cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1581
Views
0
Helpful
9
Replies

Switch ports - vlan and native vlan

billyclift
Level 1
Level 1

How do you associate a switchport a vlan and not be a part of the native vlan?  If thats not possible can you segment a port and make it a member of a single vlan that is not the navtive/default (1) vlan?

1 Accepted Solution

Accepted Solutions

Reza Sharifi
Hall of Fame
Hall of Fame

By default every port is part of vlan 1 (native vlan). If you don't want a port to be in vlan 1 than you can simply create a new vlan (10) and call it the native vlan.

HTH

View solution in original post

9 Replies 9

Reza Sharifi
Hall of Fame
Hall of Fame

By default every port is part of vlan 1 (native vlan). If you don't want a port to be in vlan 1 than you can simply create a new vlan (10) and call it the native vlan.

HTH

How do you get untagged traffic (computer traffic) to vlan10 vs the native vlan 1?

A VLAN access port, is generally untagged.  Only when you have multiple VLANs using the same port do you need tags to identify what traffic logically belongs to which VLAN.

On Cisco, the native VLAN is untagged on ports that have other tagged frames.  Basically, since there is no frame tag for some packets, a Cisco switch will assume they are part of VLAN 1 unless you've configured otherwise.

Again, if the port isn't carrying multiple VLAN traffic, there's no need to tag frames, as they all belong to the port's VLAN assignment (VLAN 1, by default).

Do you set Vlan 10 to your native vlan and all untagged traffic will go to that vlan 10?

Yes, if its ingress traffic to a Cisco trunk port.

Egress traffic, on the such a trunk port, from VLAN 10, will not be tagged.  BTW, if there was VLAN 1 traffic, when native VLAN has been switched to VLAN 10, it would be tagged as VLAN 1.

billyclift
Level 1
Level 1

I have a 48 port switch and need to separate computer traffic from voice traffic.  I want the computers on the native vlan and phones on vlan 20 for example.  How would I configure/segment (port 48) the port for the voice ISP (which is not tagged traffic) to only have access to vlan 20 with no access to the native vlan?

You configure some ports as access ports for VLAN 20, and connect your phones to them.

User, non-VoIP ports, you configure as access ports to, but allow them to default to VLAN 1.

As long as you connect PCs to VLAN 1 ports and VoIP phones to VLAN 20 ports, they will not, by default, intermix, and neither will require tags.

The computers and phones will share a single port on the switch, the are daisy changed on the phone/computer end.  The phone traffic will be tagged for Vlan 20.  Computer traffic will be untagged and go to the default vlan.  Each port will be configured to support both VLANs. Do the ports need to be in trunk mode or access mode.  I'm also using non-cisco phones, not sure if I need the cisco voice vlan command or not? 

Later Cisco switches support an interface having voice VLAN defined along with the usual access VLAN.  This allows two VLANs to share a port.  The voice VLAN uses tagged frames.  (Basically, this configuration is like defining a trunk port with only two allowed VLANs, one for data, as native, and the other for voice.)

e.g.:

interface [% INTERFACE %]
 description [% INTERFACE-DESCRIPTION %]
 switchport
 switchport mode access
 switchport access vlan [% VLAN-ID %]
 switchport voice vlan [% VOICE-VLAN-ID %]
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco