08-14-2009 01:58 AM - edited 03-06-2019 07:14 AM
Hi all
is it possible to tag the native vlan on my trunks on a c2960, and is this best practice or not ?
08-14-2009 02:11 AM
You may want to have a look at:
08-14-2009 02:55 AM
it looks like this is not possible on the c2960
08-14-2009 03:03 AM
If you are looking for the "switchport trunk native vlan tag" command, I don't think it is supported on Cat2960.
But to add a little more security to my trunks, I use "switchport trunk native vlan xxx" (on both sides) which changes the native VLAN on the trunk from 1 to xxx.
And, clearly, I don't use VLAN xxx anywhere else.
08-14-2009 03:05 AM
Hello,
The "vlan dot1q tag native" command et al. are, to my knowledge, supported only on 3560 and probably higher switches. The 2960 will not be able to tag the native VLAN.
The workaround is quite simple: avoid using the native VLAN as an access VLAN and you are safe. Because the native VLAN is by default set to 1, either change the native VLAN on all trunks to a different and guaranteedly unused VLAN, or avoid using the VLAN1 on your access ports completely. Personally, I prefer the second approach - leaving the native VLAN as 1 but avoiding it completely. The VLAN1 is important for switches as it conveys various service protocols like CDP, VTP or STP. It is best to leave the VLAN1 for switches alone and use other VLANs for access ports.
Best regards,
Peter
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: