Clever Geek Handbook

Cisco IOS Internal VLANs

A small note on what happens under the hood of Cisco MLS (Multi Layer Switch) when creating routed interfaces.







In MLS, the interface can be in one of two modes:







  • "switchport"
  • "routed interface" or "no switchport"


When translating an interface to the latter, the switch allows you to assign an ip address directly to the port and use it as a router interface.







However, this is just an abstraction. Here's what happens under the hood of MLS when the interface is set to "no switchport" mode:







  • switch creates VLAN
  • the switch adds an interface to this VLAN in access mode. This will be the only interface belonging to this VLAN.
  • the switch creates an SVI (Switch Virtual Interface) for the selected VLAN and assigns the specified ip address to this SVI


In fact, the following two configurations are almost identical *:







interface Ethernet0/0
 no switchport
 ip address 10.0.0.1 255.255.255.0
      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    


interface Ethernet0/0
 switchport mode access
 switchport access vlan 100

interface Vlan 100
 ip address 10.0.0.1 255.255.255.0


* if the switch no longer has any access interface belonging to VLAN 100, and VLAN 100 is not allowed on any of the trunk interfaces.









Take a switch with a minimal startup configuration as an example. All interfaces are in switchport mode and belong to VLAN 1:







SW1#sh interfaces status

Port      Name               Status       Vlan       Duplex  Speed Type
Et0/0                        connected    1            auto   auto unknown
Et0/1                        connected    1            auto   auto unknown
Et0/2                        connected    1            auto   auto unknown
Et0/3                        connected    1            auto   auto unknown

SW1#sho vlan brief
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et0/0, Et0/1, Et0/2, Et0/3
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup


Let's put the Ethernet 0/0 interface into routed mode:







SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#interface ethernet 0/0
SW1(config-if)#no switchport
SW1(config-if)#end

SW1#show running-config interface ethernet 0/0
Building configuration...
Current configuration : 59 bytes
!
interface Ethernet0/0
 no switchport
 no ip address
end


The VLAN that is created when the interface is switched to routed mode is not visible in the usual VLAN database:







SW1#sho vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et0/0, Et0/1, Et0/2, Et0/3
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup


But it can be seen among the "Internal VLANs":







SW1#show vlan internal usage

VLAN Usage
---- --------------------
1006 Ethernet0/0




Potential problem with this switch behavior



VLAN ID 1006 Internal VLAN Ethernet0/0, VLAN ID, SW1 VLAN:







SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#vlan 1006
SW1(config-vlan)#
SW1(config-vlan)#exit
% Failed to create VLANs 1006
VLAN(s) not available in Port Manager.
%Failed to commit extended VLAN(s) changes.

*Jan  5 17:34:31.407: %PM-4-EXT_VLAN_INUSE: VLAN 1006 currently in use by Ethernet0/0
*Jan  5 17:34:31.407: %SW_VLAN-4-VLAN_CREATE_FAIL: Failed to create VLANs 1006: VLAN(s) not available in Port Manager


:







  • L3- (shutdown), Internal VLAN ID
  • VLAN ID
  • L3- ( no shutdown), VLAN ID Extended 


SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#inter ethernet 0/0
SW1(config-if)#shutdown        <-  ,   VLAN ID 1006

SW1(config-if)#do show vlan internal usage
VLAN Usage
---- --------------------
SW1(config-if)#

SW1(config-if)#vlan 1006      <-   VLAN  ID 1006
SW1(config-vlan)#exit
SW1(config)#interface ethernet 0/0
SW1(config-if)#no shutdown      <-   routed 
SW1(config-if)#end

SW1#sho vlan brief
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup
1006 VLAN1006                         active

SW1#show vlan internal usage
VLAN Usage
---- --------------------
1007 Ethernet0/0




VLAN ID L3



:







!
vlan internal allocation policy ascending
!


, VLAN ID Extended : 1006 — 4094.







VLAN ID 1006 , VLAN 1007 L3 Ethernet0/0, routed, VLAN ID 1008:







SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#inter ethernet 0/3
SW1(config-if)#no switchport
SW1(config-if)#end

SW1#show vlan internal usage

VLAN Usage
---- --------------------
1007 Ethernet0/0
1008 Ethernet0/3


VLAN 1009, routed , VLAN 1009 , VLAN L3 — 1010:







SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#vlan 1009
SW1(config-vlan)#end

W1#sho vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et0/2
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup
1006 VLAN1006                         active
1009 VLAN1009                         active

SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#inter ethernet 0/2
SW1(config-if)#no sw
SW1(config-if)#no switchport
SW1(config-if)#end

SW1#sho vlan internal usage

VLAN Usage
---- --------------------
1007 Ethernet0/0
1008 Ethernet0/3
1010 Ethernet0/2


Internal VLAN, — ascending:







SW1(config)#vlan internal allocation policy ?
  ascending   Allocate internal VLAN in ascending order     <-   1006   
  descending  Allocate internal VLAN in descending order   <-   4094




L3 Port-channel



member Internal VLAN ID, Port-channel Internal VLAN ID:







    :

SW1#sho inter status

Port      Name               Status       Vlan       Duplex  Speed Type
Et0/0                        connected    1            auto   auto unknown
Et0/1                        connected    1            auto   auto unknown
Et0/2                        connected    1            auto   auto unknown
Et0/3                        connected    1            auto   auto unknown
SW1#sho vlan inter
SW1#sho vlan internal usa
SW1#sho vlan internal usage

VLAN Usage
---- --------------------
SW1#

SW1(config)#inter range ethernet 0/0 - 1
SW1(config-if-range)#no switchport
SW1(config-if-range)#do show vlan internal usage

VLAN Usage
---- --------------------
1006 Ethernet0/0
1007 Ethernet0/1

SW1(config-if-range)#channel-group 1 mode active
Creating a port-channel interface Port-channel 1

SW1(config-if-range)#do show vlan internal usage

VLAN Usage
---- --------------------
1006 Ethernet0/0
1007 Ethernet0/1
1008 Port-channel1


Port-channel ( member ), Internal VLAN ID :







SW1(config-if-range)#inter po1
SW1(config-if)#shutdown
SW1(config-if)#do show vlan internal usage

VLAN Usage
---- --------------------

SW1(config-if)#no shutdown
SW1(config-if)#do show vlan internal usage

VLAN Usage
---- --------------------
1006 Port-channel1
1007 Ethernet0/0
1008 Ethernet0/1




P.S.



Loopback Internal VLAN .







More articles:


All Articles