12-15-2009 08:20 AM - edited 03-06-2019 08:57 AM
Is there a way to configure a trunk so that only certain vlan tags are allowed through. I'm pretty sure there is I'm just wondering if someone can point me to a doc of some kind .. or shoot me down.
Thanks,
Brent
Solved! Go to Solution.
12-15-2009 08:26 AM
Hi,
Yes you can configure a trunk and allow only certain vlans check out the below link how to configure :-
Hope this helps out your query !!
Regards
Ganesh.H
12-15-2009 08:26 AM
Hi,
Yes you can configure a trunk and allow only certain vlans check out the below link how to configure :-
Hope this helps out your query !!
Regards
Ganesh.H
12-15-2009 08:27 AM
Thanks dude..
that's awesome!
12-15-2009 09:13 AM
Hi Brent
Ganesh is right on the configuration on allowing certain vlans to go on a trunk.. but as a best practice you can do the following to avoid unncessary broadcasts of vlan information across layer 2 trunks:
1) have your switches with vtp mode transparent configured.. doing this, you can make sure you only have vlans necessary on the edge switch to be defined on the trunk.. this can also avoid configuration register issues you can face with server/client mode.. but it depends on what your network size is, and how efficiently you can manage your vlan configurations..
2) dont have your vlan 1 as native vlans on your trunks.. if possible shutdown vlan 1 on all switches, and have a seperate management vlan.. CDP, VTP, PaGP packets are forwarded by default over VLAN 1.. you can have vlan hopping attacks etc due to this..
there are many more standard practices given in this doc which can help you..
http://www.cisco.com/en/US/products/hw/switches/ps663/products_tech_note09186a0080094713.shtml
Hope this helps.. all the best...
Raj
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: