[c-nsp] purposefully mismatching native vlans

[Mark Brochu]

Greetings and happy holidays all :)

I'm working on migrating a large network (~5000 nodes) from flat class B 
to subnetted.  The decision was made to initially break the network up 
into 4 /18 subnets, one of them being our residential network.

With intervlan routing, we were prepared to deal with changing the 
native vlan membership of all our access ports from vlan 1 to the vlan 
id of the main subnet where the port is located.

Since this involves a large number of ports, we were going to use 
perl/expect to script it across our resnet switches ( approx 250 cat 
2950's ).

Architectually I dislike this approach.  I looked into ways to translate 
vlan 1 to the required vlan (1841) on our 6500 sup2.  Vlan translation 
looked interesting, but there are several caveats which limit it's 
usefulness.  I haven't had much luck searching for inline vlan 
translation devices either.  One thing that seems to be working is 
simply switching the native vlan on our core router to translate the 
untagged traffic to the correct vlan.

The two main errors that happen are

1. Spanning Tree disables the vlan due to native vlan bpdu mismatch (as 
it should)

2. Lot's of CDP spam involving native vlan mismatch when testing between 
two cisco switches.

I feel that disabling spanning tree on that vlan is justifiable.  I can 
also prevent the log spam by disabling cdp v2 on the other ends.  I'm 
wondering if there are any other possible caveats I may run into. 
Looking forward to your input!

Mark Brochu
Network Analyst
University of Hartford