Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
22040
Views
30
Helpful
11
Replies

Switchport trunk allowed vlan add statement listed in interface config

Go to solution
Doug Engel
Level 1
Level 1

‎01-09-2014 07:16 AM - edited ‎03-07-2019 05:28 PM

Hi

I have a 6509 running 12.2(33)SXI4 that has an interface config that I have never seen before:

interface TenGigabitEthernet3/2

description hv Sw-2-1

switchport

switchport trunk encapsulation dot1q

switchport trunk native vlan 308

switchport trunk allowed vlan 1,200,203,206,308,310,318,322,330,340,341,370

switchport trunk allowed vlan add 701

switchport mode trunk

switchport nonegotiate

load-interval 30

spanning-tree bpduguard disable

spanning-tree guard root

end

I have never seen the vlan add statement listed in the interface config.  Why did it not simply add it to the list of allowed vlans?  This is on 4 interfaces that are configured the same.

Thanks

-Doug

3 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Doug Engel

‎01-09-2014 07:43 AM

Doug

I wonder when you added vlan 322 to the list whether the switch moved 370 from the first line down to the "add" line? Can you tell us that?

I have seen this behavior (putting some vlan entries onto a vlan add line) on some switches but can not remember whether they were 6500 or not. Like Jon I assumed that it was a limitation on how long a single line can be.

HTH

Rick

HTH

Rick

View solution in original post

0 Helpful
11 Replies 11

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎01-09-2014 07:28 AM

Doug

I wonder if it is just a limitation in terms of the length of a line in the config ie. to add the extra vlan would take the original line past the limit so a new line entry is used.

As long as "sh int trunk" shows all allowed vlans on the trunk i don't think it is an issue.

Jon

0 Helpful

Go to solution
Doug Engel
Level 1
Level 1
In response to Jon Marshall

‎01-09-2014 07:31 AM

I considered that, but I added vlan 322 this morning and it placed it in the list.

701 is shown in the trunk when I do a sh int trunk.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Doug Engel

‎01-09-2014 07:35 AM

Doug

No idea then unless for some reason it splits up the vlan ranges and needs separate lines for those ranges but i haven't come across this before on 6500s.

Like i say, as long as it on the trunk link i don;t think it matters but it would be interesting to hear if anyone else knows the exact reason.

Jon

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Doug Engel

‎01-09-2014 07:43 AM

Doug

I wonder when you added vlan 322 to the list whether the switch moved 370 from the first line down to the "add" line? Can you tell us that?

I have seen this behavior (putting some vlan entries onto a vlan add line) on some switches but can not remember whether they were 6500 or not. Like Jon I assumed that it was a limitation on how long a single line can be.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
Doug Engel
Level 1
Level 1
In response to Richard Burts

‎01-09-2014 07:59 AM

That looks like the right answer.  I checked last night's backup and all vlans were in a single list.

Thanks for the suggestion.

0 Helpful

Go to solution
ALIAOF_
Level 6
Level 6

‎01-09-2014 07:36 AM

If you need to add any more VLAN's to the already allowed list you need to use the add command otherwise you will override what is in there already.

So if you have for example:

switchport trunk allowed vlan 1,200,203,206,308,310,318,322,330,340,341,370

And all is working.  Lets say you add another VLAN 701 and want that VLAN added to this list as well.  Now if you do

switchport trunk allowed vlan 701

You will override that list and only 701 will be allowed

So you have to do:

sw trunk allowed vlan add 701

And that is what you are seeing.

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to ALIAOF_

‎01-09-2014 07:39 AM

Mohammed

Agreed, but that is not the issue here. It is why has the switch used a second line in the config when it could have simply added the vlan to the existing line

Jon

0 Helpful

Go to solution
ALIAOF_
Level 6
Level 6
In response to Jon Marshall

‎01-09-2014 07:53 AM

Ah gotcha well in that case what you said above is right.  I believe after like 12 13th one will go on the next line.

Go to solution
darianwhittaker
Level 1
Level 1
In response to ALIAOF_

‎09-15-2020 09:19 AM

Although this is not the issue in this post and it's an older post, I figured I'd post to help someone not run into the issue I've had with a similar problem. 

 

In our environment it shows the switchport trunk allow vlan (number, number,...) and the switchport trunk allowed vlan add (number, number...). I was privy to what Mohammad Ali said about the overwrite, so I copied all the vlans and just inserted the vlan I wanted to add in the list, then I pasted those back in using the switchport trunk allow vlan command (without the add). This put all the vlans I needed back in there...only problem was that it dropped some if not all the vlans that were listed under the switchport trunk allow vlan add section. 

 

With that being said, I'm not sure why it list some in the first line and some in the other, but make sure you use the add command. Like other people have said, even if it's split between the two, as long as you see it one of them it'll be fine. 

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to darianwhittaker

‎09-15-2020 01:22 PM

@darianwhittaker thank you for sharing your experience. There are 2 aspects to this discussion: 1) what is the action of two configuration commands switchport trunk allowed vlan and switchport trunk allowed vlan add 2) the appearance of entries shown in the running config.

 

I think there is general agreement that the config commands change the content of the running config. The difference in commands is that the command switchport trunk allowed vlan starts with an empty list and adds entries for vlans that will be allowed on this trunk. The command switchport trunk allowed vlan add starts with an existing list of vlans and adds entries to the list.

 

The confusion is about the appearance of what we see in running config. Most of the time we see only one command switchport trunk allowed vlan and a list of the vlans that are allowed. But sometimes we see both commands with some vlans listed in the first and other vlans listed in the second. The consensus of this discussion is that it reflects a maximum number of vlans that can be listed in the first command. When the list for switchport trunk allowed vlan gets full then it uses switchport trunk vlan allowed add as overflow for additional entries.

HTH

Rick

Go to solution
MARK CHRISTY
Level 1
Level 1
In response to ALIAOF_

‎10-19-2020 03:24 PM

Some of the replies here don't make sense. I've configured 5 650x chassis for over 8 years, adding and changing the "switchport trunk vlan allowed 1,2,3,4,5,6-90, etc hundreds of times. I've always just pasted in the new command with the new or extra vlans in the single command. Same IOS version for years. Never saw that. Until today. Must be 2020 thing.

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card