switchport mode {access | trunk }

e24ohme24ohm Member Posts: 151
in CCNA & CCENT
Folks:
when configuring a trunk or access port, is it best practice to always configure the mode of the port? I understand that the IOS of switch can dynamicly use the port for a trunk port and ignore the VLAN configuration; however, won't only the ports that have a cable to another switch become a trunk port?
Utini!
· Share on FacebookShare on Twitter

Comments

  • hexemhexem Member Posts: 177
    Hard cording is always best practise when it comes to switchports. This prevents any attacks attempting to form a trunk with the switch with custom dtp packets or in general any user who may attempt to plug a switch into the network somewhere (altho not a problem unless it's cisco) but best done for peace of mind.

    switchport mode nonegotiate is best used where ever possible, both on trunks and access ports.
    ICND1 - Passed 25/01/10
    ICND2 - Passed 9/03/10

    Studying CCNA:S
    · Share on FacebookShare on Twitter
  • e24ohme24ohm Member Posts: 151
    hexem wrote: »
    Hard cording is always best practise when it comes to switchports. This prevents any attacks attempting to form a trunk with the switch with custom dtp packets or in general any user who may attempt to plug a switch into the network somewhere (altho not a problem unless it's cisco) but best done for peace of mind.

    switchport mode nonegotiate is best used where ever possible, both on trunks and access ports.
    thanks for the help mate!!! Cheers
    Utini!
    · Share on FacebookShare on Twitter
  • e24ohme24ohm Member Posts: 151
    hexem wrote: »
    Hard cording is always best practise when it comes to switchports. This prevents any attacks attempting to form a trunk with the switch with custom dtp packets or in general any user who may attempt to plug a switch into the network somewhere (altho not a problem unless it's cisco) but best done for peace of mind.

    switchport mode nonegotiate is best used where ever possible, both on trunks and access ports.
    If the switchport nonnegotiate interface subcommand is used, the port will not swtich to dynamically trunking, but you mention to perform this on trunk ports. will the port still trunk; however, it will manually need to be set with the switchport mode trunk?
    Utini!
    · Share on FacebookShare on Twitter
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    You're best off setting the mode you want on purpose because different switch models have different defaults set. For example, 3550's have switchport mode dynamic desirable set by default for all the fast ethernet ports. This could result in a trunk forming where you didn't want one. This is why when I'm configuring a new switch, one of the very first things I do (using the range commands) is A) issue shutdown for all ports B) set all ports as switchport mode access

    That way for anything else, I'll have to explicitly allow it
    · Share on FacebookShare on Twitter
Sign In or Register to comment.