From: Bob Sinclair (bsinclair@netmasterclass.net)
Date: Fri Nov 19 2004 - 15:57:51 GMT-3
Tim,
I sniffed a trunk a few years ago to find this answer. As I recall the
result, that management traffic (VTP, CDP, DTP, PAGP) all comes out on vlan
1, whether or not vlan 1 is allowed or native or whatever.
HTH,
Bob Sinclair
CCIE #10427, CCSI 30427, CISSP
www.netmasterclass.net
----- Original Message -----
From: "ccie2be" <ccie2be@nyc.rr.com>
To: "Bob Sinclair" <bsin@cox.net>; <jfaure@sztele.com>;
<ccielab@groupstudy.com>
Sent: Friday, November 19, 2004 12:18 PM
Subject: Re: Another Catalyst 802.1q trunking issue
> Bob,
>
> I hope this isn't a dumb question but...
>
> By default, vlan 1 is the native vlan and the management vlan ie it
> carries
> all that vtp, cdp and DTP stuff. When the native vlan is changed to
> something other than vlan 1, does that mean that the management vlan is
> also
> changed and all that management traffic is now carried in the new native
> vlan?
>
> Thanks, Tim
> ----- Original Message -----
> From: "Bob Sinclair" <bsin@cox.net>
> To: <jfaure@sztele.com>; <ccielab@groupstudy.com>
> Sent: Saturday, November 29, 2003 7:50 PM
> Subject: Re: Catalyst 802.1q trunking issues
>
>
>> Juan,
>>
>> I put a sniffer on a 3550 dot1q trunk and observed the following when I
>> removed Vlan 1 from the dot1q trunk, but left it as the native vlan:
>>
>> 1. All traffic leaving the port is tagged
>> 2. VTP, CDP and DTP traffic leave the port with Vlan 1 tags
>> 3. No other Vlan 1 traffic is seen leaving the port (including no Vlan 1
>> BPDUs)
>> 4. All BPDUs are PVST+ encapsulated, to address 01-00-0c-cc-cc-cd
>>
>> This should not cause a problem as long as all of your switches are Cisco
>> and similarly configured:
>> a. The Cisco switches recognize that CDP, VTP and DTP are not to be
>> forwarded
>> b. The Cisco switches recognize the encapsulated BPDUs
>>
>> You very well might have an STP issue if you connect such a port to a
>> non-Cisco switch, because the brand X switch will not see any
>> recognizable
>> BPDUs, and the Cisco switch may not recognize the untagged BPDUs on the
>> native vlan coming from the Brand X switch. It would seem prudent to
> allow
>> the native vlan across the trunk.
>>
>> But then, you would never put a Brand X switch in your network...
>>
>> would you?
>>
>> -Bob Sinclair
>> CCIE #10427, CISSP, MCSE
>> bsinclair@netmasterclass.net
>>
>>
>> ----- Original Message -----
>> From: <jfaure@sztele.com>
>> To: <ccielab@groupstudy.com>
>> Sent: Saturday, November 29, 2003 12:55 PM
>> Subject: Catalyst 802.1q trunking issues
>>
>>
>> > Hi all:
>> >
>> > -From the 6500 CCO configuration guide, about removing vlan1 from the
>> > trunk:
>> >
>> > "You can remove VLAN 1. If you remove VLAN 1 from a trunk, the trunk
>> > interface continues to send and receive management traffic, for
>> > example,
>> > Cisco Discovery Protocol (CDP), VLAN Trunking Protocol (VTP), Port
>> > Aggregation Protocol (PAgP), and DTP in VLAN 1. "
>> >
>> > -But also, in the same document:
>> >
>> > "Disabling spanning tree on the native VLAN of an 802.1Q trunk without
>> > disabling spanning tree on every VLAN in the network can cause spanning
>> > tree loops. We recommend that you leave spanning tree enabled on the
>> native
>> > VLAN of an 802.1Q trunk. If this is not possible, disable spanning tree
> on
>> > every VLAN in the network. Make sure your network is free of physical
>> loops
>> > before disabling spanning tree"
>> >
>> > And then my question is:
>> > If you have several dot1q trunks configured in your swiched network in
>> such
>> > a way that these trunks don't allow pass the vlan1, the vlan1 is the
>> native
>> > vlan for them (you can see this doing a "sh int trunk") and the
> interface
>> > vlan 1 is in shutdown state in all the switches (but no STP disabled on
>> > this vlan 1), can you have any stp issues like to be unable to block
> some
>> > loops?
>> > What happens with the STP control traffic if vlan 1 isn't included on
> the
>> > trunks? Having vlan 1 in shutdown state maybe interpreted by the system
> as
>> > it has stp disabled for this vlan? I'm usign RAPID PVSTP
>> >
>> > Any thoughs will be greatly apreciated.
>> >
>> >
>> >
>> >
>> >
>> > Juan Faure Ferrer
>> > email: jfaure@sztele.com
>> >
>> > Lmnea de Negocio de Telematica y CC
>> > Ingeniero de Integracisn de Redes y Sistemas
>>
>> --------------------------------------------------------------------------
>> --
>> >
>> > SOLUZIONA TELECOMUNICACIONES
>> > Servicios Profesionales de UNION FENOSA
>> > Jerez, 3
>> > 28016 MADRID
>> > tel 91 579 30 00 fax 91 350 72 83
>>
>> --------------------------------------------------------------------------
>> -
>> >
>> > _______________________________________________________________________
>> > Please help support GroupStudy by purchasing your study materials from:
>> > http://shop.groupstudy.com
>> >
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>>
>> _______________________________________________________________________
>> Please help support GroupStudy by purchasing your study materials from:
>> http://shop.groupstudy.com
>>
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:47 GMT-3