[c-nsp] QOS Configuration Help

Justin Shore justin at justinshore.com
Wed Mar 5 21:32:05 EST 2008


Ben Steele wrote:
> 
> On 06/03/2008, at 9:59 AM, Justin Shore wrote:
>>
>> No-negotiate - Forces trunking but will not negotiate anything.
>>
> I don't think that's right, "switchport nonegotiate" actually just stops 
> DTP from being transmitted and hence can't be applied when the 
> switchport is in dynamic desirable mode, which is why it can only be 
> applied in "switchport mode access" or "switchport mode trunk" as you 
> are explicitly telling the switchport what mode to be in and there is no 
> need for it to be negotiated via DTP, putting "switchport nonegotiate" 
> on a switchport that has been configured as access is not going to force 
> it to be a trunk, it will still be an access port.

I thought it was weird too but I pretty much copied that out of the new 
Router Security Strategies book, pages 210-211, just to be sure.  The 
first sentence under the "No-negotiate mode" heading is:

"Puts the LAN port into permanent trunking mode but prevents the port 
from generating DTP frames."

Now that said I have configured nonegotiate on access ports and they 
continued to work.  This runs contrary to the end of the paragraph that 
says you must configure trunk encap and mode trunk before configuring 
nonegotiate.

Confusing...

Justin


More information about the cisco-nsp mailing list