Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Native VLANs and subinterfaces

Status
Not open for further replies.
dbarasch

dbarasch

MIS
Feb 16, 2004
14
0
0
US
What does a native VLAN mean? Cisco documentation states that if you have VLAN1, then that is the native VLAN. What constitutes something as being native. Suppose I didn't have VLAN1, but have VLANs 4,5,6. What would make one native as opposed to the other VLANs.

Second question... If I have two IPs on a single NIC on a router and I want to create subinterfaces on it, am I assigning new IPs on the subinterfaces or using the IPs I already assigned to the NIC.

Example:
Interface Fa0/1 has 192.168.13.2 and 192.168.11.2 (secondary).

Now I am creating two subinterfaces on Fa0/1. Should Fa0/1.1 have 192.168.13.2 or a different IP on the same subnet. Likewise with Fa0/1.2 should it have 192.168.11.2 or 192.168.11.5.








 
Sort by date Sort by votes
On int fa0/1...
router(config-if)#no ip add
router(config-if)#no shut
The IP add goes on the subinterfaces...
The native VLAN is VLAN1, or the default vlan, the vlan that controls everything, or the management vlan. It is the one you assign an IP address to, and then you can reach the switch via browser or telnet (considering there is a password set on the vty lines...).

Burt
 
Upvote 0 Downvote
The Native VLAN on a 802.1q trunk is the VLAN that traffic arriving without a VLAN Tag is handled by. For example if you have a trunk that allows VLAN's 4-8 and the Native VLAN is the default (1). Traffic arriving on the trunk without a VLAN Tag is handled as if it arrived with a Tag of VLAN 1. In this case since VLAN 1 wasn't in the list of allowed VLAN's then it should be dropped. However Cisco ALWAYS handle certain traffic with a VLAN 1 Tag (control-plane traffic - CDP, DTP, VTP etc).

There are certain security issues with not tuning Trunk interfaces Native VLANs so you should always ensure you use unique Native VLANs on each point-to-point trunk.

Using VLAN 1 for data and leaving this as the default on Trunks is a major sin in Cisco's eyes........

HTH

Andy
 
Upvote 0 Downvote
With the subinterfaces you must tell the router what the VLAN Tag is:
Code: 
interface FastEthernet0/1.4
 encapsulation dot1q 4
 ip address x.x.x.x x.x.x.x
!
interface FastEthernet0/1.5
 encapsulation dot1q 5
 ip address x.x.x.x x.x.x.x
!
interface FastEthernet0/1.6
 encapsulation dot1q 6
 ip address x.x.x.x x.x.x.x
!

The switch this connects to should be hard-coded as a 802.1q trunk and allow VLANs 4-6. By default the Native VLAN will be 1, however you should change this to be some unused VLAN and define this at either end:

switch:
Code: 
interface FastEthernet0/1
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 999
 switchport trunk allowed vlan 4-5
 switchport mode trunk
 switchport nonegotiate 
!

router:
Code: 
interface FastEthernet0/1.99
 encapsulation dot1q 999 native

HTH

Andy
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Lccarter
  • Locked
  • Question
Cisco CUCM Provisioning and Order Management System
Replies
1
Views
117
Lccarter
Lccarter
mikey789
  • Locked
  • Question
Can 4000-M Routing VLANs ?
Replies
0
Views
64
mikey789
mikey789
acabezas2014
  • Locked
  • Question
Need to create QoS for SNMP and Radius traffic on Cisco 4948 Switches
Replies
0
Views
63
acabezas2014
acabezas2014
mrdom
  • Locked
  • Question
RV325: Accessing LAN and WAN resources using the same hostname ...
Replies
0
Views
62
mrdom
mrdom
dmourghen
  • Locked
  • Question
PBR issue and Access-list
Replies
0
Views
76
dmourghen
dmourghen

Part and Inventory Search

Sponsor

Back
Top