05-09-2007 12:16 PM - edited 03-05-2019 03:58 PM
All, here is a config I inherited. It is an end user port: Because its an end user port, isnt the commands switchport trunk, bad for the config? See below for the config:
interface FastEthernet1/0/7
switchport access vlan 202
switchport trunk encapsulation dot1q
switchport trunk native vlan 205
switchport mode dynamic desirable
switchport voice vlan 246
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
Solved! Go to Solution.
05-09-2007 12:22 PM
hmmm very bad. You don't need spanning-tree portfast on the port the one you are using as trunk port.
As you said that this port is connected to user device not trunked switch. You can remove all of this....
no switchport trunk encapsulation dot1q
no switchport trunk native vlan 205
no switchport mode dynamic desirable
you may add:
switchport mode access
Cheers,
Masood Ahmad Shah
05-09-2007 12:22 PM
hmmm very bad. You don't need spanning-tree portfast on the port the one you are using as trunk port.
As you said that this port is connected to user device not trunked switch. You can remove all of this....
no switchport trunk encapsulation dot1q
no switchport trunk native vlan 205
no switchport mode dynamic desirable
you may add:
switchport mode access
Cheers,
Masood Ahmad Shah
05-09-2007 12:35 PM
Hi,
If it is an end user port, you don't need any trunk configuration, and by the way the command "switchport mode dynamic desirable" explains why the interface accepted the trunk configuration, this command means "desirable" that the interface will try to be trunk, and if it fails to be a trunk it will act as an access switchport.
HTH, please do rate if it does helps,
Mohammed Mahmoud.
05-09-2007 02:39 PM
I agree, you should take any trunking commands off of the access port. It is a pretty big security hole too. A user with malicious intent could set up a trunking session with the port and view traffic on all VLANs if they pleased.
-Chris
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide