05-19-2015 05:07 AM - edited 03-08-2019 12:04 AM
interface GigabitEthernet0/1
switchport access vlan 109
switchport mode trunk
ip dhcp snooping trust
I saw this config on a switch on our network. Several questions came to mind......
1. Would there ever be a valid reason to have the switchport access vlan and switchport mode trunk commands on the same interface?
2. What does the ip dhcp snooping trust command do?
3. When only passing one vlan on a link from one switch to another what is best practice? Make the link a trunk and only add the one vlan or make both ends of the link access mode for that vlan?
Solved! Go to Solution.
05-19-2015 05:42 AM
For question 1, what is important is the mode and in this case the mode for port g0/1 is trunk so the command switchport access clan 109 has no effect.
question 2
here is a link to DHCP snooping and all related commands and what they do:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_nx-os-cfg/sec_dhcpsnoop.html
question 3
make the port trunk and add the vlans you need to add to it.
HTH
05-19-2015 05:42 AM
For question 1, what is important is the mode and in this case the mode for port g0/1 is trunk so the command switchport access clan 109 has no effect.
question 2
here is a link to DHCP snooping and all related commands and what they do:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_nx-os-cfg/sec_dhcpsnoop.html
question 3
make the port trunk and add the vlans you need to add to it.
HTH
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: