From: anthony.sequeira@thomson.com
Date: Wed Jun 13 2007 - 13:18:43 ART
I believe the concept of the Native VLAN originally arose as a safety
mechanism for Management traffic. For example, if a trunk link loses its
trunk status, the link can still pass the Management traffic as it is
not tagged.
Because there are security issues that the Native VLAN can introduce,
Cisco currently recommends that in high security environments, the
Native VLAN be set to an Inactive VLAN. In other words, set it to a VLAN
that does NOT exist in your topology. The trunk link will still work
just fine, and when you check the trunk status it will show that the
Native VLAN is Inactive.
Keep in mind that in the Certification Lab, we need to do whatever they
instruct us to do. As many have pointed out here before, the Lab Exam is
not a Best Practice type of test. If in the lab, they never mention
Native VLAN at all, explicitly or implicitly, then I would just leave it
alone (default settings).
Anthony J Sequeira
#15626
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Irfan Siddiqui
Sent: Wednesday, June 13, 2007 11:13 AM
To: Cisco certification
Subject: benefit of using Native vlan
Wonder if someone can advise...
What is the benefit of using a native vlan on a trunk. If you don't
define a native vlan on a trunk, I believe it uses vlan 1 as the native
vlan to pass the untag management traffic..
If you do define a native vlan, it will use that vlan to pass all the
untagged traffic... and you need to match it on both ends...
Also I believe there is a command to the effect that you can configure
native vlan to send tagged traffic as well.. dot1q tag native or
something....
But what is the benefit of configuring a native vlan vs . not
configuring one at all..
Does it have any other benefit, besides specifying what vlan to send
untagged traffic ?
Please help. Thanks in advance..
**********************************************************************
Any opinions expressed in the email are those of the individual and not
necessarily the company. This email and any files transmitted with it
are confidential and solely for the use of the intended recipient. If
you are not the intended recipient or the person responsible for
delivering it to the intended recipient, be advised that you have
received this email in error and that any dissemination, distribution,
copying or use is strictly prohibited.
If you have received this email in error, or if you are concerned with
the content of this email please e-mail to:
e-security.support@vanco.info
The contents of an attachment to this e-mail may contain software
viruses which could damage your own computer system. While the sender
has taken every reasonable precaution to minimise this risk, we cannot
accept liability for any damage which you sustain as a result of
software viruses. You should carry out your own virus checks before
opening any attachments to this e-mail.
Vanco UK Ltd Registered in England No: 2296733 Registered Office: John
Busch House, 277 London Road, Isleworth, Middlesex TW7 5AX
Please consider the environment before printing this e-mail
**********************************************************************
This archive was generated by hypermail 2.1.4 : Sun Jul 01 2007 - 17:24:49 ART