1 2 Previous Next 24 Replies Latest reply: Sep 22, 2008 10:13 AM by Chetan RSS

    VLAN1 and CDP

        • 1. Re: VLAN1 and CDP



          2nd command is switchport trunk allowed vlan 10,20,30,99


          Interface vlan 99 is also activated after giving it an IP Address.



          Vlan99 is the new Management as well as Native Vlan.



          Picture of the network is also attached.

          • 2. Re: VLAN1 and CDP


            Hi Chetan,



            Could you clarify a couple of things, What model of switches are you using, are they L2 only OR L2/L3 switches? Also is this a simulated environment or real physical switches?



            Thanks.. I'm working on a response






            • 3. Re: VLAN1 and CDP


              Hi Charles,



              I am working in simulated environment.



              All the switches are Cisco WS-C2960-24TT.



              And I think all of these are Layer-2 Only switch.



              • 4. Re: VLAN1 and CDP


                Hi Charles,



                I have just attached the picture of the network.



                It can be seen just above your 1st reply.



                • 5. Re: VLAN1 and CDP
                  Steven King
                  • 6. Re: VLAN1 and CDP

                    Hi Steven,


                    This is what I get when I try to delete VLAN SVI on a 2960 (I already had int vlan 99 active and int vlan99 up with an IP address, when I issued the commands below).




                    SwitchX#conf t

                    Enter configuration commands, one per line. End with CNTL/Z.

                    SwitchX(config)#no int vlan 1

                    % Default interface VLAN 1 may not be deleted.





                    Shutting it down vlan 1ineterface and replacing with int vlan 99 will create a data VLAN which you can use to communicate with all your switches/routers etc. BUT it does not replace VLAN1 as it is required to carry the traffic bewteen the switch CPU (for want of a better term) and the adjacent switches. For example CDP, VTP etc.




                    Hope this helps.





                    • 7. Re: VLAN1 and CDP
                      Steven King

                      I don't have the equipment available to actually test this wtih. But CDP is interface specific, VTP is interface specific, and STP is also interface specific. Also, the VTP interface can be changed to any interface on the device you want. All of these protocols operate on layer2 and layer3 is only there so that you can SSH/Telnet to the device. Have you tried actually using the protocols with the new VLAN?

                      • 8. Re: VLAN1 and CDP

                        Hi Steven,


                        I did a quick search for some "cisco" document to help me explain this more clearly. This is an extract from a document I am attaching.




                        "The reason VLAN 1 became a special VLAN is that L2 devices needed to have a default VLAN to assign to their

                        ports, including their management port(s). In addition to that, many L2 protocols such as CDP, PAgP, and VTP

                        needed to be sent on a specific VLAN on trunk links. For all these purposes VLAN 1 was chosen."




                        And we need to remember VLAN 1 cannot be deleted.




                        Hope this helps.





                        • 9. Re: VLAN1 and CDP
                          Steven King

                          Very interesting. I do remember reading in many docutments that you can change the management vlan. I have never had to do it though, I use VLAN 1 for everything.

                          • 10. Re: VLAN1 and CDP

                            Hi Steven,


                            Thanks for your efforts buddy.



                            But my problem is slightly different.




                            Steven, if you read the question again and also my first posting, you would find that management vlan and native vlans have already been changed to vlan 99 and it is in working state of up/up. Vlan1 is no more management or native vlan and it is in down/down state. I Know that special traffic like CDP, VTP, STP etc use VLAN1 and we can't change that. I know that VLAN1 cannot be deleted or renamed.



                            My Question is what if I stop VLAN 1 from traversing thro' the trunks by issuing the command




                            switchport trunk allowed vlan 10,20,30,99.




                            Then CDP, STP etc. should stop working. But to my surprise, all are working perfectly.




                            This is my doubt. Where am I lacking in the knowledge ?

                            • 11. Re: VLAN1 and CDP
                              James Gass

                              CDP not VLAN based but is port based. If you do not want CDP data to traverse an interface, then you need to utilize the 'no cdp enable" command on the interface or "no cdp run" as a global command to turn it off on the entire switch.



                              So remember - CDP will continue to announce and distribute out and in to these interfaces, unless you administratively turn it off on a port-by-port basis or as a global command..



                              Hope this helps ya.

                              • 12. Re: VLAN1 and CDP


                                HI Chetan ,



                                As per my understanding ( Do not take this as an expert advise).



                                By Default , all managment traffic traverse on VLAN1 ( also a Native Vlan by default). As you have changed the native vlan to valn99 , all managment traffic ( STP, CDP, VTP etc) that was going through Vlan1 earlier on now going through Vlan 99 as its become a native vlan.



                                Even if you remove vlan1 from the trunk , it will not make any difference as currently vlan1 is doing nothing. it just sits there as cant be deleted.If you remove vlan99 from the trunk then l CDP, STP , VTP traffic will not propogate.



                                Try removing vlan99 from trunk and observe if CDP, STP etc has stopped working.















                                • 13. Re: VLAN1 and CDP





                                  Nasheet is correct. CDP will run on any interface that is up and has CDP enabled (which is the default).. If you enable logging or sniff the interface you can see that happen once every 60 seconds (default for CDP advertisements). There is another way to prove this.. Remove native from one of those trunk links and you will begin getting a "Native VLAN Mismatch" error.. You will receive this error once every.. YES.. 60 seconds.. Then turn off CDP on the interface (no cdp enable) while you still have the mismatch and watch the error go bye bye! This would not be a factor if CDP needed the native VLAN to send CDP advertisements.



                                  In regard to STP take a peek at "per VLAN Spanning-Tree" or PVST+... The name says it all!



                                  In response to deleting VLAN 1... You can't.. We just have to live with it.. VLAN 1 is here to stay!



                                  The native VLAN is used to send "untagged" IP packets.. Basically, if you plug a host into fa0/3 without assigning a VLAN to that interface then traffic from that host will travel via the native VLAN... (99 in your case)! Now you have three layer 2 switches and no router performing Inter-VLAN Routing... So you can test this another way as well.. Plug a router up to a non native VLAN port without configuring IVR. Wait 60 seconds and see if they "see" one another. Remember that your VLANS can not communicate with one another without the help of a layer 3 device so your switch will be discovering a neighbor without the aid of the native VLAN.






                                  This should give you something to play with. Have fun!



                                  • 14. Re: VLAN1 and CDP
                                    James Gass


                                    B Haines - I think you are referring to my comment as Nasheet is stating that removing Vlan 99 Trunking from the interface would stop CDP from propagating.



                                    I believe Nasheet is incorrect in this as CDP does not propagate based on VLAN.



                                    So, whether the interface/port is configured as a native vlan or not, CDP should still function unless administratively disabled via the global command or the interface command.



                                    Also, it is important to note that the native VLAN sends untagged Ethernet frames. If you were to state on an exam that "native VLAN's send untagged IP Packets", then the answer may be deamed incorrect. This detail is to help new-comers to networking who may not understand the deeper details of tagging and layer 2 communication and might get confused by untagged IP packets.



                                    1 2 Previous Next