VLAN allocation

By | March 30, 2015

Speaking of L2 design, there are several aspects to the VLAN allocation on the switches: standard and extended VLAN ID ranges, reserved IDs, internal usage, protocol limitations and design best practices.

Standard and Extended VLAN ranges

This appears to be a Cisco-specific distinction, rooted in pre-standard VLAN (trunking) implementation. Here, the VLAN ID range [1;1005] is called Standard. What created this range of “standard” VLANs is the intersection between capabilities of VTP (versions 1&2) and ISL. Cisco supports extended VLAN IDs (to the full extent of 802.1Q) in the range [1006;4094] starting with IOS 12.4(15)T.

The full VLAN range includes a few special cases:

  • VLAN 0
    • Reserved per section 9.6 of IEEE Std 802.1Q-2005:

      The null VLAN ID. Indicates that the tag header contains only priority information; no VLAN identifier is present in the frame. This VID value shall not be configured as a PVID or a member of a VID Set, or configured in any Filtering Database entry, or used in any Management operation.

  • VLAN 1
    • It is used for CDP, VTP, PAgP, MST communication and is always present on trunk links, even if pruned;
    • It is the default VLAN for access ports and the default native for trunks;
    • It appears to be impossible to remove VLAN 1 from the switch (although I haven’t tested it myself);
    • It is possible to prune (disable) it manually on a trunk, but VTP (at least versions 1&2) won’t do it. Even if pruned manually, it will remain present for the reason of protocols listed above;
    • It is highly recommended not to use VLAN 1 for actual traffic.
  • VLANs 1002-1005
    • These are used for (now seldom present on switches) IBM Token Ring and FDDI networks;
    • Being a default configuration for backward compatibility with legacy systems, these VLANs cannot be deleted from the switch;
    • Yet again, though administrator can prune them from trunks, VTP1&2 won’t do it;
  • VLANs 1006-4094
    • This is the extended range in Cisco’s implementation;
    • This range is used for “Internal VLAN” allocation (see further);
    • Can be used when VTP 1&2 is in the Transparent mode on a switch OR if we use VTP 3
  • VLAN 4095
    • Reserved per section 9.6 of IEEE Std 802.1Q-2005:

      Reserved for implementation use. This VID value shall not be configured as a PVID or a member of a VID Set, or transmitted in a tag header. This VID value may be used to indicate a wildcard match for the VID in management operations or Filtering Database entries.

Internal usage of VLAN IDs

Internal VLAN IDs are automatically reserved (and as such, removed from configurable pool) in the extended range to be used with ports of the switch configured with the no switchport command, i.e. for ports “removed” from switching to serve as [pure] L3 ports. Allocation of internal usage IDs is platform-specific and can be:

  • ascending from 1006 and up – in that case, administratively configured VLANs should be as close to  4094 as possible;
  • descending from 4094 and down – in that case, administratively configured VLANs should be as close to 1006 as possible.

The allocation itself happens in the first-come-first served order.

Other VLAN allocation considerations

Authors of the Cisco design document “HA Campus Recovery” add another perspective on VLAN allocation: there is a delay in routing protocol convergence about 100msec between VLANs:

Cisco IOS throttles the notifications for VLAN loss to the routing process (EIGRP/OSPF) at a rate of one every 100 msec. As an example, if you configure six VLANs per access switch, upon failure of an uplink, fiber traffic on the sixth VLAN converges 500 msec after the first.

Furthermore, to ensure optimal network convergence for Voice traffic, Cisco recommends that VLAN number assignments be mapped such that the most loss-sensitive applications such as voice [and video] are assigned the lowest VLAN numbers on each physical interface.

Denis Borchev
Follow me

Denis Borchev

Engineer at Netcube LLC
I am a networking engineer, a geek and a generally nice person=)
Computer Networking Engineer with some experience; MSc Applied CS, CCIE #53271
Denis Borchev
Follow me

Latest posts by Denis Borchev (see all)

One thought on “VLAN allocation

  1. Pingback: How many hosts can we handle? - Part 1 – Askbow

Comments are closed.