Habari, marafiki.

Putting 2 topics into the one post here and its probably still gonna be a stubby one. Saving paper. Everybody knows what a VLAN database is and they already know the VLAN ranges. Alas, I made a promise to myself at the beginning of this journey that I would do a post for every topic on the syllabus, and I’m a man of my word.

The VLAN database is a big old list (or small list depending on how many VLANs you have configured) that contains the configured VLANs, as well as the default VLANs and reserved VLANs that are present on the device. Anything with switching capabilities will have a VLAN database (apart from unmanaged switches) so this includes routers, wireless controllers etc. VLANs are not stored in the running or startup configuration, they are stored in a file on the flash called vlan.dat. If you were to take a look at this file by typing ‘more vlan.dat’, then you would be confused. It’s not really a very readable thing. Lots of hex, lots of dots, not really a page turner. However, its useful to know that if you want to delete every VLAN on the device and start from scratch, rather than doing a load of ‘no vlan 10, no vlan 20’ etc, you can just delete that file from flash.

To add a VLAN into the database its as simple as:

Once the VLAN has been created, it takes you to a config-vlan prompt, that allows for many different VLAN configuration options. Its not necessary to, but for clarity its always good to name the VLAN as to its purpose. In this example, I’ve created VLAN 50 and have named it ‘Finance.’ Lets see how that looks in the VLAN database:

So we can see VLAN 50 added, along with its name. The command sh vlan brief (prefixed here with a do as I’m at a configure terminal prompt) shows all VLANs in the database, and what ports are currently assigned to those VLANs. Be aware, that trunks will not show in this list. At the bottom of this list are VLANs 1002-1005. These are VLANs that are reserved for certain types of media.

So is there a limit to the number that can be used for VLANs? Yes. Are there specific numbers I can’t use? Yes.

VLANs can be configured between 0-4095. However, VLAN 0 and VLAN 4095 (much like the first and last address of subnet) cannot be used as these are used by the IOS. VLAN 1 is the default VLAN. This cannot be deleted but can be used (although as previously discussed, not recommended.) VLANs 2 -1001 are standard VLANs that can be created, used and deleted at will. VLANs 1002-1005 are reserved as per the image above and cannot be deleted. VLANs 1006-4094 are extended VLANs. Whats an extended VLAN? Pretty much the only difference I can tell between standard and extended VLANs is that extended VLANs cannot be created and propagated out via VTP (which we’ll discuss in a couple of posts time.) If these VLANs are to be used, the device will need to be in transparent mode if part of a VTP domain (again, will explain later.) They also say that VLANs 1006-4094 are ‘ethernet only’ but nowadays I don’t know what else you’d use anyway.

So for clarity:

VLAN 0,4095 – reserved for system use. These cannot be seen in the database.

VLAN 1 – reserved. Can be used but cannot be deleted and edited.

VLAN 2-1001 – standard VLAN range. Can be used, edited and deleted.

VLAN 1002-1005 – reserved for FDDI, token ring. Legacy stuff.

VLAN 1006-4094 – extended VLAN range. Ethernet only and wont distribute via VTP.

There we have it. All there is to it really.

Jack xx