cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1244
Views
10
Helpful
3
Replies

fabric interconnect and Native Vlan

abdelfatah91
Level 1
Level 1

Hi

 

I just want to ask a simple question

is there any precautions with native vlan between the Switched infrastructure and the Fabric interconnect ?! 

I mean can I use any vlan as a native vlan ex.999 "anything but not 1" ?! 

3 Replies 3

Walter Dey
VIP Alumni
VIP Alumni

Native vlan means no 802.1 tagging; any vlan can be native; native vlan is per link !

2 caveats:

- OS might be configured to handle tagged vlan's; if not, vlan has to be native (ex. ESXi)

- iSCSI boot requires native vlan end to end

This discussion has been reposted from Unified Computing to the LAN, Switching and Routing community.

ssumichrast
Level 1
Level 1

As a security best practice on trunks carrying multiple VLANs you should not allow the native vlan on the line.  When you have a single VLAN going to a device, an end node for example, the port should be configured as an access port with a single data VLAN, and potentially a voice vlan if that will be used.  

 

For example, our N5Ks have a trunk to each of our UCS interconnects.  We set the native VLAN on the n5k side to 999. 999 is not in the allowed list for the trunk then, so the native VLAN never makes it to the ucs.  On the ucs then, any server that can handle VLANs (esxi for example) we send only tagged VLANs -- no VLAN is marked native, thus accomplishing the same thing as we did for the n5k to FI link.

 

It is recommended to not leave your native VLAN as 1 as best practice.  It's less of a concern if the native VLAN isn't in the allowed list, but to avoid mis configuration issues you should set it to another VLAN. 

Review Cisco Networking for a $25 gift card