Linkedin Youtube
Contact us

7 – SONiC VLAN Translation

Pine Networks > SONiC Configuration > 7 – SONiC VLAN Translation

In this article we will explore how to configure VLAN Translation on Enterprise SONiC.

VLAN translation is used when different parts of the network rely on different VLAN numbering schemes but still need to exchange traffic. Instead of renumbering VLANs across the entire environment—which is disruptive and often unrealistic—SONiC can rewrite the VLAN tag at the edge so traffic aligns with the VLAN plan of the receiving domain.

Common use cases include:

  • Provider bridging:
    When a service provider receives customer traffic, VLAN IDs often overlap across tenants. Translating VLANs at the handoff prevents conflicts and keeps the provider’s internal VLAN structure clean.
  • Migration and network redesign:
    During transitions to new fabrics or VLAN layouts, endpoints can remain on their existing VLANs while the core uses new IDs. VLAN translation provides a smooth, low-impact migration path.
  • Interconnecting separate network domains:
    Acquisitions, multi-vendor networks, or isolated campus segments may each use their own VLAN conventions. Translation allows these domains to integrate without forcing a full renumbering exercise.
  • Multi-tenant environments:
    Different tenants may use the same VLAN ID internally. Translating those VLAN tags at the border prevents collisions and preserves isolation inside the shared SONiC fabric.

In short, VLAN translation provides a flexible way to map incoming VLANs to the VLAN structure of your SONiC environment, simplifying integration, avoiding conflicts, and reducing the operational burden during migrations or cross-domain connectivity.

In this article we will cover:

  • Creating VLANs
  • Configuring VLAN translation
  • Verification
Test Topology
Creating VLANs

In this setup, the access devices send traffic on VLAN 100, but SONiC translates it to VLAN 200 as soon as it enters the switch. Since the packet is rewritten at ingress, SONiC only forwards and learns on VLAN 200 internally. VLAN 100 never exists inside the switch—it’s only seen at the physical edge.

That’s why you only need to create VLAN 200 in the SONiC configuration: it’s the VLAN the switch actually uses after translation.

On Switch-1
Switch-1# configure terminal 
Switch-1(config)# interface vlan 200
Switch-1(conf-if-Vlan200)#
On Switch-2
Switch-2# configure terminal 
Switch-2(config)# interface vlan 200
Switch-2(conf-if-Vlan200)#
VLAN Translation
The command switchport vlan mapping cvlan-id svlan-id instructs SONiC to translate incoming traffic from VLAN 100 to VLAN 200 at the port. This ensures that all packets entering on VLAN 100 are handled internally as VLAN 200.
On Switch-1
Switch-1(config)# interface Ethernet 1
Switch-1(conf-if)# switchport vlan mapping 100 200
On Switch-2
Switch-2(config)# interface Ethernet 1
Switch-2(conf-if)# switchport vlan mapping 100 200
Verifying VLAN Translation
Use the following command to check VLAN mappings: 
show vlan mapping
Sample Output: 
Interface   Ingress VLAN    Translated VLAN
Eth1        100             200
Also verify VLAN status using: 
show vlan
Sample Output: 
Q: A - Access (Untagged), T - Tagged
NUM Status Q  Ports Autostate Dynamic
100 Active A  Eth1  Enable    No
200 Active T  Eth2  Enable    No
Notes
In show Vlan output:
  • VLAN translation is commonly used in service provider networks for interconnecting customers using different VLAN schemes.
  • Ensure VLAN IDs and translation mappings are configured consistently across all devices in the path.
  • Use show vlan mapping to validate translation rules are active.
  • Misconfigured translations can cause traffic forwarding issues.