Solved

Removing vlan 1 from trunk

Posted on 2011-02-10
5
1,314 Views
Last Modified: 2012-05-11
I would like to know if there are any problems associated with removing VLAN 1 from all trunks.  I found the following from Cisco's website:

Remove VLAN 1 from the allowed list so you can disable VLAN 1 on any individual VLAN trunk port in order to reduce the risk of spanning-tree loops or storms. When you remove VLAN 1 from a trunk port, the interface continues to send and receive management traffic, for example, Cisco Discovery Protocol (CDP), Port Aggregation Protocol (PAgP), Link Aggregation Control Protocol (LACP), Dynamic Trunking Protocol (DTP), and VLAN Trunking Protocol (VTP) in VLAN 1.

Is this true that management traffic passes even when VLAN 1 is disabled for all Cisco switches?  What about other managed switches such as Dell?
0
Comment
Question by:B1izzard
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 22

Accepted Solution

by:
eeRoot earned 300 total points
ID: 34864634
You can safely disable VLAN 1 as long as the network traffic has other VLAN's to use.  Most management protocols are layer 1, trunking affects layer 2 traffic.  The management traffic that uses layer 2 (SNMP, telnet, ssh, etc) can be set to a specific management VLAN meant just for network administration

The configs can be a bid tricky when you use different vendors, but yes, you can use switches from other manufacturers.
0
 

Author Comment

by:B1izzard
ID: 34864874
If it uses another VLAN for traffic, any idea on how it chooses the VLAN?  Does it use the numerically lowest VLAN, cost, or ???
0
 
LVL 12

Assisted Solution

by:jjmartineziii
jjmartineziii earned 200 total points
ID: 34864975
Yes, on cisco switches, management traffic is still passed. Not sure about other vendors.

This article may help:

http://blog.ipexpert.com/2011/01/19/old-ccie-myths-vlan-1/
0
 
LVL 22

Expert Comment

by:eeRoot
ID: 34865160
No, vlan's are not auto-detected.  It would depend on the IP address of the device, whether software or the operating system has been set to tag the network traffic with a particular VLAN, and what the switchport's native VLAN setting is.
0
 

Author Closing Comment

by:B1izzard
ID: 34867783
Thanks.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Unifi AP 4 102
access vs trunk with voice vlan 2 79
Cisco Policy based routing 2 73
slow WAN performance - ESXi WAN vSwitch 27 72
I see many questions here on Experts Exchange regarding switch port configurations and trunks. This article is meant for beginners in the subject to help to get basic knowledge about Virtual Local Area Network (VLAN (http://en.wikipedia.org/wiki/Vir…
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question