[c-nsp] switchport trunk allowed vlan
Tim Durack
tdurack at gmail.com
Sat Oct 30 17:34:28 EDT 2010
On Sat, Oct 30, 2010 at 5:16 PM, Arie Vayner (avayner)
<avayner at cisco.com> wrote:
> Tim,
>
> Can you please explain a bit better what you would like to achieve?
Sure. The following command format is relatively safe:
switchport trunk allowed vlan <add/remove/all/except/none> <range>
However, if one forgets to include the <add/remove/all/except/none>
keyword, the command defaults to replace:
switchport trunk allowed vlan <range>
This isn't usually the desired result.
I would like to disable the use of: "switchport trunk allowed vlan
<range>", and replace it with a custom EEM command like: "switchport
trunk allowed vlan range <range>". This would correct a dangerous IOS
syntax.
I don't know if this is really possible, but it could be an
interesting exercise in demonstrating the power of EEM :-)
> Also, which IOS version please?
C6K, Sup720, 12.2(33)SXI3
> Tnx
> Arie
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Tim Durack
> Sent: Friday, October 22, 2010 19:22
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] switchport trunk allowed vlan
>
> Anyone know what an EEM policy would look like to allow:
>
> rtr-1(config-if)#switchport trunk allowed vlan ?
> add add VLANs to the current list
> all all VLANs
> except all VLANs except the following
> none no VLANs
> remove remove VLANs from the current list
>
> But deny:
>
> rtr-1(config-if)#switchport trunk allowed vlan ?
> WORD VLAN IDs of the allowed VLANs when this port is in trunking
> mode
>
> I know I can create an alias for adding/removing, but I would like to
> see if I can disable the more dangerous form of this command ;-|
>
> --
> Tim:>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
--
Tim:>
More information about the cisco-nsp
mailing list