I always thought the Interface VLAN number had to match the VLAN number that the interface was to belong to. However, recently I saw that it isn't in one instance. Can anyone confirm a) if interface VLAN num should = VLAN num, or b) they are mapped to each other in another way? They've always worked properly when I gave them the same number.
Confusing Example:
PC<—>[L2 Switch]<—->[L2/L3 Switch] —> Cloud
PC is connected to VLAN10 access port on L2 switch. PC IP is 192.168.200.5/24. PC gateway is 192.168.200.1.
L2 switch is connected to L2/L3 switch over trunk containing VLAN 10.
L2/L3 switch has Interface VLAN 20 with the IP 192.168.200.1.
The PC can communicate with the gateway and the rest of the network.
So, Interface VLAN 20 can be a part of VLAN 10?!?!?! I thought the numbers had to match and the SVI<->VLAN = 1:1.
Best Answer
Yes, the layer 2 VLAN ID must match the layer 3 SVI interface.
It may be proxy ARP at work. (On by default in most if not all 6500 code)
Take a look at the ARP table on the PC and the MAC address that corresponds to, presumably on the 6500. If that MAC is for the VLAN 10 interface and that interface doesn't have the 192.168.200.1 address then it's proxying it.
"no ip proxy-arp" under the VLAN 10 interface would disable this behavior.
Or, something else has the .1 IP and you're hitting that. The ARP table on the PC would be the first place to look.