show vlan – VLAN Configuration & Troubleshooting Guide

Purpose of `show vlan` Command

Definition: show vlan is a Cisco IOS switch command used to display all configured VLANs, their status, names, and port assignments.
Usage:

See all VLANs (including default, user-defined, and management VLANs)
Troubleshoot connectivity and validate switch configuration
Audit port assignments and VLAN statuses

Understanding Command Output Fields

Sample Output:

Switch# show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi0/1, Gi0/2, Gi0/3
10   SALES                            active    Gi0/4, Gi0/5
20   ENGINEERING                      active    Gi0/6, Gi0/7
100  MANAGEMENT                       active
999  PARKING                          suspended

Field	Description
VLAN	Numeric VLAN ID (e.g., 1, 10, 100)
Name	Human-readable name (up to 32 characters)
Status	“active”, “suspended”, or “inactive”
Ports	Physical access ports assigned to this VLAN

Types of VLANs Displayed

Default VLAN (1): All switch ports are members by default.
User-defined VLANs: Created by admins for network segmentation.
Management VLANs: For switch management (usually VLAN 1 or a dedicated VLAN).

Note: Trunk ports are NOT listed under VLANs in show vlan. Use show interfaces trunk to verify trunk membership.

Interpreting VLAN Status

Status	Description
active	VLAN is operational and forwarding traffic
suspended	VLAN is administratively suspended (VTP issues or admin action)
inactive	VLAN not currently in use (rare)

Exam Tip: If a VLAN is “suspended”, all devices in that VLAN will lose connectivity until it is resolved.

VLAN Membership and Port Assignment

Static assignment: Ports are manually added to VLANs.
Dynamic assignment: Achievable with VMPS (rarely used now).
Access ports: Untagged; shown in show vlan.
Trunk ports: Not shown under specific VLANs. Use show interfaces trunk for details.

Related Commands and Output Filtering

show vlan brief: Condensed, quick view of all VLANs and port assignments.
show vlan id [VLAN_ID]: Details for a specific VLAN.
show vlan | include 10: Filter output to lines with "10" (e.g., for VLAN 10).
show interfaces switchport: VLAN assignment for every port.
show interfaces trunk: Trunk ports and allowed VLANs.
show spanning-tree vlan [id]: STP status for a specific VLAN.

VLAN Consistency and Multi-Switch Networks

All switches must have matching VLANs (ID and name) for end-to-end communication.
Use show vlan on every switch to check VLAN presence and assignment.
Use show interfaces trunk to verify trunks between switches allow the required VLANs.

Tip: VLAN mismatches across switches will result in lost connectivity for affected devices!

Common Troubleshooting Scenarios

Missing VLAN: Not listed in show vlan → Create the VLAN.
Incorrect Port Assignment: Port not in correct VLAN → Use switchport access vlan [VLAN_ID].
Trunking Issues: Ports not assigned to any VLAN → Check trunk config (show interfaces trunk).
Suspended VLAN: Not passing traffic → Check VTP and admin status.

Best Practices in VLAN Management

Use clear, descriptive VLAN names (e.g., “SALES”, “MGMT”).
Audit VLANs and port assignments regularly.
Maintain consistent VLAN configuration across all switches, especially with VTP.
Document VLAN usage for all users/devices for easy troubleshooting.

Example: Adding a VLAN and Assigning a Port

Scenario: John joins the SALES department. Create VLAN 30 for SALES and assign John’s port (Gi0/10) to VLAN 30.

Create VLAN 30:

Switch# configure terminal
Switch(config)# vlan 30
Switch(config-vlan)# name SALES
Switch(config-vlan)# exit
Switch(config)# exit

Assign port Gi0/10 to VLAN 30:

Switch# configure terminal
Switch(config)# interface GigabitEthernet0/10
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 30
Switch(config-if)# description John's PC
Switch(config-if)# exit
Switch(config)# exit

Verify with show vlan brief:

Switch# show vlan brief

VLAN Name         Status    Ports
---- ------------ --------- ----------------------
1    default      active    Gi0/1, Gi0/2, Gi0/3
30   SALES        active    Gi0/10

Check port VLAN details:

Switch# show interfaces GigabitEthernet0/10 switchport

Name: John's PC
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Access Mode VLAN: 30 (SALES)

Audit all VLAN assignments (summary):
```
Switch# show interfaces switchport
```
Verify on all switches: Repeat on every switch to ensure VLAN 30 exists everywhere John’s traffic might go.

Example: Troubleshooting VLAN Issues

VLAN missing? Create it (vlan [ID] in global config).
VLAN “suspended”? Resolve VTP conflicts and enable VLAN admin status.
Port not assigned? Use switchport access vlan [ID].
Traffic not passing? Check show interfaces trunk to verify VLAN allowed on trunks.

Summary Table: Key VLAN Command Differences

Command	Purpose
show vlan	Shows VLAN IDs, names, status, access port assignments
show vlan brief	Condensed VLAN/port overview
show interfaces switchport	Detailed VLAN info for each interface
show interfaces trunk	Trunk ports and allowed/active VLANs
show running-config	See full configuration, including VLANs and port assignments

Exam & Practical Tips

Know what info show vlan provides – trunks NOT included in port list.
Use show vlan brief for fast mapping; show interfaces switchport for deep detail.
Troubleshoot “suspended”/missing VLANs by checking VTP/admin status.
Always verify after making changes, not just before!
Consistency across switches is critical in multi-switch networks.
Document all VLAN assignments for future audit/troubleshooting.

Show VLAN Command Quiz

1. What information does the `show vlan` command display?

A. Detailed routing table B. List of active DHCP leases C. VLAN IDs, names, statuses, and port memberships D. Trunk port configurations

Correct answer is C. The show vlan command displays VLAN IDs, names, statuses, and the ports assigned to each VLAN.

2. What does the VLAN status "suspended" indicate?

A. VLAN is administratively suspended, possibly due to VTP inconsistencies B. VLAN is fully operational and forwarding traffic C. VLAN is deleted D. VLAN is suspended temporarily for maintenance

Correct answer is A. Suspended VLANs are administratively suspended and typically do not forward traffic.

3. Which VLAN is the default VLAN on Cisco switches?

A. VLAN 100 B. VLAN 10 C. VLAN 999 D. VLAN 1

Correct answer is D. VLAN 1 is the default VLAN where all ports are initially assigned.

4. What does the "Ports" column show in the `show vlan` output?

A. All trunk ports configured on the switch B. Access ports assigned to the VLAN C. Wireless access points connected D. All devices connected to the VLAN

Correct answer is B. The Ports column lists access ports assigned to each VLAN. Trunk ports are not shown here.

5. Which command shows VLANs and the trunk ports that carry them?

A. show vlan brief B. show interfaces switchport C. show interfaces trunk D. show vlan trunk

Correct answer is C. The show interfaces trunk command lists trunk ports and VLANs allowed on them.

6. What should you do if the `show vlan` output does not list an expected VLAN?

A. Create the VLAN manually using vlan [ID] command B. Reboot the switch C. Reset all port assignments D. Disable the VLAN database

Correct answer is A. Missing VLANs must be created manually using the VLAN configuration commands.

7. What is a common cause for a VLAN to show as "suspended"?

A. Port is disabled B. VLAN is newly created C. VLAN has no assigned ports D. VTP configuration inconsistencies across switches

Correct answer is D. VLANs are often suspended due to VTP mismatches or inconsistencies.

8. Which VLAN type is typically used for switch management traffic?

A. User-defined VLAN B. Management VLAN C. Suspended VLAN D. Native VLAN

Correct answer is B. The management VLAN handles switch management traffic, often VLAN 1 or a dedicated VLAN.

9. How can you verify which VLAN a specific port belongs to?

A. show vlan summary B. show interfaces trunk C. show interfaces switchport D. show ip interface brief

Correct answer is C. The show interfaces switchport command shows VLAN membership for a port.

10. What is a best practice when managing VLANs in a multi-switch network?

A. Maintain consistent VLAN IDs and names across all switches B. Use different VLAN IDs on each switch C. Disable VLAN trunking D. Only configure VLANs on the root switch

Correct answer is A. Consistency in VLAN IDs and names across switches avoids connectivity issues.

← Back to Home