Configuring VLANs

This chapter describes how to configure VLANs on the Cisco Nexus 5000 Series switch. It contains the
following sections:

• Configuring VLANs, page 1

Configuring VLANs
You can use virtual LANs (VLANs) to divide the network into separate logical areas. VLANs can also be
considered as broadcast domains.
Any switch port can belong to a VLAN, and unicast, broadcast, and multicast packets are forwarded and
flooded only to end stations in that VLAN. Each VLAN is considered a logical network, and packets destined
for stations that do not belong to the VLAN must be forwarded through a router.

Information About VLANs

Understanding VLANs
A VLAN is a group of end stations in a switched network that is logically segmented by function, project
team, or application, without regard to the physical locations of the users. VLANs have the same attributes
as physical LANs, but you can group end stations even if they are not physically located on the same LAN
segment.
Any port can belong to a VLAN, and unicast, broadcast, and multicast packets are forwarded and flooded
only to end stations in that VLAN. Each VLAN is considered a logical network. Packets destined for stations
that do not belong to the VLAN must be forwarded through a router.

Cisco Nexus 5000 Series NX-OS Software Configuration Guide

OL-16597-01 1
 Configuring VLANs
Understanding VLAN Ranges

The following figure shows VLANs as logical networks. In this diagram, the stations in the engineering
department are assigned to one VLAN, the stations in the marketing department are assigned to another VLAN,
and the stations in the accounting department are assigned to yet another VLAN.

Figure 1: VLANs as Logically Defined Networks

VLANs are usually associated with IP subnetworks. For example, all the end stations in a particular IP subnet
belong to the same VLAN. To communicate between VLANs, you must route the traffic.
By default, a newly created VLAN is operational. To disable the VLAN use the shutdown command.
Additionally, you can configure VLANs to be in the active state, which is passing traffic, or the suspended
state, in which the VLANs are not passing packets. By default, the VLANs are in the active state and pass
traffic.

Note The VLAN Trunking Protocol (VTP) mode is OFF. VTP BPDUs are dropped on all interfaces of a Cisco
Nexus 5000 Series switch. This has the effect of partitioning VTP domains if other switches have VTP
turned on.

Understanding VLAN Ranges

The Cisco Nexus 5000 Series switch supports VLAN numbers 1to 4094 in accordance with the IEEE 802.1Q
standard. These VLANs are organized into ranges. You use each range slightly differently. The switch is
physically limited in the number of VLANs it can support. The hardware also shares this available range with
its VSANs
The following table describes the details of the VLAN ranges.

Cisco Nexus 5000 Series NX-OS Software Configuration Guide

2 OL-16597-01
 Configuring VLANs
Creating, Deleting, and Modifying VLANs

Table 1: VLAN Ranges

VLANs Numbers Range Usage

1 Normal Cisco default. You can use this
VLAN, but you cannot modify or
delete it.

2—1005 Normal You can create, use, modify, and

delete these VLANs.

1006—4094 Extended You can create, name, and use

these VLANs. You cannot change
the following parameters:
• State is always active.
• VLAN is always enabled.
You cannot shut down these
VLANs.

3968—4047 and 4094 Internally allocated These 80 VLANs, plus VLAN

4094, are allocated for internal use.
You cannot create, delete, or
modify any VLANs within the
block reserved for internal use.

Note VLANs 3968 to 4047 and 4094 are reserved for internal use; these VLANs cannot be changed or used.

Cisco NX-OS allocates a group of 80 VLAN numbers for those features, such as multicast and diagnostics,
that need to use internal VLANs for their operation. By default, the system allocates VLANs numbered 3968
to 4047 for internal use. VLAN 4094 is also reserved for internal use by the switch.
You cannot use, modify, or delete any of the VLANs in the reserved group. You can display the VLANs that
are allocated internally and their associated use.

Creating, Deleting, and Modifying VLANs

VLANs are numbered from 1 to 4094. All configured ports belong to the default VLAN when you first bring
up the switch. The default VLAN (VLAN1) uses only default values. You cannot create, delete, or suspend
activity in the default VLAN.
You create a VLAN by assigning a number to it. You can delete VLANs as well as move them from the active
operational state to the suspended operational state. If you attempt to create a VLAN with an existing VLAN
ID, the switch goes into the VLAN submode but does not create the same VLAN again.
Newly created VLANs remain unused until ports are assigned to the specific VLAN. All the ports are assigned
to VLAN1 by default.
Depending on the range of the VLAN, you can configure the following parameters for VLANs (except the
default VLAN):

Cisco Nexus 5000 Series NX-OS Software Configuration Guide

OL-16597-01 3
 Configuring a VLAN
Creating and Deleting a VLAN

• VLAN name
• Shutdown or not shutdown

When you delete a specified VLAN, the ports associated to that VLAN are shut down and no traffic flows.
However, the system retains all the VLAN-to-port mapping for that VLAN, and when you reenable, or recreate,
the specified VLAN, the system automatically reinstates all the original ports to that VLAN.

Note Commands entered in the VLAN configuration submode are immediately executed.
VLANs 3968 to 4047 and 4094 are reserved for internal use; these VLANs cannot be changed or used.

Configuring a VLAN

Creating and Deleting a VLAN

You can create or delete all VLANs except the default VLAN and those VLANs that are internally allocated
for use by the switch. Once a VLAN is created, it is automatically in the active state.

Note When you delete a VLAN, ports associated to that VLAN shut down. The traffic does not flow and the
packets are dropped.

SUMMARY STEPS

1. switch# configure terminal

2. switch(config)# vlan {vlan-id | vlan-range}
3. switch(config-vlan)# no vlan {vlan-id | vlan-range}

DETAILED STEPS

Command or Action Purpose

Step 1 switch# configure terminal Enters configuration mode.

Step 2 switch(config)# vlan {vlan-id | Creates a VLAN or a range of VLANs.

vlan-range} If you enter a number that is already assigned to a VLAN, the switch puts you into
the VLAN configuration submode for that VLAN. If you enter a number that is
assigned to an internally allocated VLAN, the system returns an error message.
However, if you enter a range of VLANs and one or more of the specified VLANs
is outside the range of internally allocated VLANs, the command takes effect on
only those VLANs outside the range. The range is from 2 to 4094; VLAN1 is the
default VLAN and cannot be created or deleted. You cannot create or delete those
VLANs that are reserved for internal use.

Cisco Nexus 5000 Series NX-OS Software Configuration Guide

4 OL-16597-01
 Configuring VLANs
Entering the VLAN Submode and Configuring the VLAN

Command or Action Purpose

Step 3 switch(config-vlan)# no vlan Deletes the specified VLAN or range of VLANs and removes you from the VLAN
{vlan-id | vlan-range} configuration submode. You cannot delete VLAN1 or the internally allocated VLANs.

This example shows how to create a range of VLANs from 15 to 20:

switch# configure terminal
switch(config)# vlan 15-20

Note You can also create and delete VLANs in the VLAN configuration submode.

Entering the VLAN Submode and Configuring the VLAN

To configure or modify the VLAN for the following parameters, you must be in the VLAN configuration
submode:
• Name
• Shut down

Note You cannot create, delete, or modify the default VLAN or the internally allocated VLANs. Additionally,
some of these parameters cannot be modified on some VLANs.

SUMMARY STEPS

1. switch# configure terminal

2. switch(config)# vlan {vlan-id | vlan-range}
3. switch(config-vlan)# name vlan-name
4. switch(config-vlan)# state {active | suspend}
5. (Optional) switch(config-vlan)# no shutdown

DETAILED STEPS

Command or Action Purpose

Step 1 switch# configure terminal Enters configuration mode.

Step 2 switch(config)# vlan {vlan-id | Enters VLAN configuration submode. If the VLAN does not exist, the system
vlan-range} first creates the specified VLAN.

Step 3 switch(config-vlan)# name vlan-name Names the VLAN. You can enter up to 32 alphanumeric characters to name
the VLAN. You cannot change the name of VLAN1 or the internally allocated
VLANs. The default value is VLANxxxx where xxxx represent four numeric
digits (including leading zeroes) equal to the VLAN ID number.

Cisco Nexus 5000 Series NX-OS Software Configuration Guide

OL-16597-01 5
 Verifying VLAN Configuration
Adding Ports to a VLAN

Command or Action Purpose

Step 4 switch(config-vlan)# state {active | Sets the state of the VLAN to active or suspend. While the VLAN state is
suspend} suspended, the ports associated with this VLAN are shut down, and that VLAN
does not pass any traffic. The default state is active. You cannot suspend the
state for the default VLAN or VLANs 1006 to 4094.

Step 5 switch(config-vlan)# no shutdown (Optional)

Enables the VLAN. The default value is no shutdown (or enabled). You cannot
shut down the default VLAN, VLAN1, or VLANs 1006 to 4094.

This example shows how to configure optional parameters for VLAN 5:

switch# configure terminal
switch(config)# vlan 5
switch(config-vlan)# name accounting
switch(config-vlan)# state active
switch(config-vlan)# no shutdown

Adding Ports to a VLAN

After you have completed the configuration of a VLAN, assign ports to it. To add ports, perform this task:

SUMMARY STEPS

1. switch# configure terminal

2. switch(config)# interface {ethernet slot/port | port-channel number}
3. switch(config-if)# switchport access vlan vlan-id

DETAILED STEPS

Command or Action Purpose

Step 1 switch# configure terminal Enters configuration mode.

Step 2 switch(config)# interface {ethernet slot/port | Specifies the interface to configure, and enters the interface
port-channel number} configuration mode. The interface can be a physical Ethernet
port or an EtherChannel.

Step 3 switch(config-if)# switchport access vlan vlan-id Sets the access mode of the interface to the specified VLAN.

This example shows how to configure an Ethernet interface to join VLAN 5:

switch# configure terminal
switch(config)# interface ethernet 1/13
switch(config-if)# switchport access vlan 5

Verifying VLAN Configuration

To display VLAN configuration information, perform one of these tasks:

Cisco Nexus 5000 Series NX-OS Software Configuration Guide

6 OL-16597-01
 Configuring VLANs
Adding Ports to a VLAN

Command Purpose
switch# show running-config vlan [vlan_id | Displays VLAN information.
vlan_range]
switch# show vlan [brief | id [vlan_id | vlan_range] Displays selected configuration information for the
| name name | summary] defined VLAN(s).

The following example shows all VLANs defined in the range of 1 to 21.
switch# show running-config vlan 1-21
version 4.0(1a)N1(1)
vlan 1
vlan 5

The following example shows the VLANs created on the switch and their status:
switch# show vlan

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------
1 default active Eth1/1, Eth1/2, Eth1/3, Eth1/4
Eth1/5, Eth1/6, Eth1/7, Eth1/8
Eth1/9, Eth1/10, Eth1/11
Eth1/12, Eth1/15, Eth1/16
Eth1/17, Eth1/18, Eth1/19
Eth1/20, Eth1/21, Eth1/22
Eth1/23, Eth1/24, Eth1/25
Eth1/26, Eth1/27, Eth1/28
Eth1/29, Eth1/30, Eth1/31
Eth1/32, Eth1/33, Eth1/34
Eth1/35, Eth1/36, Eth1/37
Eth1/38, Eth1/39, Eth1/40
Eth3/1, Eth3/2, Eth3/3, Eth3/4
veth1/1
13 VLAN0005 active Eth1/13, Eth1/14

The following example shows the details of VLAN 13 including its member ports:
switch# show vlan id 13

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------
13 VLAN0005 active Eth1/13, Eth1/14

VLAN Type MTU

---- ----- -----
13 enet 576

Remote SPAN VLAN

----------------
Disabled

Primary Secondary Type Ports

------- --------- --------------- -------------------------------------------

The following example shows the VLAN settings summary:

switch# show vlan summary

Number of existing VLANs : 2

Number of existing user VLANs : 2
Number of existing extended VLANs : 0

Cisco Nexus 5000 Series NX-OS Software Configuration Guide

OL-16597-01 7
 Configuring VLANs
Adding Ports to a VLAN

Cisco Nexus 5000 Series NX-OS Software Configuration Guide

8 OL-16597-01