Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Another Question regarding Switchport trunk, mode, and Trunk.

All, here is a config I inherited. It is an end user port: Because its an end user port, isnt the commands switchport trunk, bad for the config? See below for the config:

interface FastEthernet1/0/7

switchport access vlan 202

switchport trunk encapsulation dot1q

switchport trunk native vlan 205

switchport mode dynamic desirable

switchport voice vlan 246

srr-queue bandwidth share 10 10 60 20

srr-queue bandwidth shape 10 0 0 0

mls qos trust device cisco-phone

mls qos trust cos

auto qos voip cisco-phone

spanning-tree portfast

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Another Question regarding Switchport trunk, mode, and Trunk

hmmm very bad. You don't need spanning-tree portfast on the port the one you are using as trunk port.

As you said that this port is connected to user device not trunked switch. You can remove all of this....

no switchport trunk encapsulation dot1q

no switchport trunk native vlan 205

no switchport mode dynamic desirable

you may add:

switchport mode access

Cheers,

Masood Ahmad Shah

BLOG: http://www.weblogs.com.pk/jahil/

3 REPLIES
New Member

Re: Another Question regarding Switchport trunk, mode, and Trunk

hmmm very bad. You don't need spanning-tree portfast on the port the one you are using as trunk port.

As you said that this port is connected to user device not trunked switch. You can remove all of this....

no switchport trunk encapsulation dot1q

no switchport trunk native vlan 205

no switchport mode dynamic desirable

you may add:

switchport mode access

Cheers,

Masood Ahmad Shah

BLOG: http://www.weblogs.com.pk/jahil/

Re: Another Question regarding Switchport trunk, mode, and Trunk

Hi,

If it is an end user port, you don't need any trunk configuration, and by the way the command "switchport mode dynamic desirable" explains why the interface accepted the trunk configuration, this command means "desirable" that the interface will try to be trunk, and if it fails to be a trunk it will act as an access switchport.

HTH, please do rate if it does helps,

Mohammed Mahmoud.

New Member

Re: Another Question regarding Switchport trunk, mode, and Trunk

I agree, you should take any trunking commands off of the access port. It is a pretty big security hole too. A user with malicious intent could set up a trunking session with the port and view traffic on all VLANs if they pleased.

-Chris

235
Views
5
Helpful
3
Replies
CreatePlease login to create content