07-14-2008 12:32 PM - edited 03-06-2019 12:11 AM
Hello,
I am currently working on my company's Data Center LAN. It is designed with all server access switches trunked to the (2) distribution switches. The access switches are a combination of CAT 6500s, WS-C2948G-GE-TX and WS-C2980G-A top-of-the-rack switches. All are running CAT OS.
Currently, vlan 1 is permitted on all uplinks/trunks. However, vlan 1 is only used when we disconnect a host, i.e. we return the port to vlan 1. Also, Vlan 1 does not have an active L3 interface on the distribution MSFC either.
Will it affect anything if I prune or clear vlan 1 off of every trunk/uplink within the server farm access layer??
Does CDP, VTP or other Cisco protocols need vlan 1 to inter-operate??
Thanks for you help,
Art
07-14-2008 01:04 PM
Hello Art,
VTP depends on vlan1, CDP should go on the native vlan on 802.1Q trunks.
So if you use VTP you shouldn't remove vlan1 from the list of allowed vlans in the trunk ports.
For security reasons is suggested to park unused ports on a vlan different from vlan1 that is not permitted on trunks, it is not the native vlan of any 802.1Q trunks, and it hasn't a L3 interface.
Hope to help
Giuseppe
07-14-2008 06:35 PM
Hi Giuseppe,
Thanks for your response.
I have VTP turned off and vlan 1 is not the native vlan.
I am trying to reduce the amount of logical ports for spanning tree domain size; hence, I prefer not to add another vlan to park ports.
Does this sound correct??? By clearing vlan 1 from my all trunk uplinks, any port in vlan 1 on a local switch that flaps up/down will not be able to introduce an instability or spanning tree incident across the LAN. Sound right??
Thanks,
Art
07-14-2008 09:06 PM
After researching this further. Cisco states the following:
CCNP BCMSM Switching:
Chapter 4 Implementing and Configuring Vlans
Study Tips
page 198
The Native VLAN is not tagged; therefore, the Native VLAN does not contain 802.1p
fields for QoS. However, there is a configuration option in more recent Cisco IOS
versions 12.1.13 or later to tag the Native VLAN on a trunk port (that is, tag all VLANs).
With this option, the Native VLAN traffic is simply tagged with the associated VLAN
ID, by default, VLAN 1. It is possible to remove VLAN 1 from a trunk; however, this
only removes data traffic from VLAN 1. CDP, DTP, PAgP, and so on still transmit across
VLAN 1.
So, clearing Vlan 1 from my trunk/uplinks only clears data traffic and not management traffic.
Since Cisco is saying that management traffic (CDP, DTP, PAgP, etc..) will still traverse vlan 1, can a host port flapping in vlan 1 cause spanning tree calculations and or problems across the LAN or will it be limited to the local switch???
Thanks for looking at this with me.
Art
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide