cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2858
Views
10
Helpful
6
Replies

Trunking vlan filtering

dkblee
Level 1
Level 1

hi! If i want to allow only vlan 100-105 to go through a trunk between 2 switches. Do i need to remove the existing vlan from the trunk first(default all vlan are allowed) and then add in vlan 100-105? or just issue the command "switchport trunk allowed vlan 100-105"? Please advise. Thanks.

6 Replies 6

Amit Singh
Cisco Employee
Cisco Employee

You can only use" switchport trunk allowed vlan "command to achieve the same. You need a combination of switchport allowed/remove commands only when you want to remove some of the vlans from the trunk and allow some of the vlans simultaneously.

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2960/12225see/cr/cli3.htm#wp1948736

HTH,please rate if it does.

-amit singh

hi! What's the function of a native vlan? Will there be any problem if both end of the switches have different native vlan number?

Thanks.

Native vlan is enabled on Cisco switches by default and Vlan1 is the native vlan. The native vlan is used to carry untagged frames across a trunk link.You will not be able to form a trunk if the native vlan is different on the trunk links. They have to be same on both the sides.

-amit singh

hi! Does that mean native vlan is used only in trunking? All the ports are in vlan1(native vlan) by default, right?

Any relationship between management vlan and native vlan? The default management vlan is also vlan1, right?

ankbhasi
Cisco Employee
Cisco Employee

Hi Friend,

On IOS switches if you just allow vlans that will take care of your requirement and no need to specifically clear other vlans first

Switch#sh run int gig1/0/23

Building configuration...

Current configuration : 137 bytes

!

interface GigabitEthernet1/0/23

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 22-26

switchport mode trunk

end

Switch#sh int gig1/0/23 switchport

Ankur_Desk_Switch#sh int gig1/0/23 switchport

Name: Gi1/0/23

Switchport: Enabled

Administrative Mode: trunk

Operational Mode: trunk

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: dot1q

Negotiation of Trunking: On

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan: none

Trunking VLANs Enabled: 22-26 <<<---------

HTH

Ankur

*Pls rate all helpfull post

afaik, vlan 1 is management vlan and native vlan by default.

yes all the ports are in vlan 1 by default

in trunking if isl method is used then native vlan need not to be same.(and cisco s/w by default uses isl)

but with 802.1q trunking the native vlan packs as send untagged.so its a must that native vlan on both end be the same...

regards

arun:)