Native VLAN - Demo

 Usually, for a multi-VLAN network the PCs are connected to 'access' ports of the switch.  Instead of 'access' port, we use the combination of 'trunk' port and 'native-vlan'.

Trunk port - Port in switch where VLAN-tagged packets will pass through.
Native VLAN - Packets passing through the port that belongs to Native VLAN Id will have no-VLAN tagging.

Steps usually will be

1. Create VLANs in the switch that will be used.(vlan x)
2. Assign vlan id as Native VLAN to the port(switchport trunk native vlan x)
3. Allow the same vlan id in the port(switchport trunk allowed vlan x)
4. If there is a switch on the other side of the link, it should also have same native vlan id.  Else port will be blocked by STP.

We use the following topology:

VL20-1 and VL20-2 are separated by series of switches.  VL20-1, connected to Trunk port having native vlan 20.  VL20-2 is connected to access port of vlan 20.

VL30-1 and VL30-2, belonging to VLAN 30, separted by couple of switches.  VL30-1, connected to Trunk port having native vlan 30.  VL30-2 is connected to access port of vlan 30.

Lets go through the configurations of switches one by one. Starting with 

Switch4

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

Switch#conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#vlan 20 Switch(config-vlan)#ex Switch(config)#vlan 30 Switch(config-vlan)#ex Switch(config)#int fa0/2 Switch(config-if)#switchport mode access Switch(config-if)#switchport access vlan 20 Switch(config-if)#no shut Switch(config-if)#ex Switch(config)#int fa0/1 Switch(config-if)#switchport mode access Switch(config-if)#switchport access vlan 30 Switch(config-if)#ex Switch(config)#int fa0/3 Switch(config-if)#switchport trunk encapsulation dot1q Switch(config-if)#switchport mode trunk Switch(config-if)#switchport trunk allowed vlan 20,30

• Creating VLAN (Lines 3 to 6)
• Making Ports fa0/2 and fa0/1 as access ports to vlan 20 and 30 respectively(Lines 8 to 15)
• Making Port fa0/3 as Trunk port allowing vlans 20 and 30(Lines 16 to 19)

Switch6

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

Switch(config)#vlan 20 Switch(config-vlan)#ex Switch(config)#vlan 30 Switch(config-vlan)#ex Switch(config)#int fa0/2 Switch(config-if)#switchport trunk encapsulation dot1q Switch(config-if)#switchport mode trunk Switch(config-if)#switchport trunk allowed vlan 20 Switch(config-if)#ex Switch(config)#int fa0/1 Switch(config-if)#switchport trunk encapsulation dot1q Switch(config-if)#switchport mode trunk Switch(config-if)#switchport trunk allowed vlan 20,30 Switch(config-if)#ex Switch(config)#int fa0/3 Switch(config-if)#switchport trunk encapsulation dot1q Switch(config-if)#switchport mode trunk Switch(config-if)#switchport trunk native vlan 30 Switch(config-if)#switchport trunk allowed vlan 30

• Create VLANs 20 and 30, as both are used in this switch(Lines 1 to 4)
• Make fa0/2 as Trunk to pass vlan 20 from Switch5(lines 5 to 9)
• Make fa0/1 as Trunk to pass vlans 20 and 30 to and from Switch4 (Lines 10 to 14)
• Make fa0/3 as Trunk, to allow vlan30 as Native vlan(equal to access port) (Lines 15 to 19)

Switch5

1 2 3 4 5 6 7 8 9 10 11 12 13 14

Switch#conf t Switch(config)#vlan 20 Switch(config-vlan)#ex Switch(config)#int fa0/3 Switch(config-if)#switchport trunk encapsulation dot1q Switch(config-if)#switchport mode trunk Switch(config-if)#switchport trunk allowed vlan 20 Switch(config-if)#ex Switch(config)#int fa0/1 Switch(config-if)#switchport trunk encapsulation dot1q Switch(config-if)#switchport mode trunk Switch(config-if)#switchport trunk allowed vlan 20 Switch(config-if)#switchport trunk native vlan 20 Switch(config-if)#ex

• Create VLAN 20, as it is the only VLAN used (Lines 2 to 3)
• Make fa0/3 as Trunk to allow vlan 20 to other switches(Lines 4 to 8)
• Make fa0/1 as Trunk to allow vlan 20 as Native vlan id(equal to access port) (Lines 9 to 14)

Testing

• Configured VL20-1 and VL20-2 with IP address as 20.0.0.20/8 and 20.0.0.2/8 respectively.  Ping is successful.
• Configured VL30-1 and VL30-2 with IP addresses 30.0.0.30/8 and 30.0.0.3/8 respectively.  Ping is successful