From: ccie2be (ccie2be@nyc.rr.com)
Date: Fri Nov 19 2004 - 16:32:53 GMT-3
Thanks, Bob.
The documentation definately is not very clear on this.
BTW, do you think Group Study is down? Are you seeing the normal volume of
posts? I'm not.
Tim
----- Original Message -----
From: "Bob Sinclair" <bsinclair@netmasterclass.net>
To: "ccie2be" <ccie2be@nyc.rr.com>; <ccielab@groupstudy.com>
Sent: Friday, November 19, 2004 1:57 PM
Subject: Re: Another Catalyst 802.1q trunking issue
> Tim,
>
> I sniffed a trunk a few years ago to find this answer. As I recall the
> result, that management traffic (VTP, CDP, DTP, PAGP) all comes out on
vlan
> 1, whether or not vlan 1 is allowed or native or whatever.
>
> HTH,
>
> Bob Sinclair
> CCIE #10427, CCSI 30427, CISSP
> www.netmasterclass.net
>
> ----- Original Message -----
> From: "ccie2be" <ccie2be@nyc.rr.com>
> To: "Bob Sinclair" <bsin@cox.net>; <jfaure@sztele.com>;
> <ccielab@groupstudy.com>
> Sent: Friday, November 19, 2004 12:18 PM
> Subject: Re: Another Catalyst 802.1q trunking issue
>
>
> > Bob,
> >
> > I hope this isn't a dumb question but...
> >
> > By default, vlan 1 is the native vlan and the management vlan ie it
> > carries
> > all that vtp, cdp and DTP stuff. When the native vlan is changed to
> > something other than vlan 1, does that mean that the management vlan is
> > also
> > changed and all that management traffic is now carried in the new native
> > vlan?
> >
> > Thanks, Tim
> > ----- Original Message -----
> > From: "Bob Sinclair" <bsin@cox.net>
> > To: <jfaure@sztele.com>; <ccielab@groupstudy.com>
> > Sent: Saturday, November 29, 2003 7:50 PM
> > Subject: Re: Catalyst 802.1q trunking issues
> >
> >
> >> Juan,
> >>
> >> I put a sniffer on a 3550 dot1q trunk and observed the following when I
> >> removed Vlan 1 from the dot1q trunk, but left it as the native vlan:
> >>
> >> 1. All traffic leaving the port is tagged
> >> 2. VTP, CDP and DTP traffic leave the port with Vlan 1 tags
> >> 3. No other Vlan 1 traffic is seen leaving the port (including no Vlan
1
> >> BPDUs)
> >> 4. All BPDUs are PVST+ encapsulated, to address 01-00-0c-cc-cc-cd
> >>
> >> This should not cause a problem as long as all of your switches are
Cisco
> >> and similarly configured:
> >> a. The Cisco switches recognize that CDP, VTP and DTP are not to be
> >> forwarded
> >> b. The Cisco switches recognize the encapsulated BPDUs
> >>
> >> You very well might have an STP issue if you connect such a port to a
> >> non-Cisco switch, because the brand X switch will not see any
> >> recognizable
> >> BPDUs, and the Cisco switch may not recognize the untagged BPDUs on the
> >> native vlan coming from the Brand X switch. It would seem prudent to
> > allow
> >> the native vlan across the trunk.
> >>
> >> But then, you would never put a Brand X switch in your network...
> >>
> >> would you?
> >>
> >> -Bob Sinclair
> >> CCIE #10427, CISSP, MCSE
> >> bsinclair@netmasterclass.net
> >>
> >>
> >> ----- Original Message -----
> >> From: <jfaure@sztele.com>
> >> To: <ccielab@groupstudy.com>
> >> Sent: Saturday, November 29, 2003 12:55 PM
> >> Subject: Catalyst 802.1q trunking issues
> >>
> >>
> >> > Hi all:
> >> >
> >> > -From the 6500 CCO configuration guide, about removing vlan1 from the
> >> > trunk:
> >> >
> >> > "You can remove VLAN 1. If you remove VLAN 1 from a trunk, the trunk
> >> > interface continues to send and receive management traffic, for
> >> > example,
> >> > Cisco Discovery Protocol (CDP), VLAN Trunking Protocol (VTP), Port
> >> > Aggregation Protocol (PAgP), and DTP in VLAN 1. "
> >> >
> >> > -But also, in the same document:
> >> >
> >> > "Disabling spanning tree on the native VLAN of an 802.1Q trunk
without
> >> > disabling spanning tree on every VLAN in the network can cause
spanning
> >> > tree loops. We recommend that you leave spanning tree enabled on the
> >> native
> >> > VLAN of an 802.1Q trunk. If this is not possible, disable spanning
tree
> > on
> >> > every VLAN in the network. Make sure your network is free of physical
> >> loops
> >> > before disabling spanning tree"
> >> >
> >> > And then my question is:
> >> > If you have several dot1q trunks configured in your swiched network
in
> >> such
> >> > a way that these trunks don't allow pass the vlan1, the vlan1 is the
> >> native
> >> > vlan for them (you can see this doing a "sh int trunk") and the
> > interface
> >> > vlan 1 is in shutdown state in all the switches (but no STP disabled
on
> >> > this vlan 1), can you have any stp issues like to be unable to block
> > some
> >> > loops?
> >> > What happens with the STP control traffic if vlan 1 isn't included on
> > the
> >> > trunks? Having vlan 1 in shutdown state maybe interpreted by the
system
> > as
> >> > it has stp disabled for this vlan? I'm usign RAPID PVSTP
> >> >
> >> > Any thoughs will be greatly apreciated.
> >> >
> >> >
> >> >
> >> >
> >> >
> >> > Juan Faure Ferrer
> >> > email: jfaure@sztele.com
> >> >
> >> > Lmnea de Negocio de Telematica y CC
> >> > Ingeniero de Integracisn de Redes y Sistemas
> >>
>
>> -------------------------------------------------------------------------
-
> >> --
> >> >
> >> > SOLUZIONA TELECOMUNICACIONES
> >> > Servicios Profesionales de UNION FENOSA
> >> > Jerez, 3
> >> > 28016 MADRID
> >> > tel 91 579 30 00 fax 91 350 72 83
> >>
>
>> -------------------------------------------------------------------------
-
> >> -
> >> >
> >> >
This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:47 GMT-3