|
How to change the VLAN a switchport is assigned to.
First find the switchport if you do not know which switchport or which module/port number the device is on.
Why do we need to change the switchport VLAN?
The most common reason for changing the VLAN assignment on a switchport is because a host PC or server is being installed or it's IP address is changed to a subnet belonging to another VLAN. Another less common reason is to set the native VLAN on a trunking port to permit ISL frame tagging or dot1q trunking between switches.
What do we need to know to change the VLAN?
If you know the switch and module/switchport the device is on, your job is pretty simple. If you don't, you will need to do some work to find it. If a device's IP address is going to be changed, it is always easier to find a device's switchport while it is up on it's old IP address and it's switchport is on the matching vlan for that IP (before you have made any changes). This is because it is still reachable at layer 3 so the switching fabric is going to hold a CAM table entry for the default of 5 minutes after it last passed traffic, after which it times out based on the cam agingtime for that vlan and it is removed from the cam table. If it is reachable at layer 3 the device's gateway router will cache an arp entry containing the mac address for it as well. If it cannot pass traffic at layer 3, the only time the switch fabric will cache it's mac address is for the 5 minutes after it first joined the bridge, or for example if it is a server or PC that just booted up. With this cam table feature in mind we can still find the device's switchport after the device is assigned and configured with a new ip address that belongs to the intended target vlan while it's switchport is still assigned to the old vlan. If the switchport has never been used before, it is likely on vlan 1. We know that when the device is booted and joins the bridge, it does a broadcast to the network for numerous reasons, causing the switch fabric to learn it's mac address, so even if it cannot reach the correct layer 3 network or vlan, it can be found at layer 2 since it now has an entry in the cam table. You now have 5 minutes to find it's switchport and change the vlan.
If the reason for the vlan change is to set the native vlan on a trunking port, you likely already know the switchport requiring the vlan change. If not, you can use the "show cdp neighbor" command to find the neighboring switch you need to trunk to on the switchport it is uplinked from.
This is done in 3 steps;
- find the switchport.
- Change the vlan assignment on the switchport.
- Name the port or add a description.
Change the vlan a switchport is on
If a popup window did not open when you came to this page, you may be using a popup blocker that prevented it from opening.  You can click on the CLI icon to the left to open it manually. We will refer to this window as the CLI (Command Line Interface) from now on.
Review the CLI with the Cisco router command line output where we used the command “set vlan 545 2/22". The output of this cisco set based switch command can be useful to retain in an activity log, at least for a couple of hours in case you mistakenly changed the wrong switchport and it takes a while for the trouble report on the switchport change to reach you. Keep in mind that on a Catalyst set based command line there is no config to save, all changes are immediately saved, so you could not go back to the switch and look at the startup-config like you could on a cisco router. Note how the output of set vlan 545 2/22 shows the change on the old vlan and the new vlan assigned to the switchport. If you later discover you changed the wrong switchport you can refer to this command output to change it back.
Next we issue the show port command on the Catalyst switch to review the changes and the status of the switchport. The first line of output will give us the switchport status of not connected and we see that it is set to full duplex and the port speed is fixed at 100. Since it is showing not connected there is now way we could have found the switchport using the cam table entries. In hindsight we know that in this case we had to know the mod/port number.
To make future lookups on the switch easier we will name the switchport. You do this using the set port name switch command. First we clear the old port name using set port name [mod/port] and then rename the port using set port name 2/22 Some_server. In reality you only need to set a switchport name by using the full command including the new name, I only cleared the name here to illustrate how it is possible to do so. Next we use the show port switch command to confirm the port status.
Now we telnet to a native IOS cisco switch to make the same type of switchport vlan change but using a configuration syntax and procedure similar to a cisco router command set. For each switchport configuration change you will enter the equivalent of interface configuration mode on a router. Even though we go into interface configuration mode using config t or config terminal we make the vlan assignment change using the switchport access vlan 545 command. This vlan change goes under the switchport subset of commands because on the native IOS switches the switchports can be turned into routed layer 3 interfaces with the switchport bridge features disabled. The interface is named using the interface command description Some_server. If you want to get out of configuration mode altogether you will use the end command, if you want to go back one level to global configuration mode use the exit command. You will need to get out of configuration mode altogether to either save the config or review the changes you made. Use the command show run interface fastethernet2/27 or sh run fa/27 will work as well to review the changes. If all is correct, save the config using the copy running-config startup-config comand, or using copy run start will work as well.
This procedure on the native IOS switches will not give you a record of the previous vlan assignment on the port like the set vlan command on the set based catalyst switches do. If you want to maintain a record of the previous vlan assignment you need to use the show startup-config | begin fastethernet2/27 or sh start | beg 2/27 command. The switches that the show running-config interface command options work on ( WS-4506 in this case ) do not support the interface option under the show startup-config command so it is necessary to filter or pipe the output of the show startup-config command to the begin option. The command output will "begin" at the first match against "2/27". See the CLI, since the output only shows the interface without any "sub" commands we know the interface had default settings before we made the changes to vlan 545. The output of show running-config or show startup-config does not display default settings by default. Keep in mind that all this is an exercise in CYA and is not really necessary for any technical reason other than saving yourself from scrutiny by your peers or your boss. You will need to back out of an incorrect vlan change as quickly as possible, so an activity log is always a good thing for post mortem reviews and recovery.
A personal beef with switches running native IOS
We can all appreciate Cisco's answer to a long standing universal complaint about the vast differences in router and switch configuration command conventions of the past. I think that in their decision to go with the Native IOS router command conventions on switches, they forgot to offer a means of making wholesale switchport changes on native IOS switches like there is on the set based catalyst switches. It was a time saver to be able to make changes for an entire range of catalyst switchports using a hyphenated range of port numbers. A good example would be the set vlan 545 2/1-48 command where all 48 ports can be changed with one command. Maybe they will address the issue in the future, for now though this seems to be an issue that tends to affect initial switch configuration rather than ongoing maintenance where one off changes are the norm.
|
