is that true even if a remove it from a trunk ? also can i shut down vlan 1 on my devices ?

Is that true even if you change the native VLAN? I have never given much thought to getting rid of VLAN 1.

Just out of curiosity, why would you want to get rid of VLAN 1?

Jeremy

"Is that true even if you change the native VLAN 1 ?" - Yes it is. Some control protocols use the native vlan which is by default vlan 1 so if you change the native vlan you change the vlan used for caryying that control protocol but some still use vlan 1. There was a thread a while back about this - i'll see if i can find a link to it :-)

"Just out of curiosity, why would you want to get rid of VLAN 1?"

Main reason is vlan 1 is the default vlan for all ports and the idea is to simply not use vlan 1 for anything if you can ie.

1) No ports for end user devices/servers etc in vlan 1

2) Don't use vlan 1 for managing the switches

3) Change the native vlan from vlan 1 to something else.

There is a good paper on vlan security that has a specific part about the use of vlan 1 -

http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml

Jon

Jeremy

As promised here is that link to thread -

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=Getting%20Started%20with%20LANs&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40^1%40%40.2cc1a8ed/10#selected_message

Jon

Carl

"is that true even if a remove it from a trunk ?"

Yes

"also can i shut down vlan 1 on my devices ?"

Yes

Jon

Hi Jon,

I'm afraid removing VLAN1 from a trunk is not supported on obsolete switches like Cat3524XLs.

The CLI will permit to disable it on a trunk, but "sh int ... sw" will still show it permitted then.

The same is valid for VLANs 1002-1005, I'm afraid.

BR,

Milan