- Preface
- New and Changed Information for this Release
- Overview
- Configuring Ethernet Interfaces
- Configuring VLANs
- Configuring Private VLANs
- Configuring Access and Trunk Interfaces
- Configuring Port Channels
- Configuring Virtual Port Channels
- Configuring Rapid PVST+
- Configuring Multiple Spanning Tree
- Configuring STP Extensions
- Configuring LLDP
- Configuring the MAC Address Table
- Configuring IGMP Snooping
- Configuring Traffic Storm Control
- Index
Configuring VLANs
This chapter contains the following sections:
Information About VLANs
Understanding VLANs
A VLAN is a group of end stations in a switched network that is logically segmented by function, project team, or application, without regard to the physical locations of the users. VLANs have the same attributes as physical LANs, but you can group end stations even if they are not physically located on the same LAN segment.
Any port can belong to a VLAN, and unicast, broadcast, and multicast packets are forwarded and flooded only to end stations in that VLAN. Each VLAN is considered a logical network. Packets destined for stations that do not belong to the VLAN must be forwarded through a router.
The following figure shows VLANs as logical networks. In this diagram, the stations in the engineering department are assigned to one VLAN, the stations in the marketing department are assigned to another VLAN, and the stations in the accounting department are assigned to yet another VLAN.
VLANs are usually associated with IP subnetworks. For example, all the end stations in a particular IP subnet belong to the same VLAN. To communicate between VLANs, you must route the traffic.
By default, a newly created VLAN is operational. To disable the VLAN use the shutdown command. Additionally, you can configure VLANs to be in the active state, which is passing traffic, or the suspended state, in which the VLANs are not passing packets. By default, the VLANs are in the active state and pass traffic.
Understanding VLAN Ranges
The Cisco Nexus 3000 Series switch supports VLAN numbers 1to 4094 in accordance with the IEEE 802.1Q standard. These VLANs are organized into ranges. The switch is physically limited in the number of VLANs it can support. For information about VLAN configuration limits, see the configuration limits documentation for your switch.
The following table describes the details of the VLAN ranges:
 Note | VLANs 3968 to 4047 and 4094 are reserved for internal use; these VLANs cannot be changed or used. |
Cisco NX-OS allocates a group of 80 VLAN numbers for those features, such as multicast and diagnostics, that need to use internal VLANs for their operation. By default, the system allocates VLANs numbered 3968 to 4047 for internal use. VLAN 4094 is also reserved for internal use by the switch.
You cannot use, modify, or delete any of the VLANs in the reserved group. You can display the VLANs that are allocated internally and their associated use.
Creating, Deleting, and Modifying VLANs
VLANs are numbered from 1 to 4094. All configured ports belong to the default VLAN when you first bring up the switch. The default VLAN (VLAN1) uses only default values. You cannot create, delete, or suspend activity in the default VLAN.
You create a VLAN by assigning a number to it. You can delete VLANs as well as move them from the active operational state to the suspended operational state. If you attempt to create a VLAN with an existing VLAN ID, the switch goes into the VLAN submode but does not create the same VLAN again.
Newly created VLANs remain unused until ports are assigned to the specific VLAN. All the ports are assigned to VLAN1 by default.
Depending on the range of the VLAN, you can configure the following parameters for VLANs (except the default VLAN):
When you delete a specified VLAN, the ports associated to that VLAN are shut down and no traffic flows. However, the system retains all the VLAN-to-port mapping for that VLAN, and when you reenable, or recreate, the specified VLAN, the system automatically reinstates all the original ports to that VLAN.
Note | Commands entered in the VLAN configuration submode are immediately executed. VLANs 3968 to 4047 and 4094 are reserved for internal use; these VLANs cannot be changed or used. |
Configuring a VLAN
Creating and Deleting a VLAN
You can create or delete all VLANs except the default VLAN and those VLANs that are internally allocated for use by the switch. Once a VLAN is created, it is automatically in the active state.
Note | When you delete a VLAN, ports associated to that VLAN shut down. The traffic does not flow and the packets are dropped. |
1.
switch# configure terminal
2.
switch(config)# vlan {vlan-id | vlan-range}
3.
switch(config-vlan)# no vlan {vlan-id | vlan-range}
DETAILED STEPS
This example shows how to create a range of VLANs from 15 to 20:
switch# configure terminal
switch(config)# vlan 15-20
Note | You can also create and delete VLANs in the VLAN configuration submode. |
Configuring a VLAN
To configure or modify the VLAN for the following parameters, you must be in the VLAN configuration submode:
Note | You cannot create, delete, or modify the default VLAN or the internally allocated VLANs. Additionally, some of these parameters cannot be modified on some VLANs. |
1.
switch#
configure terminal
2.
switch(config)#
vlan {vlan-id |
vlan-range}
3.
switch(config-vlan)#
name
vlan-name
4.
switch(config-vlan)#
state {active |
suspend}
5.
(Optional)
switch(config-vlan)#
no shutdown
DETAILED STEPS
This example shows how to configure optional parameters for VLAN 5:
switch# configure terminal
switch(config)# vlan 5
switch(config-vlan)# name accounting
switch(config-vlan)# state active
switch(config-vlan)# no shutdown
Adding Ports to a VLAN
After you have completed the configuration of a VLAN, assign ports to it. To add ports, perform this task:
1.
switch# configure terminal
2.
switch(config)# interface {ethernet
slot/port | port-channel
number}
3.
switch(config-if)# switchport
access vlan
vlan-id
DETAILED STEPS
This example shows how to configure an Ethernet interface to join VLAN 5:
switch# configure terminal
switch(config)# interface ethernet 1/13
switch(config-if)# switchport access vlan 5
Verifying VLAN Configuration
To display VLAN configuration information, perform one of these tasks:
|
Command |
Purpose |
|---|---|
| switch# show running-config vlan [vlan_id | vlan_range] |
Displays VLAN information. |
| switch# show vlan [brief | id [vlan_id | vlan_range] | name name | summary] |
Displays selected configuration information for the defined VLAN(s). |
The following example shows all VLANs defined in the range of 1 to 21.
switch# show running-config vlan 1-21
version 5.0(3)U1(1)
vlan 1
vlan 5
The following example shows the VLANs created on the switch and their status:
switch# show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Eth1/1, Eth1/2, Eth1/3, Eth1/4 Eth1/5, Eth1/6, Eth1/7, Eth1/8 Eth1/9, Eth1/10, Eth1/11 Eth1/12, Eth1/15, Eth1/16 Eth1/17, Eth1/18, Eth1/19 Eth1/20, Eth1/21, Eth1/22 Eth1/23, Eth1/24, Eth1/25 Eth1/26, Eth1/27, Eth1/28 Eth1/29, Eth1/30, Eth1/31 Eth1/32, Eth1/33, Eth1/34 Eth1/35, Eth1/36, Eth1/37 Eth1/38, Eth1/39, Eth1/40 Eth3/1, Eth3/2, Eth3/3, Eth3/4 13 VLAN0005 active Eth1/13, Eth1/14
The following example shows the details of VLAN 13 including its member ports:
switch# show vlan id 13 VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 13 VLAN0005 active Eth1/13, Eth1/14 VLAN Type MTU ---- ----- ----- 13 enet 576 Remote SPAN VLAN ---------------- Disabled Primary Secondary Type Ports ------- --------- --------------- -------------------------------------------
The following example shows the VLAN settings summary:
switch# show vlan summary Number of existing VLANs : 2 Number of existing user VLANs : 2 Number of existing extended VLANs : 0
Feedback