You can't truly block VLAN1. Regards, Jay McMickle- CCNP,CCSP,CCDP Sent from my iPhone http://mycciepursuit.wordpress.com
On Feb 15, 2012, at 3:53 PM, kyujin Choi <[email protected]> wrote: > Question: VLAN 1 > > By default, VLAN 1 is the native VLAN and should only be used to carry > control traffic, > > CDP, VTP, PAgP, and DTP. This information is transmitted across trunk > links untagged. > > • User VLANs should not include the native VLAN, VLAN 1. This information > will be sent > > as tagged frames across VLAN trunks. > > • The Management VLAN should be a VL > > > > > > Now, I am testing vlan 1 so that SW1 can't send vlan 1 to SW2 through trunk > by using "switchport trunk allowed vlan remove 1" > > > > As I expected the below is the output after i did in SW1 ( SW1 ---- SW2 > are connected through f0/15 each other) > > > > [image: > 1.jpg]<https://learningnetwork.cisco.com/servlet/JiveServlet/showImage/2-212899-92160/1.jpg> > > > > Based on what i understood since SW1 can't send vtp, cdp, dtp, udld, pagp, > SW2 cann't negotiate dynamically. (No cdp, no vtp information is > transfeered) > > > > However, when I capture the packet, it is still transferred CDP/VTP/DTP > packets each other. > > > > [image: > 2.jpg]<https://learningnetwork.cisco.com/servlet/JiveServlet/showImage/2-212899-92161/2.jpg> > > > > Interestingly, each SW uses multicast address 01 00 0c cc cc cc for this > packet. > > > > I thought when I block vlan 1, it blocks multicast traffic, too. but, > swithes are sending each other all CDP/VTP/DTP information. > > > > I rebooted both switches, but they are trunking still. > > > > > > > > -------------------- f0/15 config --------------- > > > > SW1#show run inter f0/15 > Building configuration... > > Current configuration : 149 bytes > ! > interface FastEthernet0/15 > switchport trunk encapsulation dot1q > switchport trunk allowed vlan 2-11,13-4094 > end > > SW1# > > > > > > > > SW2 > > ! > interface FastEthernet0/15 > switchport trunk encapsulation dot1q > switchport trunk allowed vlan 2-11,13-4094 > switchport mode dynamic desirable > end > > SW2# > > > > > > ---------------- show int trunk -------------- > > > SW1#show inter trunk > > Port Mode Encapsulation Status Native vlan > Fa0/15 auto 802.1q trunking 1 > > Port Vlans allowed on trunk > Fa0/15 2-11,13-4094 > > Port Vlans allowed and active in management domain > Fa0/15 200,202,210,300,310 > > Port Vlans in spanning tree forwarding state and not pruned > Fa0/15 200,202,210,300,310 > SW1# > > > > > > SW2#show int trunk > > Port Mode Encapsulation Status Native vlan > Fa0/15 desirable 802.1q trunking 1 > > Port Vlans allowed on trunk > Fa0/15 2-11,13-4094 > > Port Vlans allowed and active in management domain > Fa0/15 200,202,210,300,310 > Port Vlans in spanning tree forwarding state and not pruned > > Fa0/15 200,202,210,300,310 > SW2# > > > > > > What am i missing here? I like to better understand what vlan 1 does. > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > http://onlinestudylist.com/mailman/listinfo/ccie_rs _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
