switchport trunk allowed vlan

Unanswered Question
Apr 1st, 2009


On the trunk links to our switch stacks we only configure the allowed vlan command on the distribution side of trunks. Would this cause any potential issues.

Should we configure the allowed vlan command on the stack side too?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
lamav Wed, 04/01/2009 - 06:16

Why would you not want to configure it on both sides?

My answer would be to do it on both sides.

Ive never set it up in a lab this way, but I imagine that traffic from vlans that are allowed on one side would pass that interface successfully, only to be denied on the other end. Wasted bandwidth on your trunk.



andrew.butterworth Wed, 04/01/2009 - 06:25

Your trunks should be configured identical on each end. If they aren't and a connection is made between two access switches a loop will occur that might not be detected.

If you are certain and can guarantee that a link will never be made between two access switches then you should be OK. However the extra few minutes of configuration it will take to correct each side of the trunks is negligable and resolves the issue before it ever happens.


glen.grant Wed, 04/01/2009 - 08:18

Also if running vtp if you don't prune off on the access side the switch will still allocate spanning tree resources for any vlan in the vlan database. This can be a problem on smaller switches hooked into cores running dozens of vlans as switches like the 2950 have limitations on the amount of spanning tree instances it can allocate .


This Discussion