2/13/2023 0 Comments Router on a stick native vlanEssentially what this does is if any frames are sent to this interface with no VLAN tag, they will be processed by this interface. You don’t even have to configure an IP address, and actually, you shouldn’t. On the router end of the link, you have one of two choices:Ĭhoice 1: Explicitly create a subinterface where the native VLAN will be configured. You should create the VLAN and assign it as the native VLAN on that interface. Now when you apply this to a router on a stick scenario, the switch end of the configuration should use the same best practice. Configure the switchport trunk native vlan 99 on both ends and you have secured yourself from any potential VLAN hopping attack. This VLAN should not be assigned to any ports. Create VLAN 99 for example and name it Native VLAN. Putting routers aside for a moment, In general, when creating trunks, it is considered good practice to create a native VLAN on both ends of the trunk (on the switches themselves) that will not be used anywhere else.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |