Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

2 ends of trunk - allowed vlan 2-4094 - other end allowed all - will vlan1 pass through trunk

Posted on 2013-11-21
4
Medium Priority
?
389 Views
Last Modified: 2013-11-27
Hi - can someone please explain this. - here are 2 settings for either end of trunk
int2.jpg
int1.jpg
0
Comment
Question by:philb19
4 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 39668680
What exactly do you want explained?

Looks like VTP is pruning the VLANs on the trunk at one end of the trunk.
0
 
LVL 3

Accepted Solution

by:
RKnebel512 earned 2000 total points
ID: 39669671
No, vlan 1 should not pass through this trunk.  Interface 2 will neither send it out this port nor receive it.  But depending on the way your network is configured, you might want that behavior.

Since the native vlan is vlan 1, the switches put any packets that don't have another place into vlan 1.  

For security purposes, many network administrators run everything on other vlans, then filter out vlan 1.  That way any traffic that they didn't specifically put in one of their own vlans doesn't get sent anywhere.  

But if you aren't using any other vlans, then everything is dumped into vlan 1.  In that case, you definitely want to allow the traffic.

Either way, you should configure the ports so they match, just for simplicity's sake
0
 
LVL 47

Expert Comment

by:Craig Beck
ID: 39671890
In addition to what the other experts have said here, it's fine to have different pruning settings at each end of a trunk link from a technical perspective.  You don't need things to match like you do with an EtherChannel.

The beauty of this (depending on how you look at it) is that you can prune VLANs at one end only if you want to, without having to prune at the other end.
0
 
LVL 1

Author Closing Comment

by:philb19
ID: 39682630
great explanation - Thanks
0

Featured Post

Identify and Prevent Potential Cyber-threats

Become the white hat who helps safeguard our interconnected world. Transform your career future by earning your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Arrow Electronics was searching for a KVM  (Keyboard/Video/Mouse) switch that could display on one single monitor the current status of all units being tested on the rack.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question