02-28-2010 10:17 AM - edited 03-06-2019 09:55 AM
Can someone please refresh me as to what the command is to change the Native VLAN for the entire switch? (IE: not just on the trunk, I mean the default native for the entire switch). Thanks
Solved! Go to Solution.
02-28-2010 10:36 PM
Can someone please refresh me as to what the command is to change the Native VLAN for the entire switch? (IE: not just on the trunk, I mean the default native for the entire switch). Thanks
Hi Steve,
By default, there is only a single VLAN for all ports. This VLAN is called default. You cannot rename or delete VLAN 1.
If you talk about a management VLAN is nothing more than a VLAN that is used for in-band management of your network switching devices. In order to configure this on a switch you need to create a Switch Virtual Interface (SVI) that is mapped to that VLAN and then assign that virtual interface an IP address. On a Cisco switch it would look like the following.
Interface Vlan99
ip address 192.168.1.1 255.255.255.0
no shut
I also want to make something very clear. Your management VLAN does not have to be the same as your Native VLAN. Matter of fact, it is good practice to make sure that they are different. Your management VLAN should only carry in-band management traffic and should not be the default VLAN. By in-band management traffic I am refering to SSH or telnet (although telnet is not recommended because it is not secure). Traffic such as BPDUs, PagP, CDP, use the native VLAN that is vlan 1.But if you change the native vlan then CDP/VTP/PagP will still use vlan 1 but the packets will be tagged.Only DTP uses the native vlan so if you changed the native vlan then DTP would use the new vlan to send frames.With PVST+ BPDUs obviously run on all vlans.
Hope to Help !!
If helpful do rate the post
Ganesh.H
03-01-2010 02:16 AM
Can someone please refresh me as to what the command is to change the Native VLAN for the entire switch? (IE: not just on the trunk, I mean the default native for the entire switch). Thanks
Steve
In addition to Ganesh's reply.
The native vlan is only relevant on an 802.1q trunk link. It is simply the vlan that does not have an 802.1q tag in the frames. And each trunk link can use a different native vlan although obviously this isn't recommended. So there is no global command to change the native vlan because it is trunk specific.
Jon
02-28-2010 10:36 PM
Can someone please refresh me as to what the command is to change the Native VLAN for the entire switch? (IE: not just on the trunk, I mean the default native for the entire switch). Thanks
Hi Steve,
By default, there is only a single VLAN for all ports. This VLAN is called default. You cannot rename or delete VLAN 1.
If you talk about a management VLAN is nothing more than a VLAN that is used for in-band management of your network switching devices. In order to configure this on a switch you need to create a Switch Virtual Interface (SVI) that is mapped to that VLAN and then assign that virtual interface an IP address. On a Cisco switch it would look like the following.
Interface Vlan99
ip address 192.168.1.1 255.255.255.0
no shut
I also want to make something very clear. Your management VLAN does not have to be the same as your Native VLAN. Matter of fact, it is good practice to make sure that they are different. Your management VLAN should only carry in-band management traffic and should not be the default VLAN. By in-band management traffic I am refering to SSH or telnet (although telnet is not recommended because it is not secure). Traffic such as BPDUs, PagP, CDP, use the native VLAN that is vlan 1.But if you change the native vlan then CDP/VTP/PagP will still use vlan 1 but the packets will be tagged.Only DTP uses the native vlan so if you changed the native vlan then DTP would use the new vlan to send frames.With PVST+ BPDUs obviously run on all vlans.
Hope to Help !!
If helpful do rate the post
Ganesh.H
03-01-2010 02:16 AM
Can someone please refresh me as to what the command is to change the Native VLAN for the entire switch? (IE: not just on the trunk, I mean the default native for the entire switch). Thanks
Steve
In addition to Ganesh's reply.
The native vlan is only relevant on an 802.1q trunk link. It is simply the vlan that does not have an 802.1q tag in the frames. And each trunk link can use a different native vlan although obviously this isn't recommended. So there is no global command to change the native vlan because it is trunk specific.
Jon
03-01-2010 07:30 AM
Thanks for the replies and great explanation.
05-22-2010 04:31 AM
Hi
While on this topic. I have been trying to trunk to 2960 switches and can't seem to get a proper connection. I am using packet tacer. The 1st switch already has a trunk port going to a router and the router has port is trunked and has sub ints for each of vlans 2 and 3 and each sub trunk has respective native encap vlan configured. My management vlan is vlan 3. And I don't have an int vlan1 only int vlan 3. The router and the 1st siwtch work fine. But now I am trying to get another trunk port with second switch. I configured both ints for trunking using native vlan 1. Now the links are in up state but both ends are not leds green, one is orange. And I have only int vlan 3 as with other switch and ip in same subnet as managment ip but cannot ping. Strange thing vtp info can pass but no connection to other switch vlans and router etc, only local connectivity. Plz help, below is the configs of the rotuer and two switches. It is switch 1 that is giving me beans to connect to the rest.
Router0
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname RouterA
!
!
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
!
!
username admin secret 5 $1$mERr$vPOtdREpWgzFVVY37SB2h/
!
!
!
!
!
ip name-server 0.0.0.0
!
!
!
!
!
!
interface Loopback0
description management
ip address 192.168.1.1 255.255.255.0
!
interface Loopback1
ip address 192.168.2.1 255.255.255.224
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.1
encapsulation dot1Q 1 native
ip address 192.168.3.1 255.255.255.0
!
interface FastEthernet0/0.2
encapsulation dot1Q 2
ip address 10.5.0.1 255.255.255.0
!
interface FastEthernet0/0.3
encapsulation dot1Q 3
ip address 192.168.4.1 255.255.255.0
!
interface FastEthernet0/1
description management
no ip address
duplex auto
speed auto
!
interface Serial0/0
ip address 172.16.1.1 255.255.255.252
!
interface Serial0/1
no ip address
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
!
interface FastEthernet1/1
no ip address
duplex auto
speed auto
!
router rip
version 2
network 172.16.0.0
network 192.168.1.0
network 192.168.2.0
no auto-summary
!
ip classless
!
!
access-list 1 permit 192.168.4.0 0.0.0.255
access-list 1 permit host 192.168.4.2
!
!
!
!
!
!
!
line con 0
line vty 0 4
access-class 1 in
password 7 08316C5D1A2E5505165A
login
!
!
!
end
Switch 0 (connected to Router 0)
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname SwitchA
!
no logging console
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
ip name-server 0.0.0.0
!
username admin password 7 08651D0A043C3705561E0B54322E2B3C2B063137324232064274
!
spanning-tree portfast default
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
switchport access vlan 3
!
interface FastEthernet0/6
switchport access vlan 3
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
switchport access vlan 2
!
interface FastEthernet0/14
switchport access vlan 2
!
interface FastEthernet0/15
switchport access vlan 2
!
interface FastEthernet0/16
switchport access vlan 2
!
interface FastEthernet0/17
switchport access vlan 2
!
interface FastEthernet0/18
switchport mode trunk
!
interface FastEthernet0/19
switchport access vlan 2
switchport mode access
!
interface FastEthernet0/20
switchport access vlan 2
!
interface FastEthernet0/21
switchport access vlan 2
!
interface FastEthernet0/22
switchport mode access
!
interface FastEthernet0/23
switchport access vlan 2
!
interface FastEthernet0/24
switchport mode trunk
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface Vlan1
no ip address
!
interface Vlan3
ip address 192.168.4.10 255.255.255.0
!
ip default-gateway 192.168.4.1
!
!
access-list 1 permit 192.168.4.0 0.0.0.255
access-list 1 permit host 192.168.4.1
line con 0
!
line vty 0 4
access-class 1 in
password 7 08316C5D1A2E5505165A
login
line vty 5 15
login
!
