NATIVE VLAN QUERY

Dependant on whether a company can afford specific hardware or software for IT equipment im wondering the following:

ISL - Has no concept of Native vlan - why?

802.1q - Does use Native vlan, therefore traffic is 'Untagged', although Im assuming this is NOT has robust as ISL?

Assuming ISL is more robust and carries out CRC OR FRC Im assuming this is why it does NOT need to use 'Native vlan'?
mikey250Asked:
Who is Participating?
 
Marius GunnerudConnect With a Mentor Senior Systems EngineerCommented:
ISL is a cisco proprietary protocol that encapsulates all frames going through the trunk which is why there is no concept of native vlan. ISL does not understand what a native vlan is. Since ISL encapsulates all frames there is much greater overhead, 802.1q only adds a header to the frame.

802.1q is IEEE industry standard. The only frames that are "untagged" in 802.1q are the frames that originate from within the native vlan (vlan 1 by default on cisco) all other vlan frames are tagged to identify which vlan they originate from and helps the other switch identify which vlan to send the traffic to.
0
 
Jimmy Larsson, CISSP, CEHConnect With a Mentor Network and Security consultantCommented:
I totally agree to what MAG03 saids. I just want to add that today ISL is ancient history. There should be no reason with modern hardware to consider using ISL. Stick to 802.1q, it is the de facto standard of today and compatible with all available vendors in contradiction to ISL.

/Kvistofta
0
 
Don JohnstonConnect With a Mentor InstructorCommented:
One of the reasons for the native VLAN is that was where the BPDU's were carried. 802.1q only supported CST (Common Spanning Tree).

One of the "improvements" that came with ISL was the ability to do Per-VLAN Spanning Tree (PVST). In this situation, a separate instance of Spanning-Tree is created for each VLAN.

Of course when 802.1q came out, Cisco turned around and implemented it with PVST+ which allowed them to do Per VLAN Spanning-Tree with 802.1q.

But in the end, ISL is a dying protocol. Cisco doesn't support it on a number of their own platforms anymore.
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
mikey250Author Commented:
1.  Although the below is mentioned, the native vlan 1 can be changed to '99' for example to stop vlan hopping so, presumably this is one way around the 'untagged' frame im assuming although still not 'tagged' offers protection?

"802.1q is IEEE industry standard. The only frames that are "untagged" in 802.1q are the frames that originate from within the native vlan (vlan 1 by default on cisco) all other vlan frames are tagged to identify which vlan they originate from and helps the other switch identify which vlan to send the traffic to."


2.  If ISL is more robust ie encapsulates the whole frame then why is 802.1q more popular, what was the deciding factor as I would have thought ISL was the winning protocol, or is it down to the 'overhead', however this may affect services?
0
 
Marius GunnerudConnect With a Mentor Senior Systems EngineerCommented:
Changing the native vlan to an unused vlan, ie. vlan 99, will help prevent vlan hopping. For more information on vlan security have a look at the following link: http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml

two reasons that 802.1q is preferred are that it is industry standard so if you can use other vendor devices together. The other reason is the overhead, and depending on how much traffic there is flowing over the network this can negatively affect the network.

0
 
Don JohnstonInstructorCommented:
1) Some vendors allow tagging all VLANs (including the native VLAN). If not, the typical approach is the specify an unused VLAN as the native VLAN.

2) The only people that would say ISL is more robust would have been Cisco sales people. :-)  802.1q is more popular because (A) it's a standard and (B) it does everything that is required in a trunking protocol.
0
 
mikey250Author Commented:
ok understood and will read the url!
0
 
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
There is no tech-details to add, all is said above. I recommend a split between us participating experts.

/Kvistofta
0
 
mikey250Author Commented:
apologies for not closing this thread as Ive had issues with my internet connection and was not able to log on.  Im ok now so will close this thread.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.