cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1192
Views
0
Helpful
3
Replies

Modifying VLANs allowed config on trunk

beaconhill
Level 1
Level 1

I will be removing and adding several VLAN's from some cisco to cisco network infrastructure links.

IOS and NX-OS equipment

I would like to overwrite the existing "switchport trunk allowed vlan" config instead of using the vlan add or vlan remove commands.  Is there any issues I may run into by overwriting?  my small lab mockup showed no ping drops.

example:

current config "switchport trunk allowed vlan 10-20,25,30"

I would like to overwrite it with "switchport trunk allowed vlan 10,25,30-40" 

I don't want to cause any impact to the users on the vlans that are not being removed (10,25,30)

3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

The simple command replacement you cite will work fine and should indeed not impact current users' connections on VLANs 10, 25, and 30.

Peter Paluch
Cisco Employee
Cisco Employee

Hello,

This is actually a very good question! Although I do not know the answer myself, I see you have a lab available so the test I would personally perform is debugging the STP to see if the VLANs 10, 25, and 30 are not renegotiated in STP after you modify the switchport trunk allowed vlan command. It is the STP that can cause transient connectivity outages.

Run the following debugs:

debug spanning-tree events

and then try to replace the existing switchport trunk allowed vlan command with the other. The debugs will show that the STP will be triggered for the VLANs that were newly added and possibly removed, but the debugs should not mention the VLANs 10, 25 or 30.

What kind of STP are you running, anyway?

Best regards,

Peter

Hi Peter,

I ran the following with debug spanning-tree events on the 4900m access switch

N7K<-->N5548<-->4900m<-->host

"switchport trunk allowed vlan 10-20,25,30"

overwrote it with "switchport trunk allowed vlan 10,25,30-31"

pings to vlan10's SVI HSRP VIP(N7K) were good and the only STP events i saw on the 4900m was to the vlans removed and added.

ex.

remove event for vlan11  "RSTP(11): updt roles, root port te1/1 going down"  etc

add event for vlan 31  "RSTP(31): initializing port te1/1" etc

I also ran debugs on the N5548 and saw no events until i made the same changes on its interface going to the 4900m.

which is expected as the port to the 4900m is desg

So no pings were lost and no stp events for the vlans not changing  

I feel better about making the changes..thanks!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco