switches capable of supporting > 1005 simultaneous VLANs

Lannar Dean · ‎12-05-2014

We deploy networks that utilize per-user VLAN segmentation. We allow users to set up accounts, and every device associated with an account will be assigned the VLAN of that account by our RADIUS server. For a network with many users, this means we end up with a large number of VLANs that need to be defined and allowed through the trunk ports of our switches where our access points plug in (typically there won't be an enormous span of ACTIVE VLANs on the switch, but it needs to know about all of them and accept traffic for any of them).

Many Cisco IOS switches (for example, the 3750) have limitations as to the number of VLANs (usually 1005) that can be defined on the switch. Ironically, switches in the SG300 small business line of switches run a slightly 'dumbed down' version of IOS and do not have this limitation. They allow us to create as many VLANs as we want (not going above 4096 however). I find it hard to believe/understand that these lower end switches don't exhibit this limitation, but the beefy core and edge switches running the full IOS firmware choke when you try to go above 1005 VLANs.

Can anyone recommend a enterprise grade switch model (looking for both core switches and edge switches) that doesn't exhibit this behavior and will allow us to create the larger range of VLANs?

Thanks in advance!

Leo Laohoo · ‎12-05-2014

Depending on the IOS on your Catalyst switches, you can use VLANs above 1005 but to a total of 1028 VLANs only.

Lannar Dean · ‎12-08-2014

Thanks Leo. So there are really no catalyst switches that will allow for more than 1028 VLANs?? On an SG300, I can run 'vlan 100-4000' and have it happily accept the command and run without any issues. I can't understand how an entry-level switch series can do something that a full blown catalyst cannot. What am I missing here?

Leo Laohoo · ‎12-08-2014

My previous response was done in error. My apologies.

Some Catalyst switches support up to 4096 VLANs. There are some older switches which have trouble going above VLANs 1005 unless you upgrade the IOS and ensure your VLAN database is set to Transparent.

Joseph W. Doherty · ‎12-09-2014

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

That's because entry level switches don't support ISL or older VTP, both, I believe, may have issues with >1024 VLANs.

Later Enterprise switches can, I believe, support 4 K VLANs, as long as you avoid old compatibility issues. If might also require some additional configuration.

Lannar Dean · ‎12-09-2014

Thanks... Any idea which series support it and which don't?

sumit menaria · ‎12-08-2014

Cisco 4948 switches which are medium range switches with switching capacity from 96-320Gbps support 4096 active vlan ids at a time.

	Cisco Catalyst 4948	Cisco Catalyst 4948 10 Gigabit Ethernet	Cisco Catalyst 4900M
Switching capacity	96Gbps	136Gbps	320Gbps
Active VLANs	4096	4096	4096

Private VLAN could also be an option to evaluate if you want to keep working with your 3750s.

Please let me know if anything else is needed.

Please rate if helpful.

Cheers

Sumit

Lannar Dean · ‎12-09-2014

Got it, thank you. Is there any definitive list that I can reference to determine which switches do or do not support the full 4096 active vlans?