From: Lou Ioanni (louisccie_r_s@yahoo.com)
Date: Fri Feb 23 2007 - 01:19:11 ART
I would say is good to use the allow statement if you know what you doing. If you using VTP server/client many switches can support 64 vlans and if you do not use the allow statements and allow all vlans to go through you might experience network downtime.
I had an experience where they were using the allow statement and someone just removed it and the whole network slowed down because switches could not support all vlans that went through. Especially they created another 200 vlans for NAC clean access that day too.
Many get around this by using Transparent mode instead of server/client VTP mode.....especially if you have cores at L3 and no distribution L3 you should be carefull with using server/client mode...especially without allow statements.
Thanks,
Loizos Y.
CCIE#10702 R & S
Jeff Mullan <jmullan78@gmail.com> wrote:
Folks,
For example, if between a switch and router there are only 2 Vlans active (
say vlan 10,11) vlan 10 being native and switch is a trunk port , do need to
have the "switch port mode allowed vlan 10,11" command ? Ideally if we dont
have it configured then the router will drop all vlans without tags 10,11
but just wanted to find out from a best practice point of view ? Thanks !!
interface FastEthernet0/6
switchport trunk encapsulation dot1q
switchport trunk native vlan 10
switchport trunk allowed vlan 10,11 <=================
switchport mode trunk
end
SW_1#
This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:47 ART