VLAN list on Trunk ports

skhirbash · ‎07-17-2008

Ref- Catalyst 3560 Switch Software Configuration Guide Pg: 12-21

To reduce the risk of spanning-tree loops or storms, you can disable VLAN 1 on any individual VLAN trunk port by removing VLAN 1 from the allowed list. When you remove VLAN 1 from a trunk port, the interface continues to sent and receive management traffic, for example, Cisco Discovery Protocol (CDP), Port Aggregation Protocol (PAgP), Link Aggregation Control Protocol (LACP), DTP, and VTP in VLAN 1.

Is not correct that by not assigning an ip address and disabling â€œshutdownâ€ VLAN1 interface accomplishes the same thing (Not allowing VLAN traffic on trunk ports?

Thank in advance,

SK

elderr · ‎07-17-2008

I think and someone else can back this up or not. The int vlan 1 is the layer 3 and would not have anything to do with information on the trunk interface. If you want to stop management traffic passing on a trunk interface you would need to create a new vlan say 99 and set it as the native then prune the vlan 99 from the trunk to stop the traffic.

tdrais · ‎07-17-2008

The vlan interface is only related to layer 3 traffic passing to the switch itself or to the layer 3 part of the switch.

For example say I had a pc on the switch on vlan 1 sending traffic to a non existant mac. It will get flooded out all ports including the truck port. If I remove the vlan on the trunk this flood does not get sent.

Now the spanning tree is say I am stupid an turn off spanning tree on both switches. Now I connect a cable between a port on each switch that is in vlan 1. If vlan 1 is allowed on the trunk you get a loop. This is a layer 2 thing has nothing to do with the interface.