Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Network Management triffic and VLANs

How does one assign a network management traffic (rip, BPDUs, CDP, etc.) to a VLAN? I know to assign a computer to a VLAN, you simply add the port in that VLAN, but what I do not understand is adding network traffic to VLAN when they do not have ports. I have read countless documentations about uses of VLANs, and it was mentioned in several of the documentations that you can separate network management traffic by putting them in VLANs.

Any help will be appreciated.

6 REPLIES
VIP Super Bronze

Re: Network Management triffic and VLANs

Hi,

By default control traffic protocols like CDP, BPDU, VTP, PAGP, etc use VLAN 1, even when this VLAN is cleared from the trunk. But no user traffic is send using VLAN 1

HTH

Reza

http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a0080890613.shtml#topic13

Hall of Fame Super Silver

Re: Network Management triffic and VLANs

Hello Morris,

in practice

1 vlan <=> 1 IP subnet

in modern designs

having separate Vlans for management provides:

more security you can avoid users to be able to access network devices

a chance to connect to devices when troubles affect client vlans.

>> but what I do not understand is adding network traffic to VLAN when they do not have ports

a trunk port is a member of all vlans that are permitted over it so you don't need access ports on a device to have it to take part in a vlan.

Access ports can be on access layer switches for client vlans.

Hope to help

Giuseppe

New Member

Re: Network Management triffic and VLANs

say, you no longer want your management vlan to be VLAN1, so you create VLAN25 for just management traffic, how to you assign the triffic to that VLAN? i know fow a trunk you can just allowed the traffic with this command ==switchport trunk allowed vlan add 5,6,2==. but how do you do this without the trunk?

Hall of Fame Super Blue

Re: Network Management triffic and VLANs

Depends what you mean by management traffic. If you mean the vlan used to remotely login to switches to adminster them just make sure that no user end devices are allocated into that vlan ie. only switches should be allocated IP addresses from this vlan.

As for CDP, PagP, VTP, well these will still be sent on vlan 1 and you can't change this but what you can do is make sure that no devices are allocated into vlan 1 so no device anywhere is allocated an IP address from vlan 1 subnet.

Jon

Hall of Fame Super Silver

Re: Network Management triffic and VLANs

Hello Morris,

the idea is to use

Vlan 25 just for management ip addresses of switches and routers.

other vlans 30, 35, and so on for client vlans.

L2 trunks are the best solution for interconnecting switches

the alternative is to use access ports = 1 link for each vlan and it is not scalable at all.

Hope to help

Giuseppe

New Member

Re: Network Management triffic and VLANs

thanks everybody, i think i got it know.

236
Views
0
Helpful
6
Replies
CreatePlease to create content