Cisco Native VLAN mismatch


After installing a test Meraki MS220-8 switch in my lab environment at home, I noticed when I remoted into my core switch for my lab, a Cisco SG300-20, it was displaying messages about a Native VLAN mismatch. I wanted to take a moment and describe why this message is important.  The Cisco Native VLAN mismatch basically is saying that you have a device plugged into your Cisco device that has a different native VLAN than your switch.

The following was seen on the Cisco switch by issuing a show log command:

Cisco Native VLAN mismatch

The native VLAN mismatch is problematic because any untagged traffic on your downstream switch thinks that its native VLAN is a certain VLAN and passes that untagged traffic to your upstream switch which has a native VLAN assigned to another numbered VLAN, that traffic will seemingly traverse VLANs just by traffic moving from one switch to another via the trunk ports.  This can create confusion and problems with traffic flow as untagged traffic moves between VLANs getting assigned to different VLANs as the traffic flows.

In my case is wasn’t a big deal as I simply plugged my roughly unconfigured Meraki into my Cisco switch and didn’t have any devices plugged into the Meraki.  Chaning the native VLAN on the Meraki is easy enough.  Simply login to your cloud console and edit your switch port(s).

native01-296x300 Cisco Native VLAN mismatch

As you can see above you simply edit the “Native VLAN” field to match up with your upstream Cisco switch that is complaining about the VLAN mismatch.  After editing and saving the configuration on the Meraki switch, I no longer received the VLAN mismatch error on the Cisco switch.

Final Thoughts

Of course in a lab environment, a native VLAN mismatch can be annoying but not the end of the world.  However, in a production environment, a native VLAN mismatch can be extremely difficult to track down if it is at play and can potentially cause major outages if untagged traffic isn’t passed as expected.