nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Advice regarding Cisco/Juniper/HP

From: "George Bonser" <gbonser () seven com>
Date: Wed, 30 Jun 2010 09:11:28 -0700



-----Original Message-----
From: sthaug
Sent: Wednesday, June 30, 2010 12:35 AM
Cc: nanog () nanog org
Subject: Re: Advice regarding Cisco/Juniper/HP

The Cisco default of allowing all VLANs on a trunk is dangerous in a
service provider environment (not to mention VTP, DTP and other

evils).




I agree. In a perfect world, the default should be to not allow any
vlans on a trunk unless explicitly configured.

I think Cisco defaults are set so that someone not all that familiar
with network gear can plug in a new switch, it will negotiate a trunk,
and all vlans will be available on it without a lot of configuration.
So like a lot of things, a piece of gear in the hands of someone who
doesn't know exactly what they are doing can be dangerous.

G
Previous By Date Next
Previous By Thread Next

Current thread: