Re: Management VLAN

tomfree_leo · ‎02-03-2010

Hi Netpro

I got cisco 3550 as backbone Switch ; edge switches connects to 3550 on Fiber

In all we got 5 switches and would increase more shortly, I want to have all switches on management vlan

I did the following but doesnt work

----------------------------------

[3550]

Vlan 1

description users

ip address 192.168.1.1 255.255.255.0

Vlan 2

description managment vlan

ip address 192.168.100.1 255.255.255.0

int gi0/0

switchport trunk encap dot1q

switchport mode trunk

description connected to SW1

-------------------------------------------------------

SW1 - 2960

int gi0/0

switchport mode trunk

int vlan2

ip address 192.168.100.2 255.255.255.0

ip default-gateway 192.168.100.1

------------------------------------------------------------------

On SW1 with VLAN 1 ip address 192.168.1.100/24 is working ok

M i missing any more config to move all switches to managment VLAN

Jon Marshall · ‎02-03-2010

tomfree_leo wrote:

Hi Netpro

I got cisco 3550 as backbone Switch ; edge switches connects to 3550 on Fiber

In all we got 5 switches and would increase more shortly, I want to have all switches on management vlan

I did the following but doesnt work

----------------------------------

[3550]

Vlan 1

description users

ip address 192.168.1.1 255.255.255.0

Vlan 2

description managment vlan

ip address 192.168.100.1 255.255.255.0

int gi0/0

switchport trunk encap dot1q

switchport mode trunk

description connected to SW1

-------------------------------------------------------

SW1 - 2960

int gi0/0

switchport mode trunk

int vlan2

ip address 192.168.100.2 255.255.255.0

ip default-gateway 192.168.100.1

------------------------------------------------------------------

On SW1 with VLAN 1 ip address 192.168.1.100/24 is working ok

M i missing any more config to move all switches to managment VLAN

Tom

No that should do it.

Can you post -

1) "sh ip int brief" from bith switches

2) "sh vlan" from both switches

3) "sh int trunk" from both switches

Jonj

tomfree_leo · ‎02-03-2010

I see VLAN2 cannot be seen on 2960

its a server and client setup, i feel need to shut and no shut the trunk to get vlan database updated.

Any cisco document with recommendation on configuring Management VLAN

tomfree_leo · ‎02-03-2010

Can someone help to understand what is native VLAN Vs Managment VLAN

Jon Marshall · ‎02-03-2010

tomfree_leo wrote:

Can someone help to understand what is native VLAN Vs Managment VLAN

Tom

Couple of things.

Yes you need vlan 2 in the output of "sh vlan" on the 2960. Check the revision numbers on the VTP server and client.

Native vlan is simply the vlan that is untagged on a trunk link. The native vlan should not be the management vlan and it should not be a vlan with any ports allocated to it. The native vlan doesn't need a L3 interface either.

Jon

Ganesh Hariharan · ‎02-03-2010

Can someone help to understand what is native VLAN Vs Managment VLAN

Hi,

A native vlan is the untagged vlan on an 802.1q trunked switchport.Basically if a switch receives untagged frames on a trunkport, they are assumed to be part of the vlan that are designated on the switchport as the native vlan.When the switch on the other side of the trunk receives a frame that does not have an 802.1Q header, the receiving switch knows that the frame is part of the native VLAN.

Hope to help

Ganesh.H

Robert Juric · ‎02-03-2010

tomfree_leo wrote:

Can someone help to understand what is native VLAN Vs Managment VLAN

The management VLAN is simply a VLAN that is configured with a L3 interface and is used for to manage the switch via telnet/ssh. Best practices recommend seperating your management traffic from the standard user/data traffic. For my company however, adding and having to track another subnet at each of my branch offices would be a nightmare so we keep management traffic in the data VLAN.