Home > VLAN Questions 2

VLAN Questions 2

May 23rd, 2017 Go to comments

Question 1

Question 2

Question 3

Explanation

The default Ethernet VLAN is VLAN 1. It is a security best practice to configure all the ports on all switches to be associated with VLANs other than VLAN 1. All used ports are associated with VLANs distinct from VLAN 1.

Reference: http://www.ciscopress.com/articles/article.asp?p=2181837&seqNum=11

All control/management traffic (like CDP, VTP, DTP…) is sent on VLAN 1 and we should separate management and user data traffic. Another reason is by default, the native VLAN is also VLAN 1 which is untagged on trunk links so it may cause a security hole.

Question 4

Explanation

The native VLAN must match on both sides of the trunk link for 802.1Q; otherwise the link will not work. If there is a native VLAN mismatch, Spanning Tree Protocol (STP) places the port in a port VLAN ID (PVID) inconsistent state and will not forward on the link -> STP can detect native VLAN mismatch.

Note: Cisco Discovery Protocol (CDP) version 2 passes native VLAN information between Cisco switches. If you have a native VLAN mismatch, you will see CDP error messages on the console output like this:

Dec 9 14:10:21: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet0/1 (1), with FastEthernet0/2 (301)

Therefore CDP can also detect native VLAN mismatch.

Reference: http://www.ciscopress.com/articles/article.asp?p=29803&seqNum=3

Question 5

Question 6

Explanation

Answer A is not correct because when a packet is received from an 802.1Q trunk, it always carries VLAN ID information in the VLAN tag portion so the switch does not need to look up its source MAC address table to determine the VLAN ID of that packet.

Question 7

Question 8

Question 9

Comments (3) Comments
  1. Anonymous
    September 6th, 2017

    vlan 1

  2. nickaro
    September 16th, 2017

    Q.5. I think correct answer is B.

    You can read:
    Extended VLANs have VLAN IDs in the range from 1006 to 4094. You can create or delete extended VLANs using the command-line interface (CLI) in the config-vlan submode

    in: https://www.cisco.com/c/en/us/td/docs/ios/12_4t/12_4t15/ht_xvlan.html

  3. Bhagya
    October 22nd, 2017

    Q.5, I also think B also a correct one.

Add a Comment