05-05-2009 07:56 AM - edited 03-06-2019 05:32 AM
Any caveats on removing vlans 1,1002-1005 from interfaces when setting up ether channels? (cat3524xl)
05-05-2009 07:59 AM
David
You mean the vlans allowed on a trunk ?
If so, nope go right ahead and do altho be aware that vlan 1 is always allowed across the trunk as Cisco use this vlan for control protocols such as CDP/VTP etc..
Jon
05-05-2009 08:01 AM
is that true even if a remove it from a trunk ? also can i shut down vlan 1 on my devices ?
05-05-2009 08:04 AM
Is that true even if you change the native VLAN? I have never given much thought to getting rid of VLAN 1.
Just out of curiosity, why would you want to get rid of VLAN 1?
05-05-2009 08:11 AM
Jeremy
"Is that true even if you change the native VLAN 1 ?" - Yes it is. Some control protocols use the native vlan which is by default vlan 1 so if you change the native vlan you change the vlan used for caryying that control protocol but some still use vlan 1. There was a thread a while back about this - i'll see if i can find a link to it :-)
"Just out of curiosity, why would you want to get rid of VLAN 1?"
Main reason is vlan 1 is the default vlan for all ports and the idea is to simply not use vlan 1 for anything if you can ie.
1) No ports for end user devices/servers etc in vlan 1
2) Don't use vlan 1 for managing the switches
3) Change the native vlan from vlan 1 to something else.
There is a good paper on vlan security that has a specific part about the use of vlan 1 -
http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml
Jon
05-05-2009 08:25 AM
Jeremy
As promised here is that link to thread -
http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=Getting%20Started%20with%20LANs&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40^1%40%40.2cc1a8ed/10#selected_message
Jon
05-05-2009 08:06 AM
Carl
"is that true even if a remove it from a trunk ?"
Yes
"also can i shut down vlan 1 on my devices ?"
Yes
Jon
05-07-2009 07:36 AM
Hi Jon,
I'm afraid removing VLAN1 from a trunk is not supported on obsolete switches like Cat3524XLs.
The CLI will permit to disable it on a trunk, but "sh int ... sw" will still show it permitted then.
The same is valid for VLANs 1002-1005, I'm afraid.
BR,
Milan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide