[c-nsp] Untagged native VLAN...

Elmar K. Bins elmi at 4ever.de
Wed Nov 24 04:33:15 EST 2010


Re Nick,

nick at foobar.org (Nick Hilliard) wrote:

> >>Will try that - this sounds like the easiest way, although I dislike
> >>special constructs normally. But - this would allow me to keep the
> >>portfast setting which definitely helps when dealing with workstations...
> 
> This isn't a special construct: it's the recommended way to handle cisco voip phones 
> with desktop ethernet support.

Sure, but: This is not a Cisco phone. It works nonetheless, so CDP seems to
not be really necessary. Further testing notwithstanding, of course.

> >Also include "spanning-tree bpduguard enable" wherever possible. STP
> >BPDUs have no place on access ports.
> 
> This should be accompanied by a generous helping of the "port security" commands.  
> Otherwise you end up with a risk of l2 loops.

I usually disable ...guard and enable ...filter, but in view of these phones
having builtin switches, I might opt for the ...guard setting here, too.

Yours,
	Elmar.

-- 

"Machen Sie sich erst einmal unbeliebt. Dann werden Sie auch ernstgenommen."
							     (Konrad Adenauer)

--------------------------------------------------------------[ ELMI-RIPE ]---

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20101124/23a51951/attachment.bin>


More information about the cisco-nsp mailing list