[c-nsp] Untagged packets on trunk interfaces
Phil Mayers
p.mayers at imperial.ac.uk
Tue Feb 5 17:53:49 EST 2008
Brandon Price wrote:
> Thanks for the reply!!
>
Please don't remove the list from the Cc: - the replies in the archived
may help others
>>From the link you sent:
>
> "The vlan dot1q tag native command is a global command that configures
> the switch to tag
> native VLAN traffic, and admit only 802.1Q tagged frames on 802.1Q
> trunks, dropping any
> untagged traffic, including untagged traffic in the native VLAN"
>
> Which tag is being applied to this formally "native" traffic?
I've never used this feature - because it's a chassis global it's
useless - so I'm not certain, but I think it's fair to assume the native
vlans tag number.
int gX/Y
switchport mode trunk
switchport trunk native vlan 123
switchport trunk allowed vlan 123,456
...vlans 123 & 456 will come out tagged. I guess in this case, the only
difference between a native and allowed vlan is... erm... the name?
FYI, you can also try this:
int gX/Y
switchport mode trunk
switchport trunk native vlan 999
switchport trunk allowed vlan 123,456
...that is - 999 is a dummy vlan BUT is not in the allowed vlan list; I
believe this stops it forwarding traffic.
Note that certain untagged packets will always come out of a Cisco if
their functions are enabled e.g. CDP, 802.1d STP, MST (I think?)
More information about the cisco-nsp
mailing list