We help IT Professionals succeed at work.

What is Native vlan

What is native vlan.
Watch Question

Top Expert 2009
It is the VLAN in which traffic from that VLAN doesn't get tagged when traversing a trunk.  All the other VLAN traffic gets tagged.
On Cisco devices, this is VLAN 1, and like JFrederick29 said:  If you do not setup any specific VLAN tagging, everything is tagged with the default VLAN.
This only matters if you start to use other VLANs, in which case you need to be aware that the default VLAN needs to be routed, ACLed just like any you create.
Also, in both ISL or 802.1q VLAN tagging (ISL is Cisco proprietary), they both have Native VLAN's.  If you put put Native VLAN traffic under a scope, it would look exactly the same as just your regular non-VLAN traffic.

I believe an ISL VLAN adds 26 bytes on the front and 4 byte on the end, for 30 bytes.  Where 802.1q only adds 4 bytes to each packet.

Although it is frowned upon by some, I always keep critical data (that is physically in a secure location) on the native VLAN.  Then if the switch dies, I can use any switch, even one that doesn't support VLAN, and at least get that data to pass through.
also see this nice video tutorial


Dear pawanopensource

Native VLAN

A topic that causes considerable confusion is the native VLAN. The native VLAN is a term used with interfaces that are configured as VLAN trunks. When a switch port is configured as a trunk, it tags frames with the appropriate VLAN number. Frames from all VLANs are carried across the trunk link containing the 802.1Q or ISL tag, except for frames belonging to VLAN 1. By default, frames from VLAN 1 belong to native VLAN, and are carried across the trunk untagged. Frames from the native VLAN, VLAN 1, are carried across this trunk link untagged. [1]
The IEEE committee that defined 802.1Q decided that because of backward compatibility it was desirable to support the so-called native VLAN, that is to say, a VLAN that is not associated explicitly to any tag on an 802.1Q link. This VLAN is implicitly used for all the untagged traffic received on an 802.1Q capable port.
This capability is desirable because it allows 802.1Q capable ports to talk to old 802.3 ports directly by sending and receiving untagged traffic. However, in all other cases, it may be very detrimental because packets associated with the native VLAN lose their tags, for example, their identity enforcement, as well as their Class of Service (802.p bits) when transmitted over an 802.1Q link.
For these reasons, loss of means of identification and loss of classification, the use of the native VLAN should be avoided. There are very few reasons why the native VLAN would ever need to be used.
The native VLAN can be modified to a VLAN other than VLAN 1 with the following interface command:
Switch(config-if)#switchport trunk native vlan vlan-id
It is recommended that the native VLAN should never be used as a user VLAN or the management VLAN.
Earlier it was stated that the control traffic, CDP, VTP, PAgP, and DTP, is transmitted over VLAN 1, the native VLAN. If the native VLAN is changed to something other than VLAN 1, then the control traffic would then be transmitted on VLAN 1 as tagged. This will have no ill affects on the control traffic.
In most cases, it is fine to leave keep the control traffic on VLAN 1 with the default native VLAN, also VLAN 1. Usually, this should be the only information that should be carried across the VLAN 1.
It is also important to ensure that both ends of a switch-to-switch link have consistent native VLANs. If the native VLANs at both ends of a link are not the same, there will effectively be a bridge between the two VLANs and they will no longer be independent broadcast domains. Fortunately, recent versions of the IOS alert the user when mismatches in the native VLAN occur.

For more Details check this Link :


Good Luck