Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
485
Views
5
Helpful
5
Replies

vlan question

dave dave
Level 1
Level 1

‎08-25-2015 06:32 PM - edited ‎03-10-2019 12:32 PM

hi! if I've a few questions about vlan1

 

switch

1) can I shutdown the vlan 1 in a flat network, and at the same time able to manage the switch remotely? Otherwise, how do I enable remote management?

2) will there be any downtime to the user if I shutdown vlan1 at the L2 switch?

 

Router

1) At the router end is it necessary to shutdown vlan 1 and enable other vlan for flat network?

Labels:
0 Helpful
5 Replies 5

Peter Paluch
Cisco Employee
Cisco Employee

‎08-25-2015 09:06 PM

Hi dave,

1) can I shutdown the vlan 1 in a flat network, and at the same time able to manage the switch remotely? Otherwise, how do I enable remote management?

You can shutdown interface Vlan1 but you cannot deactivate or delete the VLAN1 itself. These are two different things. A switch behaves like an end host (a normal computer) attached to any VLAN for which it has an interface Vlan. This VLAN is called the management VLAN because in that VLAN, the switch has its IP address and gateway. Shutting down interface Vlan1 disconnects the switch from VLAN1, stopping VLAN1 from being a management VLAN. However, VLAN1 itself, as a virtual broadcast domain, still exists and carries frames through the switch. VLAN1 cannot be deleted, but it can be pruned off trunks if necessary, and generally, you can simply avoid using it for any purpose, and that will do.

If you deactivate interface Vlan1 and want to use a different management VLAN, simply create another VLAN that you want to become the management VLAN, and then create an interface Vlan for that new management VLAN, assign it an IP address, set up the default gateway using ip default-gateway command, set up trunks and/or access ports for that VLAN and you're done.

2) will there be any downtime to the user if I shutdown vlan1 at the L2 switch?

Shutting down interface Vlan1 will not impact any users.

1) At the router end is it necessary to shutdown vlan 1 and enable other vlan for flat network?

No, on routers, VLAN1 has no special meaning. You simply do not create a subinterface for VLAN1.

Best regards,
Peter

dave dave
Level 1
Level 1
In response to Peter Paluch

‎09-02-2015 06:58 PM

hi! For the last question. Do you mean I do not have to shutdown the vlan1 on the router and create another vlan eg. vlan20 to match with the newly created vlan20 I have at the L2 switch end?

with the newly created vlan 20 in the L2 switch. Is there any native vlan or trunk or vlan 20 command required at the L2 switch end that is connected to the router? or just leave it blank as the config below? Thanks.

 

interface FastEthernet0/1

description To router

 

0 Helpful

InayathUlla Sharieff
Cisco Employee
Cisco Employee
In response to dave dave

‎09-02-2015 09:43 PM

Hi Dave,

You will get better answer from Peter on this.

Here is my thought:

Router

 |

 |F0/1

Switch

 

1- Vlan concept is not there on routers.

2- Now coming to your question what you need to do is that create vlan 20 and have the port sent to trunk and configure sub-interfaces on the router for that particular vlans.

Lets take your example for vlan :-

 

Switch

conf t

Vlan 20

 

interface FastEthernet0/1 >>>>>>>>>>>>>>>> 
switchport trunk encapsulation dot1q
switchport mode trunk
!

On Router:-

==========

conf t
interface FastEthernet0/0
no ip address
no ip route-cache
no ip mroute-cache
duplex auto
speed auto


interface FastEthernet0/0.2
 

{R1(config-subif)#encapsulation dot1Q ?
  <1-4095>  IEEE 802.1Q VLAN ID required, range 1 - 0xFFF.

}
encapsulation dot1Q 20 >> as we are using vlan 20.

ip address 2.2.2.2 255.255.255.0
no ip route-cache
no ip mroute-cache
no cdp enable

 

Question on native vlan depends on you :- if you want to tag it as native vlan you can do but make sure if you use native vlan it should be configured native at both the end,

 

switch

int f0/0 >> connecting to router.

switchport trunk native vlan 20.

router:-

int f0/0/.2

R1(config-subif)#encapsulation dot1Q 20 native

 

 

HTH

Regards

Inayath

0 Helpful

dave dave
Level 1
Level 1
In response to InayathUlla Sharieff

‎09-03-2015 06:37 PM

hi! For this case, Is it a must to configure native vlan, and trunk on the L2 switch, and subinterface in the router even on a flat network?

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to dave dave

‎09-09-2015 02:14 PM

Hi Dave,

Let me approach this from a slightly different angle.

The native VLAN is the only VLAN on a trunk that can be carried untagged over it. Frames in the native VLAN will be sent through the trunk untagged, and all received untagged frames will be processed in the native VLAN.

By default, the native VLAN on all trunks is VLAN1. There are two best practices related to native VLANs:

  1. Never use it for user traffic - that is, never use a native VLAN as an access VLAN on some access port.
  2. Ideally, change it to a separate standalone VLAN different from VLAN1 and any other used VLANs, and keep it otherwise unused as per Step 1.

If you keep to these two best practices then you will have your native VLAN on all your trunks changed to a different VLAN, say, VLAN 1001, and this VLAN will never be used for any other purpose. In such case, you do not need to configure a subinterface for this VLAN on a router because this VLAN will never carry any useful traffic that the router would be required to route further, so the subinterface for this VLAN would be useless.

Does this make sense?

Best regards,
Peter

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card