Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3309
Views
0
Helpful
3
Replies

Cisco UCS Vlan 1 Default is set to native, why?

derek.small
Level 5
Level 5

‎05-04-2016 08:10 AM - edited ‎03-01-2019 12:43 PM

I have question about Vlans and Native Vlans.  I know the topic has been widely covered, but I can't find an answer to this question.  

Before you comment please note that I am not talking about the little radio button which is present in the Vlan list assigned to a vNIC.  There is another place where the global status of a Vlan is defined as native or not (look at your list of all VLans).

When you create a Vlan, there are several things you can specify, but one thing you cannot.  Native Vlan.  If you look at a list of your Vlans in UCS, or view them from the command line for that matter, they all have a property for "native" (vlan).  Since the concept of a native vlan only makes sense in the context of a trunk port or vNIC, defining a Vlan as native or not when it is created does not make much sense.

On a typical switch, you might have Vlan1 set to be the native Vlan on one trunk, but Vlan2 could be configured to be the native Vlan on a different trunk on the same switch.  As long as the devices at each end of the trunk agree on the native Vlan, it is perfectly allowable and works (yes it would be confusing, but that isn't the point).  

So why in UCS is a Vlan defined as native or not, without being in the context of a vNIC or a trunk?  I think I have the answer, but it leads me to two other issues.  I have to assume that when a Vlan is created and it is defined as native or not, it is specifically talking about if that is the native Vlan on uplink port(s), since normally you cannot configure the native Vlan on uplink ports.  All Vlans when they are created are allowed over the Uplink ports, so there is no place to look at the Vlans associated with an uplink port like you can with a vNIC, to pick the native Vlan.  The only exception is if you use Vlan Groups, which does allow you to specify a native Vlan for each Vlan Group, before you assign the group to an uplink port or port-channel.

So finally to my question.  Why, unless you use Vlan Groups, can you not specify if a Vlan is a native Vlan when you create it?  and why does it seem that only Vlan1 Default is the native Vlan?  I can't find a way to change which Vlan is the native Vlan in the GUI.  If you try to change it from the command line, there is no error when you enter "commit-buffer", but if you look at the config, it doesn't actually change, it stays the same.

Question 1: Why is it you cannot edit which Vlan is the Native Vlan in the LAN Uplinks Manager?

I started investigating this when I found that a Guest VM on a HyperV host, could only talk to other systems on Vlan1 if the vNIC was untagged in HyperV on the VSwitch.  If the traffic was tagged with Vlan1, the guest could not reach anything.  It appears that the HyperV VSwitch works by dropping all traffic coming into a VSwich which is not tagged, much like the Nexus command "vlan dot1q tag native" command caused the Nexus switch to do.

Question 2: Does anyone know of a way to change this behavior on a HyperV VSwitch?  If the Native Vlan is Vlan1, it seems that it should make no difference if the traffic is tagged for Vlan1 or not, it should end up on Vlan1.

0 Helpful
3 Replies 3

Walter Dey
VIP Alumni
VIP Alumni

‎05-08-2016 11:44 PM

From the UCS Manager 2.2 doc

The native VLAN and the default VLAN are not the same. Native refers to VLAN traffic without an 802.1q header and can be assigned or not. The native VLAN is the only VLAN that is not tagged in a trunk, and the frames are transmitted unchanged.
You can tag everything and not use a native VLAN throughout your network, and the VLAN or devices are reachable because switches use VLAN 1 as the native by default.
The UCS Manager LAN Uplink Manager enables you to configure VLANs and to change the native VLAN setting. Changing the native VLAN setting requires a port flap for the change to take effect; otherwise, the port flap is continuous. When you change the native VLAN, there is a loss of connectivity for approximately 20-40 seconds.
Native VLAN Guidelines
You can only configure native VLANs on trunk ports.
• You can change the native VLAN on a UCS vNIC; however, the port flaps and can lead to traffic
interruptions.

• Cisco recommends using the native VLAN 1 setting to prevent traffic interruptions if using the Cisco Nexus 1000v switches. The native VLAN must be the same for the Nexus 1000v port profiles and your UCS vNIC definition.
• If the native VLAN 1 setting is configured, and traffic routes to an incorrect interface, there is an outage, or the switch interface flaps continuously, there might be incorrect settings in your disjoint layer 2 network configuration.
• Using the native VLAN 1 for management access to all of your devices can potentially cause problems if someone connects another switch on the same VLAN as your management devices.

0 Helpful

derek.small
Level 5
Level 5
In response to Walter Dey

‎05-10-2016 09:00 AM

You get a little unclear about what context you are talking about native vlans in, but I think we are in agreement on all points.  And I agree, I try to dissuade the use of Vlan 1 for anything, but you know how the customer is always right and all.... ;)

However, unless I missed it, I don't believe you answered either of my questions.

0 Helpful

Walter Dey
VIP Alumni
VIP Alumni
In response to derek.small

‎05-10-2016 10:00 AM

Hi Derek

I answered your question 1: native vlan can be configured with UCSM on a trunk uplink. As you know, native vlan is defined per link. Which UCS version do you run ?

See attachment how to do it !

Walter.

Preview file
241 KB
0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Review Cisco Networking for a $25 gift card