show vlan
Displays the current VLAN configuration on the switch, including VLAN IDs, names, status, and ports assigned to each VLAN, used to verify VLAN creation and port assignments.
show vlanWhen to Use This Command
- Verify that VLANs have been created and are active after initial configuration.
- Check which ports are assigned to which VLAN when troubleshooting connectivity issues.
- Review the default VLANs (1, 1002-1005) and ensure no unauthorized VLANs exist.
- Confirm VLAN port membership before implementing VLAN-based security policies.
Command Examples
Basic show vlan output
show vlanVLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
10 Sales active Fa0/9, Fa0/10, Fa0/11, Fa0/12
20 Engineering active Fa0/13, Fa0/14, Fa0/15, Fa0/16
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsupVLAN: VLAN ID number. Name: VLAN name (default names for default VLANs). Status: 'active' means VLAN is operational; 'act/unsup' means VLAN exists but is not supported on this platform. Ports: Interfaces assigned to the VLAN (trunk ports not shown).
Show VLAN summary
show vlan summaryNumber of existing VLANs : 4 Number of existing VTP VLANs : 4 Number of existing extended VLANs : 0
Shows count of VLANs. 'Number of existing VLANs' includes all VLANs. 'VTP VLANs' are those learned via VTP. 'Extended VLANs' are VLANs 1006-4094.
Understanding the Output
The 'show vlan' command output lists all VLANs configured on the switch. The 'VLAN' column shows the VLAN ID (1-4094). The 'Name' column displays the VLAN name; default VLANs have names like 'default', 'fddi-default', etc. The 'Status' column indicates whether the VLAN is active ('active') or not supported ('act/unsup'). The 'Ports' column lists access ports assigned to that VLAN; trunk ports are not listed. If a VLAN is not active, ports assigned to it will not function. In a production network, you should see only the VLANs you created plus the default VLAN 1. The presence of unexpected VLANs may indicate misconfiguration or security issues. The 'act/unsup' status for VLANs 1002-1005 is normal on Ethernet switches.
CCNA Exam Tips
CCNA exam tip: The default VLAN 1 cannot be deleted, but you can rename it.
CCNA exam tip: VLANs 1002-1005 are reserved for Token Ring and FDDI; they appear with 'act/unsup' status on Ethernet switches.
CCNA exam tip: 'show vlan' only shows access ports; to see trunk ports, use 'show interfaces trunk'.
CCNA exam tip: If a VLAN is missing from the output, it may not have been created or may be in the shutdown state.
Common Mistakes
Mistake: Assuming 'show vlan' shows all ports including trunks. Trunk ports are not displayed; use 'show interfaces trunk' instead.
Mistake: Forgetting that VLAN 1 is always present and cannot be deleted; attempting to delete it will fail.
Mistake: Misinterpreting 'act/unsup' as an error; it is normal for reserved VLANs on Ethernet switches.
Related Commands
show interfaces trunk
Displays trunk interface status, allowed VLANs, and pruning information for all trunk ports on a Cisco switch, used to verify trunking configuration and VLAN membership.
show vlan brief
Displays a summary of all VLANs configured on the switch, including VLAN ID, name, status, and ports, used to quickly verify VLAN configuration and port assignments.
Practice for the CCNA 200-301
Test your knowledge with hundreds of CCNA practice questions covering all exam domains.
Practice CCNA Questions