Native VLAN - Video By Sikandar Shaik || Dual CCIE (RS/SP) # 35012

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] in this video we'll talk about the concept of native we learn what is the TV LAN and what are the best practices we need to follow for native VLAN and some of the configuration and verification commands so native VLAN is is like you know if s which receives any specific frame without any tag it is going to assume that it's going to belong 22 VLAN like take an example I got I am connecting to a hub here and then I got something between spiritual and special now by default between the switches with on something called 8 no 2.1 qril chunking and elected there is a this is a specific traffic coming from VLAN 10 and what it is going to do is before it sends over the trans link it's going to add a tag and support frame tagging forces and this method is to I ensure that the switch to should understand that fit this particular frame belongs to which wheel and so that it can only forward out of the pores to that wheel and only but there are some cases where you may receive a frame like if you are receiving from the hub they don't understand the tagging they don't understand the concept of VLANs if you receive anything without a tag now the switch whenever it receives any any specific information without a time what it is going to do is it is going to assume that it belongs to native VLAN and it will simply forward out of the port which belongs to native VLAN and by default it will send to VLAN mod that's so there's a default behavior now the best practices for native VLAN is generally in in most cases which always recommended to create one VLAN called any nebulas which is not in use that's something recommended and it's it's menu it's recommended to change the native VLAN to 666 or any other VLAN which is not in use and you don't have any single port associated in that particular B lab so that something recommended but by default the VLAN one is an equivalent and it's not really recommended to use native in Ana's VLAN one so you had to use a VLAN which is not in use and there is no put associated in that VLAN so because there is kind of some kind of attack hopping a dice where a user can try to gain access by using this native VLAN information so which is something we really don't want if any kind of attack comes it should it should go to that VLAN and it should get dropped over there something what recommended when it comes to native VLANs as I said the default native VLAN will be VLAN 1 but we can change it to VLAN 9 and 9 so in that case we just need to add a command hole switch port run native VLAN 9 a Mac but one thing we need to ensure that on the Cisco switches the native VLAN must match on both the sides that's mandatory ok so if there is any native VLAN mismatch then probably you will see some console message on the screen something like native will and mismatch this kind of messages you can see on that now for verification we can use a command called show interface trunk and by default if you don't change a native VLAN you will see the default as one but here as we have changed to VLAN 9 and 9 and then even you can use a command called show interface s0 by 20 switch port and also you can you can see that information here now coming back to the lab verification I have some switches added here and what I'm going to do is icon is I got a link connected between the two switches which were and switch tool and what we will do is we are going to configure some trunk and then we'll configure some native VLAN and then we will try to communicate between these two hosts by default they will communicate but once we make the native VLAN mismatch on those particular links probably they will not communicate in general so that's something what will verify in this lab so I'll go to switch one console screen if we just see here on the switch one I got a connection between which one to switch to on port number 20 so the first thing what I am going to do is I am going to configure the link between switch 1 and switch to are the trunk link so I'm going to say switch for trunk encapsulation dot1q and switch port more trunk and then the same thing I can do on the switch 2 as well interface as 0 by 20 and then switch for trunk encapsulation dot q and then switchboard more time now for verification of the trans Ling we can use the command called show interface run and you can see by default the VLAN one is a default native VLAN okay so now once we do this the next thing what we are going to do is we will try to verify the communication process between these two computers here let me go to one of the PC here because verify the IP config I'm on one into 101.1 and if you try to ping to 192 168 1 dot 2 now you can see the reply is coming because the packet goes to this way which will send to switch 2 and then it works fine now these folks can be in any VLAN it can be VLAN 10 VLAN 20 whatever the vela now what I am going to do is I am going to create one VLAN called wheel and some villain let's say I'm going to create a new wheel and we learn 9 9 9 and then I want to make this particular wheel and 9 9 and my native VLAN and I don't have any port associate in that so let's - let us create the VLAN on both the switches or you can compare VDP to synchronize the VLAN information so on the switch 1 and switch 2 so I'm going to say switch port trunk native we can say VLAN and we can change the VLAN to 9 & 9 now once the native VLAN changes I change only on the switch 1 but on the fish - I did not change them I should see some message on the switch switch 2 we can see the received a people even conceived State and there is a native VLAN mismatch and if you just observe here the show spanning tree you can see the port goes into inconsistent and you can see now the main reason for this is for VLAN mismatch actually natively on this match here so if I verify show interface trunk on the switch 1 that is the link between on a switch - it is a native VLAN is 1 and on the switch 1 its native VLAN is 9 9 9 that is something what it is now I can see in the show spanning tree you can see the port is in a or blocking something like blocking it is an inconsistent state whenever the speech realizes that there is a mismatch of native VLAN it is going to put the food into inconsistent state it's not going to forward the traffic now that is one verification even if I try to ping there won't be any communication between them now to fix this you need to have a common native VLAN on both the sides now what I'm going to do is I am going to end up this s0 by 20 and then I'm going to change the native VLAN to 999 make you switch port on native VLAN nine nine nine and once I change this one now I should see the interface has to come up if I give show spanning tree the food goes to listening and learning stages which is something a normal running tree behavior and once they they come up I should see I can see the listening and learning stages now I should see the communication should start between the devices hearing it so that's how we could verify the native VLAN and we need to just keep in mind when we are doing some troubleshooting kind of stuff in the CGI exam probably you need to ensure that if there are two holes belongs to the same VLAN if they are not pinging with each other the one reason might be the native VLAN mismatch and we can verify with a command called show interface trunk [Music]

Info

Channel: Sikandar Shaik

Views: 86,095

Rating: undefined out of 5

Keywords: ccna, ccna videos, vlan, native vlan, noa, noa videos, noa solutions, ccnp, cisco, ccie, subnetting, ccna security, bgp, ospf, firewall, ccna subnetting, ipv6, bgp videos, stp, ccna vdieos, ccna free video, ccie certification, ios, iou, virtual, eigrp, cisco virtual lab, iosv, asav, gns3, routing, noa vdieos, zone based firewall, zone pair, zbf, flsm, cisco firewall, cisco security, cisco certifications, wan, ip addressing, netmetric, vlsm, eigrp configuration, ccnp, cisco

Id: _CMpfOEoPlk

Channel Id: undefined

Length: 8min 11sec (491 seconds)

Published: Wed Jan 18 2017