[c-nsp] Blocking vlan 1 on trunked ports?

[Alexander Koch]

Joe,

now luck for the 3508XL unless the IOS you will find for
this box (beast) is much newer. As it seems a 3548 is the
same as the 3508XL effectively let me say we have been
bitten by that thing a lot. The 12.0 that I find for it
does clearly not support that. The 12.1 does for a 2950G
and 3750 and 3550 onwards...

Alexander

On Thu, 14 July 2005 21:34:29 -0700, Joe McGuckin wrote:
> Jared,
> 
> Thanks for the vote of confidence ^)
> 
> Two seconds after I pressed the return key I realized that the message was
> missing all of the critical information.
> 
> For the record, it's a 3548XL-EN running  12.0(5)XU.
> 
> If I tell the switch to accept only vlans 402 & 404 (for example), then
> perform a 'sh run', the port config shows the following:
> 
>    switchport trunk allowed vlan 1,402,404,1002-1005
> 
> No amount of "sw tr all vlan 1 remove" will convince the switch to remove
> these 'special' vlans.
> 
> I did verify on a new 3550 that vlans 1 & 1002-1005 are not automagically
> allowed (or - at least if they are, the config hides the fact).
> 
> 
> 
> -joe
> 
> 
> On 7/14/05 2:49 PM, "Jared Mauch" <jared at puck.nether.net> wrote:
> 
> > On Thu, Jul 14, 2005 at 05:41:27PM -0400, Wojtek Zlobicki wrote:
> >> Why can you not remove vlan 1 ? Technical or Political Issue ?  Why
> >> not prune it on the trunks.  At very least if customer insists on
> >> sending you VLAN 1, prune it off your own trunks, that way it will
> >> just be switch local
> > 
> > I think Joe is bright enough to be indicating it is
> > a technical issue, but he might want to provide some more
> > info (sw, platform, cli output) on the topic :)
> > 
> > - jared
> > 
> >> On 7/14/05, Joe McGuckin <joe at via.net> wrote:
> >>> I want to handoff a trunk port to a customer, but I cannot remove vlan1 from
> >>> the list of allowed vlans.
> >>> 
> >>> Is there a way around this?