10-25-2012 07:14 PM - edited 03-07-2019 09:41 AM
Hey guys,
Quick question. I know it's not best practice but I have a network that currently all on VLAN 1 and can't be migrated to a new VLAN easily. Can I connect an access port in VLAN 1 to and access port on VLAN 20 on another switch? It's all the same subnet. I was seeing connectivity issues after doing this so I assume its not supposed to work.
Can I make this work?
Sent from Cisco Technical Support iPhone App
10-25-2012 08:35 PM
You have not supplied much detail about the switches and how they are configured. And there may be aspects of the configuration that are impacting this.
But on the face of it I would think that it should work. An access port is assigned to a VLAN but that is not indicated in the frames that it forwards. The access port just forwards normal Ethernet frames (and no tags etc with VLAN information). So I would expect that an access port in the first switch could communicate with an access port in the second switch without a problem, even if they are assigned to different vlans.
I wonder if there is some VTP issue or some negotiation issue that is impacting connectivity.
HTH
Rick
10-25-2012 08:52 PM
Theoretically no. You'll need a Layer 3 device (router or an L3 switch) for inter-vlan communication.
Sent from Cisco Technical Support iPhone App
10-25-2012 09:20 PM
Johnlloyd_13 is partially right...
VLAN 1 is a special and it has is special use (DTP, VTP, STP, CDP etc..).
Connecting an access port in VLAN 1 to and access port on VLAN 20 on another switch will result in no connectivty. If it was any other vlan than VLAN 1 on then it will work.
10-26-2012 12:53 AM
Hi Elton Babcock,
This wont work as it was rightly said by john, you need a Layer device to route the traffic.
10-26-2012 01:44 AM
Hi
I agree with Rick.
This will work, it is only normal l2 frames that will be transported, no tagged frames.
But be aware of what Sonny mentioned about control packets, it will be problem
vtp is only running on trunk ports, dtp can be turned off. cdp is a good idea to turn off, otherwise the switches will complain about "native vlan mismatch" although this is just an informational "error".
/Mikael
10-26-2012 04:40 AM
As long as it's not trunked it will work. If you plan on trunking then i would straighten out the mismatched vlans. Not sure why it would be a problem to switch your Vlan 1 switch to vlan 20 , it would take all of 2 seconds with the interface range command . Then everything would match up and be easier to troubleshoot and not be confusing to someone else looking at it .
10-26-2012 05:38 AM
Unfortunately I can't change the rest of the switches on this network from VLAN1. These switches also connect to switches that aren't managed by me and getting all of these switches to match would take a lot of coordination. Things were setup very poorly before I was assigned to this network.
Anyways the switches are a 2960 and a 2950. The 2960 would use a VLAN1 access port and the 2950 would use the VLAN20 access port. I am using VTP in transparent mode on both switches and will turn CDP off on those ports.
The isn't any routing that needs to take place between the two Vlans as it is all technically the same subnet just different VLAN numbers. Off of the VLAN 20 is a layer 3 NAT outside interface that I need users to access to get to a web server. This also is in the same subnet.
I just want to make sure I clear up anything such as control traffic like STP that might cause issues because of the different VLAN numbers.
Sent from Cisco Technical Support iPhone App
10-26-2012 08:40 AM
Hello Elton,
I agree with Rick and Mikael.
The proposed setup will work between access ports.
I did the same in the past some years ago to join two management Vlans and it worked.
STP is not an issue on access ports because the IEEE standard version of BPDUs is used on access ports and the standard version has no embedded info about the vlan for which the STP instance is running.
As recommended disable CDP on both sides, and DTP.
Hope to help
Giuseppe
10-26-2012 08:53 AM
Here is an article that somewhat pertains to your situation that addressed a similar issue for me. Its definatly not eligent but works. Just be careful.
http://technologyordie.com/moving-a-subnet-to-a-different-vlan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide