Solved: For question 1, what is

dbuckley77 · ‎05-19-2015

interface GigabitEthernet0/1
switchport access vlan 109
switchport mode trunk
ip dhcp snooping trust

I saw this config on a switch on our network. Several questions came to mind......

1. Would there ever be a valid reason to have the switchport access vlan and switchport mode trunk commands on the same interface?

2. What does the ip dhcp snooping trust command do?

3. When only passing one vlan on a link from one switch to another what is best practice? Make the link a trunk and only add the one vlan or make both ends of the link access mode for that vlan?

Reza Sharifi · ‎05-19-2015

For question 1, what is important is the mode and in this case the mode for port g0/1 is trunk so the command switchport access clan 109 has no effect.

question 2

here is a link to DHCP snooping and all related commands and what they do:

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_nx-os-cfg/sec_dhcpsnoop.html

question 3

make the port trunk and add the vlans you need to add to it.

HTH

View solution in original post

Reza Sharifi · ‎05-19-2015