Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Trunking vlan filtering

hi! If i want to allow only vlan 100-105 to go through a trunk between 2 switches. Do i need to remove the existing vlan from the trunk first(default all vlan are allowed) and then add in vlan 100-105? or just issue the command "switchport trunk allowed vlan 100-105"? Please advise. Thanks.

Cisco Employee

Re: Trunking vlan filtering

You can only use" switchport trunk allowed vlan "command to achieve the same. You need a combination of switchport allowed/remove commands only when you want to remove some of the vlans from the trunk and allow some of the vlans simultaneously.

HTH,please rate if it does.

-amit singh

Community Member

Re: Trunking vlan filtering

hi! What's the function of a native vlan? Will there be any problem if both end of the switches have different native vlan number?


Cisco Employee

Re: Trunking vlan filtering

Native vlan is enabled on Cisco switches by default and Vlan1 is the native vlan. The native vlan is used to carry untagged frames across a trunk link.You will not be able to form a trunk if the native vlan is different on the trunk links. They have to be same on both the sides.

-amit singh

Community Member

Re: Trunking vlan filtering

hi! Does that mean native vlan is used only in trunking? All the ports are in vlan1(native vlan) by default, right?

Any relationship between management vlan and native vlan? The default management vlan is also vlan1, right?

Cisco Employee

Re: Trunking vlan filtering

Hi Friend,

On IOS switches if you just allow vlans that will take care of your requirement and no need to specifically clear other vlans first

Switch#sh run int gig1/0/23

Building configuration...

Current configuration : 137 bytes


interface GigabitEthernet1/0/23

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 22-26

switchport mode trunk


Switch#sh int gig1/0/23 switchport

Ankur_Desk_Switch#sh int gig1/0/23 switchport

Name: Gi1/0/23

Switchport: Enabled

Administrative Mode: trunk

Operational Mode: trunk

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: dot1q

Negotiation of Trunking: On

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan: none

Trunking VLANs Enabled: 22-26 <<<---------



*Pls rate all helpfull post


Re: Trunking vlan filtering

afaik, vlan 1 is management vlan and native vlan by default.

yes all the ports are in vlan 1 by default

in trunking if isl method is used then native vlan need not to be same.(and cisco s/w by default uses isl)

but with 802.1q trunking the native vlan packs as send its a must that native vlan on both end be the same...



CreatePlease to create content