Ethernet Switches & Routers

Reply
Occasional Contributor
Posts: 10
Registered: ‎07-08-2013

Default VLAN Behavior

We have a customer that has active switchports on the default VLAN(1). As part of our best practices, we are trying to move ALL ports out of the default vlan. We have tagged VLANs on the switch uplink ports, but none of them are VLAN1. So, I would expect that anything plugged into a port still on VLAN1 would be effectively isolated to that switch, correct?

I created a new VLAN and moved the ports on the switch from VLAN1 to a new VLAN.... then the customer informs me that they had servers in those ports that are now offline. I'm confused as to how anything would have been getting out on VLAN1 previously that now wouldn't when moved to a different VLAN.

Is there some sort of default VLAN behavior that I'm unaware of that allows it to get traffic off the switch? It's almost as though vlan1 is untagged over the uplink ports....

It's not that we can't work around the problem- I'm just wondering how the heck it was working as configured.

Frequent Contributor
Posts: 118
Registered: ‎06-15-2009

Re: Default VLAN Behavior

Hi dcp138,

Could you tell me which switch you are talking about here? I am assuming its one of the FastIron switches? After reading the config guide, I did not happen to find anything relevant. But let me further research & see what I can find on this.

thanks,

Deepti

Occasional Contributor
Posts: 10
Registered: ‎07-08-2013

Re: Default VLAN Behavior

Yes. FCX switches.

Frequent Contributor
Posts: 118
Registered: ‎06-15-2009

Re: Default VLAN Behavior

Hello dcp138, By default all the ports are part of default vlan & are untagged.

When the ports are added to another Vlan (tagged), they will be removed from the default vlan. Any traffic flowing through those ports will now be affected which is why I believe you are seeing the Servers go offline. Is this what you are looking for?

Occasional Contributor
Posts: 10
Registered: ‎07-08-2013

Re: Default VLAN Behavior

Almost.

What we had was a switch with some ports still in the default vlan. There were also some ports untagged in a different VLAN (access ports). Finally, the uplink port on the switch is tagged with the created VLAN.

It almost seems like VLAN1 was still untagged over the uplink port even though it had a tagged VLAN on it as well. I thought this is what the dual mode command was for. Is VLAN1 still untagged by default even if the same port has tagged VLANs on it?

If so, I guess dual mode only comes into play if you need an untagged vlan other than 1?

Frequent Contributor
Posts: 118
Registered: ‎06-15-2009

Re: Default VLAN Behavior

Yes dcp138. Even if a port has dual-mode configured, that port will be an untagged member in the default vlan, even if it is tagged in other vlans.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.