Ok, here is my scenario: We have two 4006 switches in our hub room, one is for our 10 network and one is for our 15 network. We set up a 3960G switch in our IT department that has 12 ports for vlan10 and 8 ports for vlan15 and the other ports are for a secondary Internet connection (vlan192) for testing, etc. All of our wall jacks are wired to the hub room and terminated to patch panels that are then connected to the 4006 switches. We have a trunk port configured for vlan 10 and vlan15 on the 3960G so we can set up new PC's etc. using the 3960G switch. The problem is this: we have a few people's PC's that are plugged into the wall jacks and their traffic is traversing the trunk on the 3960G switch, and I would like to somehow prevent this if possible. This issue came about when we had to reboot the 3960G switch in the IT department office and about 5-6 people dropped connectivity. My question is: How can I prevent traffic from PC's that are plugged into wall jacks that terminate to the hub room from traversing the trunk on the "temporary" 3960G switch? We need to have vlan10 and vlan15 set up on this temporary switch and to communicate we need to have the trunk, but how can I shape traffic so that the PC's plugged into the wall jacks does not traverse that trunk?
you might try on 4006 switches :
mac address-table static 6.6.6 vlan 1 drop
(change the mac 6.6.6 and vlan id )
for each PC , having the MAC of the PC's NIC
When you setup the trunks did you restrict what was allowed on the trunks ? Or did you just leave it wide open allowing everything? Restrict the trunk to just the vlan that is needed on each link , switchport trunk allowed vlan X .
The previous admin configured it, but yes, it is configured to ONLY allow the corresponding vlan traffic such as vlan 10 and vlan
15. I believe the "problem" I am dealing with is just simply the way a switch is supposed to work. I don't believe the configuration is incorrect necessarily, but I was hoping there was a way I could set a priority maybe that would prevent some machines from traversing that particular trunk on that "temporary" switch. I just didn't want machines that are plugged into wall jacks (that are terminated at patch panels in our hub room) going through the trunk on this temporary switch.