We help IT Professionals succeed at work.

Native VLAN Mismatch and Meraki Initial Setup Question

amigan_99
amigan_99 asked
on
Medium Priority
83 Views
Last Modified: 2020-02-04
I want to connect a fresh Meraki switch to a Cisco ISR. By default the ports on the Meraki are native VLAN 1 and type Trunk. If I make the native VLAN 10 on the ISR's port attaching to the Meraki switch that would create a native VLAN mismatch - but still the two devices should be able to talk to each (assuming I have a DHCP scope on the ISR for VLAN 10).

If I have an ISR (say 4331) configured with inside trunked interface as follows:

Hostname(config)#interface FastEthernet0/1
Hostname(config-if)#no ip address

Hostname(config-if)#no shutdown

Hostname(config)#interface FastEthernet0/1.1
Hostname(config-if)#encapsulation dot1Q 1 native
Hostname(config-if)#ip address 10.10.100.1 255.255.255.0


Hostname(config-if)#interface FastEthernet0/1.2
Hostname(config-if)#encapsulation dot1Q 2
Hostname(config-if)#ip address 10.10.200.1 255.255.255.0

ip dhcp pool MGT
 network 10.10.100.0 255.255.255.0
 default-router 10.10.100.1
 domain-name acmefoo.com
 dns-server 8.8.8.8 4.2.2.2
!
ip dhcp pool DATA
 network 10.10.200.0 255.255.255.0
 default-router 10.10.200.1
 domain-name acmefoo.com
 dns-server  8.8.8.8

The meraki should pick up an address from DHCP for VLAN 10 10.10.100.0 owing
to the fact that those frames would be untagged despite the fact that the default
native vlan on the Meraki is on. Correct?
Comment
Watch Question

CERTIFIED EXPERT
Distinguished Expert 2018
Commented:
Not sure about Meraki, but on some Cisco devices VLAN inconsistency by default will place VLAN into error-inconsistent, since information about native VLAN is part of CDP message.
I would recommend to match native VLAN on Meraki side with native VLAN on switch subinterface:

Hostname(config)#interface FastEthernet0/1.<native VLAN>
Hostname(config-if)#encapsulation dot1Q <native VLAN> native
Hostname(config-if)#ip address 10.10.100.1 255.255.255.0
!
! exclude beginning of the IP address range in the case that might be needed at some point (for example HSRP).
!
Hostname(config)#ip dhcp excluded-address 10.10.100.1 10.10.100.10
Hostname(config)#ip dhcp excluded-address 10.10.200.1 10.10.200.10

Numbers for
FastEthernet0/1.<native VLAN>
dot1Q <native VLAN> native
don't need to match, but it is more readable if they do.
amigan_99Network Engineer

Author

Commented:
Thanks for helping me think this through Perdrag. I think in future setups I'll just use VLAN1 for the
native to make sure it speaks to the Meraki. I'm take over a chair that has dozens of routers in
the field configured with the vlan 10 for management rather than 1. I'll just make it easier on
myself.. :-) And once the Meraki's talking I can change its management to a tagged VLAN
or leave it.
CERTIFIED EXPERT
Distinguished Expert 2018

Commented:
According to best practices VLAN 1 should not be used for anything except for compatibility with other vendors.
It is even recommended not to use VLAN 1 on trunks, but some other VLAN as native VLAN and that VLAN should not be used for any production network.

You're welcome.