[c-nsp] Standard port configurations
Jee Kay
jeekay at gmail.com
Mon Nov 28 13:28:15 EST 2005
I'm trying to come up with some documentation for 'best practices'
configuration of various types of switchports. Essentially I'm trying
to reduce the amount of random frames generated by the switch itself
and to protect myself as best I can from whatever I am plugging in to.
At the moment, for 'core' ports (ie plugging into other network
equipment), I do:
switchport trunk encap dot1q
switchport trunk allowed vlan <blah>
switchport mode trunk
switchport trunk nonegotiate
logging event link-status
For 'edge' ports (mainly servers):
switchport access vlan <blah>
switchport mode access
switchport nonegotiate
spanning-tree portfast
switchport port-security
For inter-switch portchannels, I generally use 'channel-group <blah>
mode desirable non-silent'.
Does anyone know of any other statements that would be useful in any
of these situations, or of a 'best practices' document somewhere I
could consult for this?
Thanks in advance,
GK
More information about the cisco-nsp
mailing list