Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
448
Views
0
Helpful
7
Replies

VLANS allowed on a switch compared to Pruning

Go to solution
cisco_himg
Level 1
Level 1

‎10-21-2009 09:04 AM - edited ‎03-06-2019 08:14 AM

This is probably a stupid question, but I am going to ask anyway.

If I enable pruning on a switch, compared to just adding the allowed VLANS on the trunk, is there a difference?

What would be the best way for the traffic to get to only the switch desired? Allowed vlans or enable pruning?

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎10-21-2009 09:09 AM

There is a difference.

With VTP pruning the vlan traffic is not sent across the trunk link if it is not needed but STP for that vlan still extends across the trunk link.

If you use the vlan allowed list if the vlan is not allowed on the trunk then STP does not extend across the trunk for that vlan.

Personally i prefer the allowed command but it does depend on how large your infrastructure is and how dynamic ie. how often are vlans needed and then not needed on switches.

Jon

View solution in original post

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎10-21-2009 09:09 AM

hello Dustin,

there is difference and it is the following:

be aware that VTP pruning can manage unnecessary flooding of multicast, broadcast, unknown unicast traffic but it does not limit the number of STP instances running on your switches.

switchport trunk allowed vlan list

has the added benefit to provide STP scalability by removing unneeded STP instances.

This has to be take in account if you use PVST+ or Rapid PVST.

20 vlans are not a problem but 130 vlans can be a problem for some low end switches.

also the limits on number of vlans can be different for VTP and for STP:

there are devices accepting up to 128 vlans in their VTP DB but only 64 STP instances.

The result that has been seen also in the forums are vlans with STP disabled without any human intervention!

(taken from my own post in a recent thread of today)

>> What would be the best way for the traffic to get to only the switch desired? Allowed vlans or enable pruning?

on the long term I prefer allowed vlans for the reasons explained above.

Hope to help

Giuseppe

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎10-21-2009 09:09 AM

There is a difference.

With VTP pruning the vlan traffic is not sent across the trunk link if it is not needed but STP for that vlan still extends across the trunk link.

If you use the vlan allowed list if the vlan is not allowed on the trunk then STP does not extend across the trunk for that vlan.

Personally i prefer the allowed command but it does depend on how large your infrastructure is and how dynamic ie. how often are vlans needed and then not needed on switches.

Jon

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎10-21-2009 09:09 AM

hello Dustin,

there is difference and it is the following:

be aware that VTP pruning can manage unnecessary flooding of multicast, broadcast, unknown unicast traffic but it does not limit the number of STP instances running on your switches.

switchport trunk allowed vlan list

has the added benefit to provide STP scalability by removing unneeded STP instances.

This has to be take in account if you use PVST+ or Rapid PVST.

20 vlans are not a problem but 130 vlans can be a problem for some low end switches.

also the limits on number of vlans can be different for VTP and for STP:

there are devices accepting up to 128 vlans in their VTP DB but only 64 STP instances.

The result that has been seen also in the forums are vlans with STP disabled without any human intervention!

(taken from my own post in a recent thread of today)

>> What would be the best way for the traffic to get to only the switch desired? Allowed vlans or enable pruning?

on the long term I prefer allowed vlans for the reasons explained above.

Hope to help

Giuseppe

0 Helpful

Go to solution
cisco_himg
Level 1
Level 1
In response to Giuseppe Larosa

‎10-21-2009 09:13 AM

thank you for your insight. I was leaning toward Allowed Vlan, but i guess i just needed a push. :)..

THank you!

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎10-21-2009 09:16 AM

Cisco,

I always use allowed VLANs and do not bother with VTP pruning, because there is going to be an instance of STP for all those unwanted VLANs, therefore why bother doing it at all

HTH

Reza

0 Helpful

Go to solution
cisco_himg
Level 1
Level 1
In response to Reza Sharifi

‎10-21-2009 09:18 AM

It seems like no one is using Pruning. I wonder why its even an option at all. Maybe its just out there to let us have these discussions. :)

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to cisco_himg

‎10-21-2009 09:22 AM

Dustin

Pruning does have it's uses. For example switches where users are allocated their vlan by authentication. Each users vlan would need to be accessible on the switch. If the vlan was not active on the switch ie. no user was logged in on that vlan then there is no need to send that vlans traffic to the switch.

But if a user then logs in you would need to then allow that vlans traffic to the switch. So that's the sort of thing i meant by a dynamic environment.

But yes in a controlled environment without the sort of requirements as above i would look to use the allowed command.

Jon

0 Helpful

Go to solution
cisco_himg
Level 1
Level 1
In response to Jon Marshall

‎10-21-2009 09:24 AM

Thanks Jon. I appreciate your view on this! We only have about 20 vlans, so i will use the allowed command.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card