2.1.d (iii) Native VLAN

The native vlan is the untagged vlan on the trunk. When the port is a trunk the native vlan by default is 1, however we can change that with “switchport trunk native vlan X”.
The traffic for the native vlan goes out with NO 802.1q header, while tagged traffic on the trunk goes out with the 802.1q header to be placed in the proper vlan when it arrives.

In ISL we only had the concept of VLAN tagging, however 802.1q introduced the concept of the native vlan. That is a port could be configured with an untagged vlan, such that untagged traffic would be placed in this vlan.

Of course the native vlan should match on both sides of a trunk or else we will bridge two vlans.

CDP is able to detect and report native vlan mismatches due to it being sent out in the advertisement. So is PVST+.

It is possible to make a Cisco switch TAG the native vlan on a trunk via the global config command “vlan dot1q tag native”. (some people like this as mitigation for vlan hopping)

If we wanted our native vlan to always go out as tagged with a .1q header we could utilize this global command.

Switch(config)#vlan dot1q tag native
Note: This is good for inter-switch links to avoid vlan hopping

Again finally the default native vlan on trunks is vlan 1, if no vlan is defined it’s vlan 1.

Leave a comment