From: CCIE3000 (ccie3000@googlemail.com)
Date: Tue Jun 24 2008 - 03:01:24 ART
Come on....please keep up at the back :)
I was replying to Ananths' email when your (Sadiq's) email came through and
got me thinking.
Paul managed do decyfer my code :)
It's nothing too technical but an easy point looser, you don't need to
configure the native vlan in the vlans permitted with the swichport trunk
allowed vlans command for everything to work....if you don't want to pass
data on the native vlan that is.
On 6/24/08, Paul Cosgrove <paul.cosgrove@heanet.ie> wrote:
>
> Hi Sadiq,
>
> You mentioned vlan 1, but not what happens when the native vlan is changed
> to something else and neither of these vlans are in the allowed list (this
> is what CCIE3000 referred to).
>
> Layer 2 control protocols are permitted on vlan 1 and the native vlan, even
> if you do not add the native vlan in the allowed list.
>
> DTP (both tagged and untagged as I recall) and VTP will be sent on the
> native vlan of the interface. STP is sent on vlan 1, the native vlan and
> any other permitted vlans.
>
> Paul
>
>
> Sadiq Yakasai wrote:
> > Sorry CCIE3000,
> >
> > LOL!! So what exactly are you saying here? I have read this 3 times and
> > still cant figure out what your conclusion/question/concern/confusion (if
> > any) is... :)
> >
> > Please can you clarify a little bit more?
> >
> > Thanks
> >
> > Sadiq
> >
> >
> CCIE3000 wrote:
>
>> Yep, this is true...but even when you use another vlan as native and
>> remove
>> that vlan it still works okay.
>>
>> I've been reading through the docs but haven't found anything to explain
>> why
>> yet.
>>
>> Stop the press........
>>
>> Reading Sadiq's post got me thinking.
>>
>> Okay, I've got a SVI for vlan 3 on both switches, with trunk between
>> them,
>> no etherchannel
>>
>> Native vlan is 3, but only 4 and 5 are permitted.
>>
>> Okay, trunk stays up but you are unable to ping between the two SVI's.
>>
>> I'm in uncharted territory here so I hope the following isn't complete
>> bull.
>> So the switch trunk allowed vlan stops the data traffic but doesn't stop
>> the
>> control traffic for the trunk.
>>
>> As I said, Sadiq's post caused the light bulb to switch on.
>>
>> How's that sound?
>>
>>
>> On 6/23/08, A.G. Ananth Sarma (GMail) <ananth.sarma@gmail.com> wrote:
>>
>>> Hi,
>>>
>>> it is not the question of permitting. In the first place, you cannot
>>> remove
>>> VLAN 1.
>>>
>>> See note below:
>>>
>>>
>>> ------------------------------
>>> *Note *VLANs 1 and 1002 to 1005 are reserved and cannot be removed.
>>>
>>>
>>>
>>> http://www.cisco.com/en/US/docs/switches/lan/catalyst2900xl_3500xl/releasesa4/eesoftconfig/masctrnk.html
>>>
>>> *Section: Defining the Allowed VLANs on a Trunk*
>>>
>>>
>>> HTH,
>>>
>>> Ananth
>>>
>>>
>>> On Mon, Jun 23, 2008 at 5:46 PM, CCIE3000 <ccie3000@googlemail.com>
>>> wrote:
>>>
>>> Hi Guys,
>>>>
>>>> If you have a question that states to only allow the necessary vlans
>>>> across
>>>> the trunk and the native vlan is vlan 1 would you permit vlan 1 as well
>>>> as
>>>> the other necessary vlan's?
>>>>
>>>> I'm just about to play on the switches now but I thought I'd throw it up
>>>> for
>>>> discussion.
>>>>
>>>> Cheers.
>>>>
>>>>
>>>> _______________________________________________________________________
>>>> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>
>>>
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>
> --
> HEAnet Limited
> Ireland's Education & Research Network
> 5 George's Dock, IFSC, Dublin 1, Ireland
> Tel: +353.1.6609040
> Web: http://www.heanet.ie
> Company registered in Ireland: 275301
>
> Please consider the environment before printing this e-mail.
This archive was generated by hypermail 2.1.4 : Tue Jul 01 2008 - 06:23:22 ART