Newbie question...configure core port as a trunk or as a vlan member?

Discussion in 'Cisco' started by Ned, Jul 28, 2006.

  1. Ned

    Ned Guest

    Hello

    I have a 4507 at our MDF with 3560's in the closets. Each closet will
    be a member of a different VLAN. I can configure the port at the MDF as
    a member of the correct VLAN or I can configure it as a trunk and
    configure the ports at the 3560 (in the closets) to be members of the
    VLAN. I like the second option better even though it's a little more
    work because later on I can easily add and remove vlans if it ever
    becomes necessary. Is there any reason why I should choose one or the
    other?

    Thanks
    Ned Hart
     
    Ned, Jul 28, 2006
    #1
    1. Advertising

  2. "Ned" <> writes:
    >I have a 4507 at our MDF with 3560's in the closets. Each closet will
    >be a member of a different VLAN. I can configure the port at the MDF as
    >a member of the correct VLAN or I can configure it as a trunk and
    >configure the ports at the 3560 (in the closets) to be members of the
    >VLAN. I like the second option better even though it's a little more
    >work because later on I can easily add and remove vlans if it ever
    >becomes necessary. Is there any reason why I should choose one or the
    >other?


    No, you've pretty much got it summarized (other than the first config
    is slightly more "secure" if there's a worry about such a thing in
    your environment, in that they'd have to compromise the central switch
    instead of a leaf switch).
     
    Doug McIntyre, Jul 28, 2006
    #2
    1. Advertising

  3. Ned

    Merv Guest

    Recomend you use trunks for the reason you listed.

    I would also recomend you NOT use VTP or DTP on your trunks - Cisco
    says use desirable; my choice is non-neg (ie a trunk is a trunk
    period).

    Explicity configure which VLANS are allowed on each trunk using the
    allowed valns command ( do this at both ends). With newer versions of
    IOS, VLAN 1 (default) can be removed from the trunk.
     
    Merv, Jul 28, 2006
    #3
  4. Ned

    Merv Guest

    Recomend you use trunks for the reason you listed.

    I would also recomend you NOT use VTP or DTP on your trunks - Cisco
    says use desirable; my choice is non-neg (ie a trunk is a trunk
    period).

    Explicity configure which VLANS are allowed on each trunk using the
    allowed valns command ( do this at both ends). With newer versions of
    IOS, VLAN 1 (default) can be removed from the trunk.
     
    Merv, Jul 28, 2006
    #4
  5. Ned

    Peter Guest

    Hi Ned,

    > I have a 4507 at our MDF with 3560's in the closets. Each closet will
    > be a member of a different VLAN. I can configure the port at the MDF as
    > a member of the correct VLAN or I can configure it as a trunk and
    > configure the ports at the 3560 (in the closets) to be members of the
    > VLAN. I like the second option better even though it's a little more
    > work because later on I can easily add and remove vlans if it ever
    > becomes necessary. Is there any reason why I should choose one or the
    > other?


    You have pretty much worked it out, the first method is simpler and
    therefore easier to implement, but it can be a pain if your needs
    change later. Using Trunks NOW is lending towards "Future Proofing"
    yourself, you are enabling a "no brains" upgrade for later if you wish
    to add another VLAN somewhere without disrupting what currently
    exists. For added security using Trunks, I would investigate limiting
    specific VLANS down a trunk, with that you end up with the same level
    of security as not using VLAN's, but heaps more flexibility for later.

    Cheers............pk.


    --
    Peter from Auckland.
     
    Peter, Jul 28, 2006
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. No Spam
    Replies:
    3
    Views:
    4,007
    No Spam
    Jun 7, 2004
  2. bigal
    Replies:
    0
    Views:
    1,158
    bigal
    Mar 22, 2006
  3. Replies:
    2
    Views:
    6,976
    java321
    Apr 23, 2006
  4. Replies:
    1
    Views:
    642
    Thrill5
    Feb 6, 2008
  5. Replies:
    2
    Views:
    13,151
Loading...

Share This Page