| Device Online Help |
Internally, a 8000 Series switch supports a placeholder for ports that is called an unassigned port-based VLAN. This unassigned concept is used for ports that are removed from all port-based VLANs. Ports can belong to policy-based VLANs as well as to the unassigned VLAN. If a frame does not meet any policy criteria and there is no underlying port-based VLAN, the port belongs to the unassigned VLAN and the frame is dropped. Only ports in the unassigned VLAN have no spanning tree group association, so these ports do not participate in Spanning Tree Protocol negotiation; that is, no BPDUs are sent out of ports in the unassigned VLAN.
Because it is an internal construct, the unassigned VLAN cannot be deleted. If a user-defined spanning tree group is deleted, the ports are moved to the unassigned VLAN and can later be assigned to another spanning tree group. Moving the ports to the unassigned VLAN avoids creating unwanted loops and duplicate connections. If routing is disabled in these ports, the port is completely isolated and no layer 2 or layer 3 functionality is provided.
The concept of the unassigned VLAN is useful for security concerns or when using a port for monitoring a mirrored port.