native vlan

acidsatyracidsatyr Member Posts: 111
in CCIE
Hi,
i was wondering if there would be any issues if switches in network are configured with different native vlans on different trunks?
For example, native vlan between sw1 and sw2 is 3 and between sw2 and 3 is 5. Would there be some chance of vlan hopping this way?


SW1=======SW2=======SW3
· Share on FacebookShare on Twitter

Comments

  • networker050184networker050184 Mod Posts: 11,962 Mod
    No that won't cause any issues. It won't increase your chances of a Valn hoping attack either from what I understand about it.
    An expert is a man who has made all the mistakes which can be made.
    · Share on FacebookShare on Twitter
  • APAAPA Member Posts: 959
    Its a best practice... so no issues as long as the native vlans configured are not user vlans and aren't used on any switchports to pass data therefore minimizing propagation if a malicious user did try to vlan hop :)

    Configure your switchports to access mode for connectivity to end hosts...... if somehow a user ends up part of the native vlan and tried to vlan-hop then at least the propagation of that traffic has been minimized by what I mentioned above.
    CCNA | CCNA:Security | CCNP | CCIP
    JNCIA:JUNOS | JNCIA:EX | JNCIS:ENT | JNCIS:SEC
    JNCIS:SP | JNCIP:SP
    · Share on FacebookShare on Twitter
Sign In or Register to comment.