Default port states

livenliven Member Posts: 918
I have a lab work book for BCMSN and it states that

dynamic auto

should be the default port state for switches (3560 and 2960)

I have some 3550 and 2950 and they default to dynamic desireable...

Is this a fundamental difference between the two switch types?


Thanks
encrypt the encryption, never mind my brain hurts.

Comments

  • lildeezullildeezul Member Posts: 404
    The default port state is not dynamic auto... it is dynamic desirable.


    think about it, if the defualt port state was dynamic auto, then the switches will not form a trunk, becuase both will be waiting for a DTP packet to be sent
    NHSCA National All-American Wrestler 135lb
  • tierstentiersten Member Posts: 4,505
    Read the documentation for the newer switches. It states that the default is now dynamic auto instead of dynamic desirable.
  • tierstentiersten Member Posts: 4,505
    lildeezul wrote:
    think about it, if the defualt port state was dynamic auto, then the switches will not form a trunk, becuase both will be waiting for a DTP packet to be sent
    Yes. Cisco changed the default and that is what happens now if you just plug two switches together with defaults set.
  • NetwurkNetwurk Member Posts: 1,155 ■■■■■□□□□□
    Dynamic auto makes more sense as a default, since automatically forming trunks could potentially cause VTP and/or STP problems
  • lildeezullildeezul Member Posts: 404
    wow.. news to me... Thanks for the info..

    i guess is does make since, so make it dynamic auto for security reasons, such as rouge switches..

    thanks again for the update.
    NHSCA National All-American Wrestler 135lb
  • mikearamamikearama Member Posts: 749
    I don't get how that's any improvement. So if I have a rogue switch, all I have to do is have my uplink port set to desirable, so it sends DTP packets, and I've got a trunk? Well that's tough to configure. NOT. I wonder who the big-earner at cisco is who thought that's more secure than nonegotiate (or even better... OFF) as a default.
    There are only 10 kinds of people... those who understand binary, and those that don't.

    CCIE Studies: Written passed: Jan 21/12 Lab Prep: Hours reading: 385. Hours labbing: 110

    Taking a time-out to add the CCVP. Capitalizing on a current IPT pilot project.
  • Mrock4Mrock4 Banned Posts: 2,359 ■■■■■■■■□□
    I think it's more of to prevent you from mistakingly hooking up a switch with a lower STP priority causing an election, or from blowing away your VLAN assignments with a switch that has a high revision number. At least with it set to auto, you have to consciously want it to trunk, not just plug it in, and say "oops..network is down". I've seen this, I've done this, you don't want this.


    FYI, I love the movie "you don't mess with the zohan"
  • JavonRJavonR Member Posts: 245
    Mrock4 wrote:
    I think it's more of to prevent you from mistakingly hooking up a switch with a lower STP priority causing an election, or from blowing away your VLAN assignments with a switch that has a high revision number. At least with it set to auto, you have to consciously want it to trunk, not just plug it in, and say "oops..network is down". I've seen this, I've done this, you don't want this.


    FYI, I love the movie "you don't mess with the zohan"

    LOL. Nice.
  • mikearamamikearama Member Posts: 749
    Great movie... especially if you're from Haustralia!
    There are only 10 kinds of people... those who understand binary, and those that don't.

    CCIE Studies: Written passed: Jan 21/12 Lab Prep: Hours reading: 385. Hours labbing: 110

    Taking a time-out to add the CCVP. Capitalizing on a current IPT pilot project.
  • lildeezullildeezul Member Posts: 404
    yeah especially when the part when the zohan was going to take the son to the disco party, and he said... wait i will **** your mother 1 more time and then we will go....


    ahahah thats the greeatest.
    NHSCA National All-American Wrestler 135lb
  • dtlokeedtlokee Member Posts: 2,378 ■■■■□□□□□□
    Not totally sure why Cisco changed it but the 3550 defaults to dynamic desirable and the 3560 defaults to dynamic auto. It could be a security issue but if somone plugs in a rogue switch that switch can still become the spanning tree root for the access vlan on the port it is plugged into, using something like BPDU Guard and Root guard are better choices for preventing rogue switches from becoming the root.
    The only easy day was yesterday!
  • NetwurkNetwurk Member Posts: 1,155 ■■■■■□□□□□
    I think they try to balance letting the switches work right out of the box versus making sure they are secure.

    Otherwise they would just ship them with all ports admin down (shut)
Sign In or Register to comment.