[c-nsp] VLAN 1 through routed ports
Justin Shore
justin at justinshore.com
Thu Jan 8 12:22:29 EST 2009
Gert Doering wrote:
> Hi,
>
> On Thu, Jan 08, 2009 at 07:16:19PM +0530, Hitesh Vinzoda wrote:
>> I m havin old setup of two 6509 connected together by means of routed ports.
>> On one of the 6509 i have vlan 1 with user subnet configured on it along
>> with DHCP. now when i connect anything on vlan 1 on 2nd 6509, the desktop is
>> leased with the IP of vlan 1 configured on 6509-1. any idea why i m gettin
>> ip leased through DHCP.
>>
>> note: no helper commands are used on vlan 1 of 6509-2 and no ip address
>> exists on SVI vlan 1.
>
> Could be a trunk port between those 6509s.
>
> Check with "show mac-address vlan 1" or "show spanning-tree vlan 1" on
> which ports vlan 1 is active where it shouldn't be.
And by all means DO NOT USE VLAN 1. That's what bit me in the ass last
night. An unconfigured 7600 LAN port with switchport, mode access and
no access vlan defined was a piece in the puzzle of the cluster that was
my evening last night. VLAN 1 is evil and anyone that uses it
intentionally is a fool.
On a related side note, can VLAN 1 be disabled? If the state is set to
suspended or the vlan is 'shutdown' in vlan sub-config mode, would that
actually shutdown VLAN 1? If a default config access-mode switchport in
VLAN by default receives a packet, does it drop it? I'm looking for
ways to prevent what happened last night and since I can't remove VLAN 1
from the trunk ports in question I'd like to figure out how to disable
the VLAN. The other option would be to change the VLAN used by default
for the access VLAN when one isn't configured on a port. Is there a
config option for that?
Thanks
Justin
More information about the cisco-nsp
mailing list