Re: Dot1Q trunk vs ISL trunk

From: Kurt Kruegel (kurt@xxxxxxxxxxxx)
Date: Mon Apr 29 2002 - 21:49:04 GMT-3

• Next message: Chua, Parry: "RE: RSRB/TL configs"
• Previous message: Brent D. Stewart: "RE: please give suggestion"
• Maybe in reply to: David: "Dot1Q trunk vs ISL trunk"
• Next in thread: Chuck Church: "RE: Dot1Q trunk vs ISL trunk"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
this may be the issue you describe
solie p151
under "vlan 1 just say no"
states any switch added to the network default to vlan 1.
this leaves the network vulnerable to potential vlan and data corruption on
vlan1.
i've meant to look deeper into this and never got arround to it.

this was actually the first i've heard of this and we currently still run our
switches on vlan1 with no problems... this may have to change.
k

Chuck Church wrote:

> David,
>
> 802.1Q doesn't tag VLAN 1 frames. If you want to access VLAN 1 from
> the router, apply the layer 3 addresses to the physical interface. Although
> I've been told by a Cisco insider that this isn't recommended. I can't
> remember the reason though. I think you're better off just not using VLAN
> 1. At least in a production environment.
>
> Chuck Church
> CCIE #8776, MCNE, MCSE
> Sr. Network Engineer
> Magnacom Technologies
> 140 N. Rt. 303
> Valley Cottage, NY 10989
> 845-267-4000
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> David
> Sent: Monday, April 29, 2002 4:07 PM
> To: ccielab@groupstudy.com
> Subject: Dot1Q trunk vs ISL trunk
>
> In the test lab, Ive 2 VLANs (Vlan 1 & 2) on catalyst
> 2912XL setup, with dot1Q trunks to a Cisco router. The
> router has 2 subinterfaces corresponding to the vlans
> (see config below). There is a token ring at the other
> end of the router. The problem is that with dot1Q the
> hosts on t ring cant talk to hosts on VLAN1 on the
> cat. But if I replace the dot1 with ISL trunk then it
> works fine.
>
> Im being told that with dot1q I need an extra vlan to
> make it work. Any ideas why? & what config changes are
> needed.
>
> Thanks a lot
>
> version 12.0
> !
> hostname cat
> !
> interface FastEthernet0/1
> switchport mode trunk
> switchport trunk encapsulation dot1q
> !
> <deleted>
> !
> interface FastEthernet0/11
> switchport mode trunk
> switchport trunk encapsulation dot1q
> spanning-tree portfast
> !
> interface FastEthernet0/12
> switchport mode trunk
> switchport trunk encapsulation dot1q
> !
> interface VLAN1
> ip address 192.168.1.1 255.255.255.0
> !
> line con 0
> transport input none
> stopbits 1
> line vty 0 4
> login
> !
> end
>
> hostname R1
> !
> interface FastEthernet0/0
> no ip address
> duplex auto
> speed auto
> !
> interface FastEthernet0/0.1
> description Local LAN interface
> encapsulation dot1Q 1 native
> ip address 192.168.1.100 255.255.255.0
> no ip redirects
> !
> interface FastEthernet0/0.2
> encapsulation dot1Q 2
> ip address 192.168.2.100 255.255.255.0
> no ip redirects
> !
> interface tokenring0/0
> ip address 172.16.1.100 255.255.0.0
> !
> router ospf 1
> network 0.0.0.0 255.255.255.255 area 0
> !
> line con 0
> line aux 0
> line vty 0 4
> login
> !
> end
>

• Next message: Chua, Parry: "RE: RSRB/TL configs"
• Previous message: Brent D. Stewart: "RE: please give suggestion"
• Maybe in reply to: David: "Dot1Q trunk vs ISL trunk"
• Next in thread: Chuck Church: "RE: Dot1Q trunk vs ISL trunk"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:22 GMT-3