideas?

Help is more than welcome !

Best regards

Adam

Is there anyway to see that the "ports associated to that VLAN are shut down".

Cisco Freak · ‎02-05-2016

Unless you move it a different VLAN, the switchport believes it to be a part of the deleted VLAN.

CF

View solution in original post

Jon Marshall · ‎02-05-2016

Adam

The only reference I could find for your original quote about ports being shut was for Nexus switches.

I haven't used Nexus but it is worth remembering that not all switches behave the same way.

The key thing is no traffic will flow through that port unless it is allocated to a vlan that exists in the vlan database.

Jon

View solution in original post

Cisco Freak · ‎02-04-2016

Can you please check the confiuration of the switchport Fa0/24. It might be still have the configuration pointing to vlan 111.

You have to move it to a different VLAN to see in the vlan brief output.

CF

AdamBudzinski · ‎02-05-2016

Hi Cisco Freak,

Switch#show interfaces fastEthernet 0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 111 (Inactive)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none

But why they say that the ports associated to that VLAN are shut down. It's just wording ?

Best Regards

Adam

Cisco Freak · ‎02-05-2016

Unless you move it a different VLAN, the switchport believes it to be a part of the deleted VLAN.

CF

Jon Marshall · ‎02-05-2016

Adam

The only reference I could find for your original quote about ports being shut was for Nexus switches.

I haven't used Nexus but it is worth remembering that not all switches behave the same way.

The key thing is no traffic will flow through that port unless it is allocated to a vlan that exists in the vlan database.

Jon

AdamBudzinski · ‎02-06-2016

Jon,

That's a valid point.

In fact it's for Nexus switches. It was pretty late I didn't pay attention to the documentation.

Thank you all your comments!

I really appreciate it.

Best regards

Adam

Madhukrishnan Gopinathan Nair · ‎02-05-2016

Can you please let me know which cisco doc you see this? Is it for IOS or NX-OS?

I have not seen it recently, but If I remember on NX-OS it may mark the interface as inactive if you don't have the vlan. But on IOS, it will remain up, but it do not know where to forward the traffic and it will get dropped.

Hope this helps.

Madhu.

AdamBudzinski · ‎02-06-2016

Hello,

There you have it:

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/CLIConfigurationGuide/VLANs.pdf

thank you for you comment!

Best regards

Adam