Re: VLANs and trunking

dsturgeon · ‎12-20-2006

I have a core 4500 switch that has a dozen or so 2950s connected to its fiber Gig ports. If I restrict the vlans allowed on the trunk, do I need to add/keep VLAN 1 on the list? Assume that gi3/1 on my core is trunked and all of the access ports on the 2950 are vlan 10 or 11, and my management vlan is 99. Given this example, I would need to allow 1,10-11,99 on Gi3/1 correct?

I have read a lot of info on this lately, but haven't been able to nail down if that is the correct config.

nyurk · ‎12-20-2006

You do not need VLAN1, unless you are passing traffic on it. It was only required on older switches like the 2900xl etc...

glen.grant · ‎12-20-2006

You do not need it , even if you manually prune it off the switchport still uses it for control trafic like vtp ,cdp etc but no data traffic will flow across .

dgestrada · ‎12-20-2006

Hi,

VLAN 1 by default is the native VLAN of all switchports (fast or gigabit ethernets). Native VLAN is very important when you configure the interface as trunk port. This native VLAN will be used to by all peer switches to communicate with each other with their untagged native traffic such as VTP advertisemen, BPDU, etc.

By default only VLAN 2 - 1000, are pruning eligible and VLAN 1 is prunning ineligible. Whether you will include in it your pruning or not, it doesn't matter. I believe it will still appear if you verify it because it is ineligible to be pruned.

Your can try at least from your lab before you deploy. Thanks.

dsturgeon · ‎12-27-2006

Ok, so here are the shortened configs for the core and one of the closet switches -

coresw1-

int Gi3/1

description link to endsw1

switchport mode trunk

switchport trunk encapsulation dot1q

switchport trunk native vlan 99

switchport trunk allowed vlan 10-11,99

endsw1-

int gi0/1

core-sw1-

description link to coresw1

switchport mode trunk

switchport nonegotiate

switchport trunk native vlan 99

glen.grant · ‎12-27-2006

Looks good , if you really want to be granular about it you can add the same switchport trunk allowed command on the closet side too . Doesn't matter if you do or don't it is just allowed for all vlans on the closet side the way it is .

dsturgeon · ‎12-28-2006

Thanks. I read last night while working on my wireless 1310 link that it is not a good idea to have the management vlan as the native incase of traffic issues. Any truth to that?

dsturgeon · ‎01-10-2007

I see that I need to enable pruning on my 4510 for this to work correctly. If I understand this correctly (from what I have been reading), once I do that the switch will do the pruning dynamically. If that is the case, then do I really need to specify the vlans that are allowed manually on the given ports? I guess I am a little confused on why I need to do this manually if the switch will take care of it. Sorry for all of the questions, but I prefer to have this figured out before I implement it.