cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

297
Views
10
Helpful
5
Replies
Highlighted
Beginner

VLAN vs Control/Mangement/Data Protocols

I am currently studying for ICND1. I just suddently got curious which VLAN do protocols use. 

 

I guess my questions is pretty not worthy, but I desparately want to know. I tested some protocols I have learned on the Packet Tracer and figured out that CDP, VTP, PAgP somehow always use VLAN1 no matter VLAN1 is a native VLAN or blocked from the trunk port. DTP seems to always use the native VLAN. I googled about this and figured out that control and management protocols always use VLAN1. However, I don't think this is the right answer cuz according  ARP and ICMP are considered as Control Plane protocol, but when I tested, they didn't always use VLAN1. 

 

 

 

Everyone's tags (5)
1 ACCEPTED SOLUTION

Accepted Solutions
VIP Mentor

Re: VLAN vs Control/Mangement/Data Protocols

Hi

The control protocols are sent using vlan 1 even when its shutdown thats why its recommenemded not to use vlan1 for production traffic as your mixing it with control traffic

Best practice shut vlan 1 down diss-allow from trunk and then only control traffic passes it and no transit traffic , if you shut it down and still allow on trunk as native vlan your susceptible still to attacks and flooding

 

1 if you want further classifcation of control protiocl you can use a feature called CoPP

2 CDP/PAGP/VTP are some of them

3 You can control ICMP in the control plane to rate limit if required to prevent issues   , read below on ICMP https://learningnetwork.cisco.com/thread/81815

View solution in original post

5 REPLIES 5
VIP Mentor

Re: VLAN vs Control/Mangement/Data Protocols

Hi

The control protocols are sent using vlan 1 even when its shutdown thats why its recommenemded not to use vlan1 for production traffic as your mixing it with control traffic

Best practice shut vlan 1 down diss-allow from trunk and then only control traffic passes it and no transit traffic , if you shut it down and still allow on trunk as native vlan your susceptible still to attacks and flooding

 

1 if you want further classifcation of control protiocl you can use a feature called CoPP

2 CDP/PAGP/VTP are some of them

3 You can control ICMP in the control plane to rate limit if required to prevent issues   , read below on ICMP https://learningnetwork.cisco.com/thread/81815

View solution in original post

Beginner

Re: VLAN vs Control/Mangement/Data Protocols

Thank you very much :)
Beginner

Re: VLAN vs Control/Mangement/Data Protocols

My friend who has a CCNP Cert told me that it is possible to remove the VLAN 1 in CISCO SW. Is it true? I have been thought it is impossible to remove the VLAN 1.

VIP Mentor

Re: VLAN vs Control/Mangement/Data Protocols

No not possible as even when shutdown at l3 and no ports assigned it carries the control protocols

Beginner

Re: VLAN vs Control/Mangement/Data Protocols

Thank you very much :)
CreatePlease to create content
Content for Community-Ad