!
end
Switch 1 (connected to Switch0) (This is the second switch which I cannot get connected to rest of network properly)
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
switchport access vlan 3
!
interface FastEthernet0/6
switchport access vlan 3
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
switchport mode trunk
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface Vlan1
no ip address
!
interface Vlan3
ip address 192.168.4.20 255.255.255.0
!
ip default-gateway 192.168.4.1
!
!
line con 0
!
line vty 0 4
login
line vty 5 15
login
!
!
end
06-18-2010 09:13 AM
Hiyo!
By no means would I say I'm a switch expert! But I'd love to help if possible! When I mocked up your configuration in Packet Tracer, I ran into the same problem. Here is how I worked around it.
1.) On one side of the trunk, issue the switchport mode dynamic desirable on the trunk interface and on the other, issue the switchport mode auto command.
2.) If you want to keep your current config using the switchport mode trunk command, I think you need to issue a switchport encapsulation dot1q.
To help out with added security I would also add:
switchport trunk allowed vlan remove 2-1001
switchport trunk allowed vlan add 2-3
I'm not sure this is what you were looking for but hopefully it helps!
-Matt
06-19-2010 08:33 AM
Hi,
I tried what you said m8, but only brings up one side green. Links are indeed up but as I said no ping traffic passes. I recon this is a bug in packrt logic. I have tested this same setup on physical switches and works like it should with switchport mode trunk on both sides with two trunks on the switch0. Thanks for your input though
06-23-2010 04:46 AM
Hi,
I ran through your config & I can ping all the sub interfaces in the Router A from Switch B.
And both sides of trunks between swich A & Switch B are green.
And I attached the Packet Traser file for your reference.
Then you can double check & compare my config with your one.
Hope this one helps you.
Regards,
Dasuntha
06-23-2010 05:59 AM
Hi Dinesh,
What version packet tracer you compiled. Your file cannot open with packet tracer 4.1 and packet tracer 5.2
Also you say your using my config and it works. If so then it sounds buggy to me. Confirm and resend please, I would like to view those green lights. Thanks
06-23-2010 06:07 AM
Hi,
I m using packet traser version 5.3.
I think that's why you cant open it.
Anyway, I can confirm you that It's working fine.
I fully tested it.
Regards,
Dasuntha
06-23-2010 08:25 AM
Confirmed... Packet Tracer 5.3 = fully functional config exactly as you have it laid out! Congrats! Buggy PT?
-Matt
Date: Wed, 23 Jun 2010 07:07:58 -0600
From: supportforums-donotreply@cisco.com
To: newbs@hotmail.com
Subject: New message: "Changing the Native VLAN command?"
MattNewbs,
A new message was posted in the Discussion thread "Changing the Native VLAN command?":
https://supportforums.cisco.com/message/3125073#3125073
Author : Dasuntha Dinesh
Profile : https://supportforums.cisco.com/people/Dasuntha_Dinesh
Message:
06-23-2010 09:28 AM
I believe it may be a bug yes. I have 5.2.3 PT. Also crashes when overloaded and trying to converge. If my config works on physical devices with similar setup, then logically it should be app problem. Can either of you send me 5.3 plz to my email address. Thanks m8
06-23-2010 08:23 PM
You can download Packet Traser 5.3 from below link.
http://hotfile.com/dl/40746344/98501c6/PacketTracer53_setup.rar.html
Regards,
Dasuntha
06-24-2010 08:23 PM
Hi Dasuntha ,
Thanks for link. As I installed 5.3 and opened up the tracer file from 5.2, the network converged in 2 secs and worked perfectly like it should. Thanks for letting me know it worked all the time and my sanity was good. I had decided to make that lab just for so from scratch.
Packet Tracer 5.2 is buggy - DO NOT USE
06-24-2010 08:28 PM
Nice to hear that it's working from your side also.
PT 5.3 is much better...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide