Cisco IOS: What is VLAN 1002 – 1005 used for ?

Once up a time there were other LAN protocols and Ethernet was but one of many LAN network protocols. Fiber Distributed Data Interface (FDDI) and Token Ring were also common and had many superior capabilities but because Ethernet was easy and cheap (both for network equipment and cabling) it was the most common way to connect desktops to a network. Token Ring was popular for desktops but was also much more expensive.

Therefore it was a common requirement to connect FDDI or Token Ring LANs to Ethernet LANs using bridging.

The Catalyst OS of the day reserved the Ethernet VLAN ID 1002-1005 in the software so that there would be default VLANs for the FDDI and Token Ring interfaces to belong to and then be bridged into the appropriate Ethernet VLANs (because routing was too expensive and very slow to be used).

Prototype table
VLAN ID Function
VLAN 1002 Default FDDI VLAN
VLAN 1004 Default FDDI NET VLAN
VLAN 1005 (trbrf-default) with bridge number 0F Default Token Ring TrBRF VLAN
VLAN 1003 (trcrf-default) Default Token Ring TrCRF VLAN

Later, the code that managed this process was still left in the IOS SX software because it was tightly bound to other VLAN code it couldn’t be removed. Today, I think these VLANs are still reserved because the legacy code is still in place, and because it might cause software defects if it was removed – it’s not causing a problem so why change anything 1

In the latest Cisco Nexus switches, the new software platform does not contain any of the legacy code ( or any need to work with FDDI or Token Ring) and so does not have this restriction.


  1. Cisco’s reluctance to move their code base forward is annoying and reassuring at the same time. On one hand, they should be able to refactor their code easily and progressively without causing problems. On the other hand, I don’t want to see the code unstable and unreliable. This whole issue highlights Cisco’s IOS SX software development and architecture as reasonably poor.

About Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus

You can contact Greg via the site contact page.

  • Craig

    In your footnote you base crticism on the IOS SX software on something you “think”. Its left in for backward compatibilty because there are networks in places that cant afford to upgrade networks that are working fine simply to stay current. It shows a commitment to customers using legacy products by not forcing the upgrade.

    Honestly, your blatant Cisco bashing leaves a bad taste and makes you look quite silly. Human Infrastructure, indeed..

    • http://etherealmind.com Greg Ferro

      Sigh, “Cisco Bashing” – last week it was HP bashing, and the week before IEEE bashing, and the week before that “CheckPoint bashing”.

      It’s simple criticism and, taken in the context of other topics, reasonable. IOS SX has plenty of problems as well as many great features. Overall, it’s my opinion that it should have been retired five years ago and new OS platform developed. Instead as IOS SX got more complex there were more instabilities than was reasonable.

      But you have your own opinion. You are welcome to it.

      • Simon Dwyer

        CheckPoint bashing is ok though Greg :)

      • Jim

        To be honest, Greg, I’m starting to get bored with the ‘everything bashing’ both on packet pushers and on the blog. You do some great podcasts and blog entries, but you guys seriously need to cheer up a bit.

        I would recommend the SPB session a few weeks back and also the recent Arista episode as the model you should be using going forward – instructional, respectful and time well spent for everyone. On the other hand, this weeks session with a bunch of clearly bored network engineers sitting around the phone bashing every product vendor under the sun is surely just a waste of everybody’s time.

        It does, however, go without saying that it is your podcast and you are completely free to do and say anything you like, but I really think your growing audience of listeners and hopefully sponsors would prefer to listen to more SPB / Arista type shows than the jibber jabber we all spent an hour listening to this week.

        Anyway, I have a suggestion for you.

        My suggestion is for you to go off and join Cisco/Juniper/HP or whoever and spend a few years showing them just how easy it actually is to deliver perfect hardware and software whilst keeping the multitudes of customers in every imaginable industry happy, maintaing backward compatibility, fixing bugs all whilst innovating like crazy (on vendor silicon, of course).

        Most importantly you must do all this without upsetting people who don’t like to wait for new features until the standards are done (you might hear that your company doesnt innovate anymore). You must also avoid upsetting the folks who like to slaughter any vendor with the audacity to get ahead of the curve and actually try giving early adopters a feature before the standard has finalised (in this case you might hear that your company doesnt follow a standard that is yet to be finalised). You may learn these (sometimes same) people appear to have contradictory requirements – which is odd.

        As I’m sure you can see from my network address, I work over at Cisco, so why don’t you take the challenge, join up with one of the vendors and show us all how it should be done.

        Needless to say, these views purely my own and I cant actually offer you a job, however, I’m sure if you send in your CV someone will call you back to snap you up.

        Best Regards and keep up the good work.

        J

        • http://etherealmind.com Greg Ferro

          I’ve given the “always negative” aspect quite a bit of thought and it’s a constant theme.

          First – I think that there is more to criticise in networking at this time than there is good. Cisco has seriously failed to deliver innovation to existing network customers. Executive focus was on “market transitions” for handheld video, set top boxes, media and videoconferencing and more. You could make the argument that Cisco picked the transition, but I would also point you that execution has fumbled. The only highlight has been UCS in server space which is entirely complementary to networking and builds on core competencies. Things are changing though, and HP & Juniper are making strides forward and startups like Arista are highlighting Cisco’s shortcomings.

          Second – I have considered working for vendors but it’s my view that the personality and attitude required doesn’t suit me. I’m too change focussed, and impact driven to be part of the monoliths of networking. While I would love the opportunity to be someone like Ron Fuller, Andy Sholomon, or Beaker, or Aneel, Michael Bushong, who have freedom, flexibility and resources to create change, it takes a long time of successive achievement inside a big company to get there. I’m broadly happier working with customers, and making a difference at that level. I can impact operations, and management decisions as well technology in these roles.

          Finally, the big vendors have huge marketing departments, and budgets to match, that attempt to make the story the way they like it to be. I’d like to set that into better balance by higlighting the realities. For example, if you listen to the news you might think that crime os worse than it has ever been, and yet, the statistics clearly show that there has never been less crime.

          I would challenge you to look through the hype and see what really needs changing in the network industry. We’ve done good, but we need to do it better. The next wave of networking is here and it’s all about faster change, rapid deployment, and better technology. I don’t see enough people handling that, or comprehending it.

          And really finally, I only write about what matters to me. Writing about the lovely colour scheme on Nexus 7000 isn’t interesting.

          So I’d encourage you to start a blog, write something every day about how wonderful networking is. I’ll link to you and get you some coverage. Lets see how that works out.

          Thanks for the regards – I’ll keep working on it though, I’ve got some improving to do.

          greg

        • http://etherealmind.com Greg Ferro

          Oh, one more thing. I’d be more positive about Cisco if they could deliver on their promises. Despite committing to provide people for Packet Pushers, we haven’t had much success in terms of delivery. Lots of promises but not much follow through. I know they are busy and it’s not part of Cisco’s core marketing operation but still, more than a little frustrating when you try to put some balance by covering Cisco products and they can’t be bothered to follow through.

          greg

    • Bert Vermeulen

      “Reasonably poor” is just about the kindest, most diplomatic way to describe Cisco IOS. For those of us who are network geeks but also well versed in software design and OS architecture, it’s no secret that IOS is an embarrassing pile of ****. It never progressed beyond the level of DOS where memory management, modularity etc etc are concerned.

      • http://etherealmind.com Greg Ferro

        Well, yes there is that. I wasn’t going to be a “Cisco Hater” though and say those things. :)

  • Julio

    Is “IOS SX” some new IOS variant I’m not aware of? I suspect you’re referring to 12.2SX on the 6500, but I must admit, I’ve never heard it called that.

    • http://etherealmind.com Greg Ferro

      IOS SX is the standard term to describe IOS 12.2SX – which is a different version os IOS. SO normal IOS is sometimes known as “Classic IOS”, IOS XR is another.

  • http://libertysys.com.au/ Paul

    Dear Greg,

    I support your right to bash whatever you please, even including things i like. Don’t hold back! ;-)

    Just out of curiosity, do you know of any reserved VLANs on any other vendor equipment? I want to put them into my VLAN plan.

    Thanks,
    Paul

Subscribe For Weekly Updates by Email

Get a Weekly Summary of Latest Articles and Posts to your Email Inbox Every Sunday

Thanks for signing up. Look for the email from MailChimp & make sure you confirm your email address. You may need to check your spam or gmail settings to be sure of receiving the email.

Note: You can unsubscribe at any time using the link at the bottom of every email.