Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1300
Views
5
Helpful
6
Replies

how to safely delete a vlan im not sure if it is in use?

baselzind
Level 6
Level 6

‎06-27-2016 03:55 AM - edited ‎03-08-2019 06:23 AM

i have several vlans that i dont know are they for , i checked the switches and there is no ports assigned to them , is there further things i can check before i can safely delete a vlan with affecting my network?

Labels:
0 Helpful
6 Replies 6

Mark Malone
VIP Alumni
VIP Alumni

‎06-27-2016 04:22 AM

No not really you just have to check whats assigned in each switch make sure vlans not in use as you did , you could run an ip scan an make sure you haven't missed something in the vlan subnet somewhere on the network , if your running vtp just remove it from the server it will push the change to the clients , if networks in transparent mode you will have to manually remove tit from each switch

0 Helpful

johnlloyd_13
Level 9
Level 9

‎06-27-2016 09:11 PM

hi,

just to add, checking the VLANs locally on the switch is not enough. you could check the upstream router if there's a dot1q trunk where VLAN traffic is used.

also, do you have ANY network documentation somewhere?

0 Helpful

baselzind
Level 6
Level 6
In response to johnlloyd_13

‎06-28-2016 02:31 AM

in case of a core switch connected to the fire wall i guess it would suffice to check that core switch uplink? but also maybe it is there on the trunk but it isnt used as well? i found a vlan counter command on the core switch i guess if the counters are zero it would mean the vlan isnt used?

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to baselzind

‎06-28-2016 03:23 PM

Hi everyone,

Please allow me to join.

baselzind: I am not sure about the command that shows VLAN counters (what command is that, anyway? I tried to look it up but I didn't find anything). Even in an unused VLAN, these counters would be slowly increasing, as STP and other protocols may be running in that VLAN.

If there is no documentation available that would clearly state what a particular VLAN is used for, I suppose that the only way of finding out an unused VLAN is to actually have it suspended or removed and wait if anyone complains. This is a very unsophisticated approach but perhaps it will work for you.

I suggest suspending a VLAN instead of removing it. You can accomplish it as shown in the following example:

vlan 123
 state suspend
 exit

The advantage of this approach is that the VLAN is not really removed, rather, it is only made inactive and put out of operation. If you decide to make it operational again, you only need to set its state back to active:

vlan 123
 state active
 exit

If, after having a VLAN suspended for a longer period of time (a day, a week) nothing breaks down and no-one complains, you can delete the VLAN entirely.

Be careful with this, though - it's a trial-and-error approach, and an error can be very painful.

Best regards,
Peter

0 Helpful

Rolf Fischer
Level 9
Level 9
In response to Peter Paluch

‎06-29-2016 06:10 AM

Hello Peter,

happy to see that you still find some time to enrich this forum :)

I am not sure about the command that shows VLAN counters (what command is that, anyway? I tried to look it up but I didn't find anything).

I believe it's only available on Catalyst 6k's and I'm not sure if you have access to such a platform.

c6509#show vlan counters
* Multicast counters include broadcast packets

Vlan Id                                            : 1
L2 Unicast Packets                                 : 542318798
L2 Unicast Octets                                  : 80720727363
L3 Input Unicast Packets                           : 1360609720
L3 Input Unicast Octets                            : 395606855677
L3 Output Unicast Packets                          : 906016270
L3 Output Unicast Octets                           : 136946088278
L3 Output Multicast Packets                        : 0
L3 Output Multicast Octets                         : 0
L3 Input Multicast Packets                         : 0
L3 Input Multicast Octets                          : 0
L2 Multicast Packets                               : 27836128
L2 Multicast Octets                                : 2745064389

Vlan Id                                            : 2
L2 Unicast Packets                                 : 0
L2 Unicast Octets                                  : 0
L3 Input Unicast Packets                           : 0
L3 Input Unicast Octets                            : 0
L3 Output Unicast Packets                          : 0
L3 Output Unicast Octets                           : 0
L3 Output Multicast Packets                        : 0
L3 Output Multicast Octets                         : 0
L3 Input Multicast Packets                         : 0
L3 Input Multicast Octets                          : 0
L2 Multicast Packets                               : 0
L2 Multicast Octets                                : 0

This is an example from a production switch and as you can see, VLAN 2 is unused (it obviously doesn't count control-plane traffic).

I clear this counters every once in a while in order to find unused VLANs and didn't have any bad experiences so far.

Best regards,

Rolf

Peter Paluch
Cisco Employee
Cisco Employee
In response to Rolf Fischer

‎06-29-2016 06:58 AM

Hi Rolf,

happy to see that you still find some time to enrich this forum :)

It is me who is happy and honored to be around! :)

I believe it's only available on Catalyst 6k's and I'm not sure if you have access to such a platform.

Aaah, thank you, I see now. That explains it - and you're right, I don't have access to a Catalyst 6500 so I am unaware of these platform-specific things. It's interesting, though, that the control-plane traffic is not being counted in.

Thanks for sharing these jewels of knowledge! :)

Best regards,
Peter

0 Helpful
Customers Also Viewed These Support Documents