Native VLAN

Anil Sharma · ‎02-10-2011

Hello All,

Can anyone help me understand what a Native VLAN is ??

Thanks.

sdheer · ‎02-10-2011

Hi Anil,

Kinldy look at the details below for Native Vlan concept explained with examples:

With 802.1Q, a trunk link can tag frames between devices that understand the
protocol. This allows for multiple VLANs to exist on a single topology.
Because 802.1Q is defined as a type of Ethernet frame, it does not require
that every device on a link speaks the 802.1Q protocol. Because Ethernet is
a shared media and more than two device could be connected on this media,
all devices on the link must still be capable of communicating even if they
do not speak the 802.1Q protocol. For this reason, 802.1Q also defines a
Native VLAN. A trunk port on a switch is defined to be in a Native VLAN, and
the 802.1Q trunk will not tag frames that are going out the port that came
in on any port that belongs to the same VLAN that is the Native VLAN on the
switch. Any Ethernet device would be capable of reading frames for the
Native VLANs. The Native VLAN is important on an 802.1Q trunk link. If both
sides of the link do not agree on the Native VLAN, the trunk will not
operate properly

A Native VLAN is nothing else than a default VLAN given that any port in a
(CISCO)switch has to assigned to one VLAN.

2. The control traffic (vtp/stp/pagp/dtp etc) is untagged and goes via vlan
1 which cant be prune or deleted. If the native vlan ona trunk is also
untagged how does the remote end determine which are contrl packets and
which are data packets belonging to untagged native vlan ?????

Answer:
------------
Once you change the native VLAN on the switch: say to 999 ( from the default
vlan 1 ) vlan 1 becomes tagged. Only the native vlan ( 999 ) is untagged.

3. By default the native vlan on a trunk is vlan 1 ? correct  whats the best
practice not to use this native vlan for trunking ?? I believe the
recommendation is just dont use vlan for anything at all so the only
traffic over that is switch control traffic ?? correct ??

Answer :
------------
By default Vlan 1 is the native vlan - it is not advisable
to use this for any other traffic. But once you change the native vlan to
say 999 then you can always use vlan 1 for regular traffic as well as this
will now be tagged, this vlan 1 can now be used as a normal tagged vlan. (
Only one vlan is untagged and that is the native vlan ).

Hope you find teh content useful

Regards,

Swati

Please rate if you find information helpful

Anil Sharma · ‎02-10-2011

Thanks for the information.

Few more simple questions:

If I have three switches connected to each other I have to configure native VLAN on all three?

A port in native VLAN can ONLY communicate with native VLAN port on another switch?

sdheer · ‎02-10-2011

By default all switches have native vlan as vlan 1.

If you are configuring native vlan as something other than vlan 1 then we would need to configure it across all switches in order to prevent native vlan mismatch.

A port in native VLAN can communicate with all vlans on other ports via trunk link.

Hope that helps.

Regards,

Swati

Please rate if you find content useful

Anil Sharma · ‎02-10-2011

Your reply was informative to me. Thanks

1 more thing

Suppose I havent configured any native VLAN, i am using the default VLAN1.

You mentioned a port in native VLAN can communicate with all other ports in different VLANs VIA TRUNK LINKS

What if I have only one switch which lets say have 2 ports one in VLAN 1 and another in VLAN 100. How will they communicate, using router only ?

sdheer · ‎02-10-2011

Hi,

In order to communicate between two vlans routing is necessary.

Therefore if it is a layer 2 device , we would need a layer 3 device ie a router in order to route between two vlans.

Regards,

Swati

Please rate if you find content useful

Latchum Naidu · ‎02-10-2011

Hi Anil,

Native VLAN is the VLAN that is same on 2 or more switches. any traffic not labeled with VLAN is by default assigned to NATIVE VLAN. as we know that over 2 Switches that are connected to eachother, all traffic must be VLAN Tagged, untagged traffic is by default assigned to NATIVE VLAN.

Heres an exampe:

You have a main switch, (3550, 3750) on the ground floor and access switches (2950, 2960, 3560, 3750, not really relevant) on the ground, first and second floors. Your network management VLAN in VLAN 5

Ground floor PCs are in VLAN 100, first floor in VLAN 101 and second in VLAN 102.

With the trunks you have connected these access switches to the core switch on the ground floor.

Place each trunk into a native VLAN, say 10, 20 and 30 respectively. This has to be done on both the core and the access switch ends, configuration as above. The default is VLAN 1.

Now you can issue the command Switchport trunk allowed vlan 5,100 on the trunk interfaces of the first access switch and the core switch, 5,101 on the second and 5,102 on the third.

This will ensure that on those VLANs are allowed acroos the trunk. Make sure you let your management vlan across and you can add ranges like 5-100.

If a trunk has a native VLAN configure at one end and not the other you will get a native VLAN mismatch warning at both ends.

If we use a trunk, we now have the concept of a native vlan. If we have the native vlan number assigned to access ports, both ends of our trunk port need to agree on what the native vlan is for communications within that vlan to work between the switches. As a switch receives frames on its access port, it determines the vlan membership.

Hope this clear you.

Please rate the helpfull posts.

Regards,
Naidu.

Anil Sharma · ‎02-10-2011

thanks Naidu for the detailed description

thanks Swati

sdheer · ‎02-10-2011

Hi Anil,

If your query is resolved please mark it as answered so that others could benefit from it.

Regards,

Swati