[c-nsp] NATIVE_VLAN_MISMATCH

Jan Gregor jan.gregor at chronix.org
Fri Jun 4 04:17:54 EDT 2010


Hi,

that was not my point. From provider point of view it is IMHO pretty bad
idea to leave cdp turned on customer-facing interfaces. Reasons:
1., letting customer know what kind of equipment you are using, what ip
adresses you are using and also your naming convention.
2., customer can change the configuration on his side ending in
overflowed logs on your side (especially interesting if you have
"logging console" enabled :) )
3., could be tricky if auto QoS is in use :)
4., with badly configured vfi you will display your entire topology to
customer (and customer topology to all your devices, see point 2)

And to infinity and beyound.

Maybe reasons why CDP is disabled on uni ports by default? :)

Best regards,

Jan

On 06/03/2010 02:59 AM, Mark wrote:
> or just correct the native vlans?
> 
> 
> On 02-Jun-2010, at 8:59 PM, Jan Gregor wrote:
> 
>> Made my day :). CCNA, doing it wrong :).
>> BTW, letting CDP turned on towards the customer is really the way to get
>> your logs pretty large pretty fast when you bump into a bad guy.
>>
>>
>> Jan
>>
>> On 06/02/2010 06:37 AM, Octavio Alvarez wrote:
>>> On Fri, 28 May 2010 16:41:16 -0700, Rick Kunkel <kunkel at w-link.net> wrote:
>>>
>>>> I've connected a switch of mine to a provider's switch, and I'm
>>>> getting CDP-4-NATIVE_VLAN_MISMATCH warnings...  but everything works
>>>> fine.
>>>>
>>>> Is this just a harmless warning?  I'm not doing any VLANs with them.
>>>> Their connection is going into a 3550 that has just had the nvram
>>>> erased and NO setup done, so it's ridiculously stock.
>>>
>>> I would try setting both switches to different VTP domains.
>>>
>>
>>
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20100604/76a5b255/attachment.bin>


More information about the cisco-nsp mailing list