> vlan 1 is native vlan whenever i use 'sh spanning-tree' command it shows me the root bridge it means that stp is already configured in my network
If you do a "show span vlan x" where x = any other vlan you are using, it will essentially show you the same thing. The "native" VLAN has nothing to do with spanning-tree (other than the fact it runs on VLAN 1 by default). All the "native" vlan is used for is to tell the switchport "if your trunking and you expect VLAN tags but a frame comes in without one, it belongs to vlan x. (Where x is whatever the ports native vlan is set to). >do i hav to configure stp again? Spanning-tree runs just the same on the "native" vlan as it does on any other vlan. As long as you don't have vlan 1 (or interface vlan 1) in use for anything, you would not have to change anything. STP just doesn't run anymore on VLAN 1 since you've deleted it and moved those ports to another vlan. So STP will just do it's thing on all of the other VLANS as normal. Once again, this was NOT the case with some older/lower end/older IOS released switches. Think of the "native" vlan somewhat like a "voice vlan". All thats involved is the switchport acts like a "trunk port" and an "access port" at the same time. Frame tags are honored while non-tagged frames are sent to the "native" vlan you specify. (Same as "voice port", you're telling it what vlan voice frames belong to). HTH's, m On Sat, Mar 5, 2011 at 12:09 PM, [email protected] < [email protected]> wrote: > Actually in my network > i hav 5 vlan and vlan 1 is native vlan whenever i use 'sh spanning-tree' > command it shows me the root bridge it means that stp is already configured > in my network > > but as per ur explanation if i disable vlan 1 and define any oother vlan as > a native vlan then a question arise that > > > do i hav to configure stp again? > regards > narendra > -----Original Message----- > From: Max Pierson > Sent: 05/03/2011, 10:30 pm > To: marc abel > Cc: [email protected]; [email protected] > Subject: Re: [OSL | CCIE_RS] (ccie_rs)_native_vlan > > > > It is actually best practice to make the native VLAN an unused VLAN, and > > make sure all production VLANS are tagged. > > > I like hearing "best common practice" :) > > > > It means we should not change tha native vlan from 1 to any other, > > vlan 1 should be always for the network management purpose. > > > This isn't 100% correct. See below. > > > > One more thing which is asked bye interviewer to me that > > why do we not need to configure STP if our managent vlan is already 1? > > > > > It is BCP to NOT use VLAN 1 for production. This is an old "myth" I think > though, if you wish to call it that. VLAN 1 itself is just another VLAN > like > 2 - 1000 (1001 - 1005 are usually reserved and internally allocated). It > can > be used the same way any other VLAN can. There's nothing at all special > about it (other than Cisco's recommendation years ago was that is was for > management only because of older switch code). The older switches (think > 2900's and 3500XL's) had to have VLAN 1 for it's management purposes and > could not be removed from the database (although it can be changed from 1 > to > whatever if you manage switches like us, but you still couldn't completely > remove it from the DB). Alot of other vendors followed suit and made the > same recommendations. > > But as you both have stated, most use it for management purposes. We have > gone one step farther and decided to use another vlan for management and > disable vlan 1 all together (yes, remove it from the vlanDB, even though > that in itself breaks stuff like STP, VTP, etc, if you don't already have > any other VLAN defined on the switch for L2 control traffic to traverse). > We > specify the "native vlan" as the management vlan we chose, and put the new > "native" vlan command on all trunks (this will fix all of your L2 stuff as > well if you were only using vlan 1 to begin with). This way when a new > switch gets provisioned for roll out, even though the ports are in vlan1 by > default, that vlan is dead on our network, so anyone who plugs in can't see > anything but other stuff that's on just that switch in vlan 1 since vlan 1 > is not allowed over ANY trunks. More for secureity than anything else. > > - > m > > On Sat, Mar 5, 2011 at 8:43 AM, marc abel <[email protected]> wrote: > > > Yes you could, but at that point you are going to need to do layer 3 > > routing > > to be able to communicate end to end. It's all about what do you want to > > do. > > In most cases I can't think of a good reason to have this kind of > > inconsistency in a production network. The network I currently administer > > was setup with some weirdness like this before I arrived. I discovered > some > > of the "Bad Things" mentioned earlier where they actually had traffic > > bleeding between VLANS that they thought were isolated. > > > > It is actually best practice to make the native VLAN an unused VLAN, and > > make sure all production VLANS are tagged. > > > > On Sat, Mar 5, 2011 at 1:40 AM, [email protected] < > > [email protected] > > > wrote: > > > > > Correct me if i m wrong > > > > > > i m using three switches 3750, 2950,2960 respectively... > > > > > > I have connected Fa0/1 of 3750 to Fa0/1 of 2950 i m naming this link as > > > link North > > > and > > > Fa0/2 of 3750 to Fa0/2 of 2960 i m naming this link as link south > > > > > > I hav three vlan 1,2 and 3 respectively > > > now my question arises that > > > can i use vlan 2 as a native vlan for south link > > > and vlan 3 as native vlan for north link? > > > > > > If yes then what is the benifit it will give me? > > > > > > Help will be appriciated becoz i m too much confuse about this question > > > > > > > > > -----Original Message----- > > > From: Kurt Bales > > > Sent: 05/03/2011, 12:50 pm > > > To: [email protected] > > > Cc: [email protected]; Michael > > > Smith; [email protected] > > > Subject: Re: [OSL | CCIE_RS] (ccie_rs)_native_vlan > > > > > > > > > Native VLAN is only relevant per link - and in a proper confiiguration > > all > > > hosts on a link should agree on the native vlan or Bad Things (TM) can > > > happen. > > > > > > Simply put: Yes, your northbound link can use native 9, and your > > southband > > > link can use native 11. > > > > > > On Sat, Mar 5, 2011 at 17:38, [email protected] > > > <[email protected]>wrote: > > > > > > > I know this dear michael but my confusion is something else that > > > > do whole network have same native vlan or native vlan can be changed > > > > according to each trunk port in switches? > > > > > > > > If canbe changed according to switche's trunk port then why do we > make > > > this > > > > change in all trunk port? > > > > > > > > > > > > > > _______________________________________________ > > > For more information regarding industry leading CCIE Lab training, > please > > > visit www.ipexpert.com > > > > > _______________________________________________ > > For more information regarding industry leading CCIE Lab training, please > > visit www.ipexpert.com > > > > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
