2013年12月16日星期一

Where does the Cisco IOS switch store VLAN information

I've got a 2960 switch WS-C2960S-48LPS-L  running IOS 12.2(25).  It has an access point connected to it but guests were unable to connect to one of the wireless networks the AP provides.

One of my techs looked into it and said that VLAN 12 was not configured on the Catalyst 2960 ; VLAN 12 is the VLAN the guest wireless network uses.  He just did "vlan 12" at a conf t prompt and it all woke up.  He didn't add any interfaces to VLAN 12.  So question 1 is this: VLAN 12 exists on the AP, and the switch port the AP is on is configured to trunk.  Why was it necessary to create VLAN 12 on the switch?  None of the resources accessed by users of the guest wifi are on that switch, they just need to use its backbone to our internet router, which is also configured to trunk.

Now I can see VLAN 12 in there when I do a "sho vlan", but I can't see the command that creates VLAN 12 in the running config.  So question 2 is, when the switch reboots or whatever, how does it know to re-create VLAN 12?  Is the info stored somewhere other than the running-config?
Asking because I can envision a time when the switch dies and we go to swap in a replacement by throwing a copy of the old config on it, then sit around scratching our heads because "everything should be identical" when really the VLAN is not being created.

The answer:
The actual vlan info is kept in a file called vlan.dat  .  Depending on the device this is normally in nvram.
What is kept in the startup-config file related to VLAN's are the layer 3 definitions for the svi if you have any.
 There can be two parts of a VLAN definition.  The VLAN itself, which is what is in the vlan.dat file I referenced early.  This allows the vlan to exist as a layer 2 resource. 
Then there is the svi, which is the virtual interface which is required if you want that vlan to exist at the layer 3 level.    A layer 3 interface for the vlan is not always required.
In a well-designed network you would push the Layer 3 outward and never have a lot of switches with the same vlans. So VTP is a tool to manage a badly-designed network. Even when I've had to push vlans to a number of switches, I prefer to manage it manually- because when VTP isn't used correctly (i.e. the default "server" mode is left in place on all switches), removing a vlan on one switch removes it everywhere!

And yes, you have to add the vlans to the switch, but that had to be done anyway. Setting VTP to transparent means that the vlan configuration is stored as part of the regular config where it can easily be recreated on a replacement switch.
More about the Cisco 2960 FAQ, please visit:
http://ciscoswichfaq.weebly.com/

没有评论:

发表评论