Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
501
Views
14
Helpful
8
Replies

Restricting VLANS in CAT6509

skanniap
Level 1
Level 1

‎05-07-2007 07:23 AM - edited ‎03-03-2019 04:52 PM

can someone let me know as how to restrict VLANs on the 6509 trunk port?

Labels:
0 Helpful
8 Replies 8

mahmoodmkl
Level 7
Level 7

‎05-07-2007 08:25 AM

Hi

by saying restrict u mean u dnot want traffic from specific vlan to pass through this trunk port.in that case the command differs from ios and catos point of view.

on ios

u can use the below command

switchport trunk allowed vlan (vlanlist)

on catos u can use

clear trunk mod/port (vlan id)

Thanks

Mahmood

0 Helpful

skanniap
Level 1
Level 1
In response to mahmoodmkl

‎05-07-2007 09:03 AM

Thanks, how does this differ from VLAN pruning? I am not getting it clear from the Cisco documents.

0 Helpful

ankbhasi
Cisco Employee
Cisco Employee
In response to skanniap

‎05-07-2007 09:08 AM

Hi Friend,

If you clear vlan from the trunk interface it will not allow BPDUs also to pass for that vlan but VLAN pruning never stops BPDUs.

VTP pruning does not change a link's STP characterstics. BPDUs will still be broadcasted on the link in order to build a STP for that vlan and the trunk links still participate in STP convergence. Fot that reason it might be preferrable to clear the VLAN from the trunk link.

HTH

Ankur

*Pls rate all helpfull post

skanniap
Level 1
Level 1
In response to ankbhasi

‎05-07-2007 09:25 AM

Thanks, so I assume that it would be enough that I allow only the management VLAN and the specific user VLAN and server farm VLAN (for the PC to communicate to server farm) on the trunk. Do I need to configure this at both side of the trunk? or it is fine to have on the distributing side alone? also if I want to allow the VLAN traffic again after clearing ID on trunk in CAT OS how can I do that?

I am looking for a doc with similar example in Cisco site and not getting it..

0 Helpful

ankbhasi
Cisco Employee
Cisco Employee
In response to skanniap

‎05-07-2007 09:36 AM

Hi Friend,

Yes it is always good practise to allow only those vlans on trunk which are there in network and which need to be passed on the trunk and not all vlans.

Also it is always good practice to restrict the vlan on trunk on both the sides instead of restricting on one side.

Have a look at this link for more details on how to configure the same.

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3750/12235se/scg/swvlan.htm#wp1100014

HTH

Ankur

*Pls rate all helpfull post

0 Helpful

skanniap
Level 1
Level 1
In response to ankbhasi

‎05-07-2007 09:44 AM

Thanks, I had a chance to see this doc before but it describes configuration on a IOS based switch and not on CAT OS, can you let me know as how I can enable VLAN traffic to flow again after clearing on a cat 6509 trunk.

0 Helpful

ankbhasi
Cisco Employee
Cisco Employee
In response to skanniap

‎05-07-2007 09:58 AM

Hi Friend,

Here you go with the link which will guide you about the same on CATOS

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_8_1/confg_gd/e_trunk.htm#wp1021347

If you have cleared some vlan on trunk and you want to add that back on the trunk allowed vlan list simpy issue this command

"set trunk mod/port

HTH

Ankur

*Pls rate all helpfull post

skanniap
Level 1
Level 1
In response to ankbhasi

‎05-07-2007 08:05 PM

Thanks a lot for the quick response and guidance, I got it..

Rgs

Suresh

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card