cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
418
Views
5
Helpful
3
Replies

Clear vlan 1 from trunks

amaiale
Level 1
Level 1

Hello,

I am currently working on my company's Data Center LAN. It is designed with all server access switches trunked to the (2) distribution switches. The access switches are a combination of CAT 6500s, WS-C2948G-GE-TX and WS-C2980G-A top-of-the-rack switches. All are running CAT OS.

Currently, vlan 1 is permitted on all uplinks/trunks. However, vlan 1 is only used when we disconnect a host, i.e. we return the port to vlan 1. Also, Vlan 1 does not have an active L3 interface on the distribution MSFC either.

Will it affect anything if I prune or clear vlan 1 off of every trunk/uplink within the server farm access layer??

Does CDP, VTP or other Cisco protocols need vlan 1 to inter-operate??

Thanks for you help,

Art

3 Replies 3

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Art,

VTP depends on vlan1, CDP should go on the native vlan on 802.1Q trunks.

So if you use VTP you shouldn't remove vlan1 from the list of allowed vlans in the trunk ports.

For security reasons is suggested to park unused ports on a vlan different from vlan1 that is not permitted on trunks, it is not the native vlan of any 802.1Q trunks, and it hasn't a L3 interface.

Hope to help

Giuseppe

Hi Giuseppe,

Thanks for your response.

I have VTP turned off and vlan 1 is not the native vlan.

I am trying to reduce the amount of logical ports for spanning tree domain size; hence, I prefer not to add another vlan to park ports.

Does this sound correct??? By clearing vlan 1 from my all trunk uplinks, any port in vlan 1 on a local switch that flaps up/down will not be able to introduce an instability or spanning tree incident across the LAN. Sound right??

Thanks,

Art

After researching this further. Cisco states the following:

CCNP BCMSM Switching:

Chapter 4 Implementing and Configuring Vlans

Study Tips

page 198

The Native VLAN is not tagged; therefore, the Native VLAN does not contain 802.1p

fields for QoS. However, there is a configuration option in more recent Cisco IOS

versions 12.1.13 or later to tag the Native VLAN on a trunk port (that is, tag all VLANs).

With this option, the Native VLAN traffic is simply tagged with the associated VLAN

ID, by default, VLAN 1. It is possible to remove VLAN 1 from a trunk; however, this

only removes data traffic from VLAN 1. CDP, DTP, PAgP, and so on still transmit across

VLAN 1.

So, clearing Vlan 1 from my trunk/uplinks only clears data traffic and not management traffic.

Since Cisco is saying that management traffic (CDP, DTP, PAgP, etc..) will still traverse vlan 1, can a host port flapping in vlan 1 cause spanning tree calculations and or problems across the LAN or will it be limited to the local switch???

Thanks for looking at this with me.

Art

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: