280
Configuring VLANs
VLANs
—
STP Port Fast setting.
—
Trunk status. If one port in a port group ceases to be a trunk, all ports cease to be trunks.
We recommend that you configure no more than 24 trunk ports in PVST mode and no more than 40 trunk ports in
MST mode.
If you try to enable IEEE 802.1x on a trunk port, an error message appears, and IEEE 802.1x is not enabled. If you try
to change the mode of an IEEE 802.1x-enabled port to trunk, the port mode is not changed.
A port in dynamic mode can negotiate with its neighbor to become a trunk port. If you try to enable IEEE 802.1x on
a dynamic port, an error message appears, and IEEE 802.1x is not enabled. If you try to change the mode of an IEEE
802.1x-enabled port to dynamic, the port mode is not changed.
Allowed VLANs on a Trunk
By default, a trunk port sends traffic to and receives traffic from all VLANs. All VLAN IDs, 1 to 4096, are allowed on each
trunk. However, you can remove VLANs from the allowed list, preventing traffic from those VLANs from passing over the
trunk. To restrict the traffic a trunk carries, use the
switchport trunk allowed vlan remove
vlan-list
interface
configuration command to remove specific VLANs from the allowed list.
Note:
VLAN 1 is the default VLAN on all trunk ports in all Cisco switches, and it has previously been a requirement that
VLAN 1 always be enabled on every trunk link. You can use the VLAN 1 minimization feature to disable VLAN 1 on any
individual VLAN trunk link so that no user traffic (including spanning-tree advertisements) is sent or received on VLAN 1.
To reduce the risk of spanning-tree loops or storms, you can disable VLAN 1 on any individual VLAN trunk port by
removing VLAN 1 from the allowed list. When you remove VLAN 1 from a trunk port, the interface continues to send and
receive management traffic, for example, Cisco Discovery Protocol (CDP), Port Aggregation Protocol (PAgP), Link
Aggregation Control Protocol (LACP), DTP, and VTP in VLAN 1.
If a trunk port with VLAN 1 disabled is converted to a nontrunk port, it is added to the access VLAN. If the access VLAN
is set to 1, the port will be added to VLAN 1, regardless of the
switchport trunk allowed
setting. The same situation
applies for any VLAN that has been disabled on the port.
A trunk port can become a member of a VLAN if the VLAN is enabled, if VTP knows of the VLAN, and if the VLAN is in
the allowed list for the port. When VTP detects a newly enabled VLAN and the VLAN is in the allowed list for a trunk port,
the trunk port automatically becomes a member of the enabled VLAN. When VTP detects a new VLAN and the VLAN is
not in the allowed list for a trunk port, the trunk port does not become a member of the new VLAN.
Native VLAN for Untagged Traffic
A trunk port configured with IEEE 802.1Q tagging can receive both tagged and untagged traffic. By default, the switch
forwards untagged traffic in the native VLAN configured for the port. The native VLAN is VLAN 1 by default.
Note:
The native VLAN can be assigned any VLAN ID.
For information about IEEE 802.1Q configuration issues, see
IEEE 802.1Q Configuration Guidelines, page 278
.
Load Sharing Using Trunk Ports
Load sharing divides the bandwidth supplied by parallel trunks connecting switches. To avoid loops, STP normally blocks
all but one parallel link between switches. Using load sharing, you divide the traffic between the links according to which
VLAN the traffic belongs.
You configure load sharing on trunk ports by using STP port priorities or STP path costs. For load sharing using STP port
priorities, both load-sharing links must be connected to the same switch. For load sharing using STP path costs, each
load-sharing link can be connected to the same switch or to two different switches.
Содержание IE 4000
Страница 12: ...8 Configuration Overview Default Settings After Initial Switch Configuration ...
Страница 52: ...48 Configuring Interfaces Monitoring and Maintaining the Interfaces ...
Страница 108: ...104 Configuring Switch Clusters Additional References ...
Страница 128: ...124 Performing Switch Administration Additional References ...
Страница 130: ...126 Configuring PTP ...
Страница 140: ...136 Configuring CIP Additional References ...
Страница 146: ...142 Configuring SDM Templates Configuration Examples for Configuring SDM Templates ...
Страница 192: ...188 Configuring Switch Based Authentication Additional References ...
Страница 244: ...240 Configuring IEEE 802 1x Port Based Authentication Additional References ...
Страница 274: ...270 Configuring SGT Exchange Protocol over TCP SXP and Layer 3 Transport Configuring Cisco TrustSec Caching ...
Страница 298: ...294 Configuring VLANs Additional References ...
Страница 336: ...332 Configuring STP Additional References ...
Страница 408: ...404 Configuring DHCP Additional References ...
Страница 450: ...446 Configuring IGMP Snooping and MVR Additional References ...
Страница 490: ...486 Configuring SPAN and RSPAN Additional References ...
Страница 502: ...498 Configuring Layer 2 NAT ...
Страница 559: ...555 Configuring Network Security with ACLs How to Configure Network Security with ACLs Creating a Numbered Extended ACL ...
Страница 770: ...766 Configuring IPv6 MLD Snooping Related Documents ...
Страница 930: ...926 Configuring IP Unicast Routing Related Documents ...
Страница 956: ...952 Configuring IPv6 Unicast Routing Configuring IPv6 network 2010 AB8 2 48 network 2010 AB8 3 48 exit address family ...
Страница 976: ...972 Configuring Cisco IOS IP SLAs Operations Additional References ...
Страница 978: ...974 Dying Gasp ...
Страница 990: ...986 Configuring Enhanced Object Tracking Monitoring Enhanced Object Tracking ...
Страница 994: ...990 Configuring MODBUS TCP Displaying MODBUS TCP Information ...
Страница 996: ...992 Ethernet CFM ...
Страница 1030: ...1026 Working with the Cisco IOS File System Configuration Files and Software Images Working with Software Images ...
Страница 1066: ...1062 Using an SD Card SD Card Alarms ...