I am a little bit confused about “switchport trunk allowed vlan” and “switchport trunk allowed vlan add” commands so can anyone help me to better understand what is difference between these two commands.
Foe example, these commands configure Ethernet interface 8 as a trunk port:
Since by default, all VLANs are permitted on a port configured with ‘switchport mode trunk’, what would be result of the following command:
Or I need first to create allowed list using the following command:
With only this command “#switchport mode trunk”, all vlans are allowed in the trunk
if you add “# switchport trunk allowed vlan 100”, only vlan 100 is allowed
after entering the previous command, if you enter “# switchport trunk allowed vlan 200”, vlan 100 will be removed and only vlan 200 will be allowed
you can see that with “show running-config interface ethernet 8”
if you want to add vlan 200 to existing vlan list, that is when you use the “add” part
for example, if you have “# switchport trunk allowed vlan 100” configured, and want to add vlan 200 you can enter either bellow commands:
# switchport trunk allowed vlan add 200
You’re correct, the below commands will obviously make the interface et8 as trunk and all vlans are allowed by default.
switch(config)#interface ethernet 8
However, the “switchport trunk allowed vlan add 100” doesn’t take any effect, if it is configured first.
You will have to configure “switchport trunk allowed vlan 100” first.
Say for example, you decided to allow vlan 200 in addition to vlan 100, then you use the below command.
“switchport trunk allowed vlan add 200”.
Because, if you use “”switchport trunk allowed vlan 200” instead of “”switchport trunk allowed vlan add 200”, you will end up overwriting the allowed vlan list leading to a point where only vlan 200 is allowed in the trunk (no vlan 100).
You could also refer this document for more information : https://www.arista.com/assets/data/pdf/user-manual/um-eos/Chapters/VLANs.pdf
I hope this clarifies your question.
If the trunk interface does not have any other config besides ‘switchport mode trunk’ and you wish create a list to permit only VLAN 100, you should use the ‘switchport trunk allowed vlan 100’ command. Once the list is created, you can add new VLANs to it by using the ‘switchport trunk allowed vlan add [vlan id]. Example:
(config-if-Et1)#switchport trunk allowed vlan 100
Hope this helps.
In addition to Diogo’s answer, by default all VLANs are permit in a trunk port. When you create and add a list, all VLANs get pruned except those you have permitted in your list. So if you configure “#switchport trunk allowed vlan 100”, it will allow only VLAN 100 and prune rest all VLANs in this trunk port. Now if you want to add VLAN 200 in this list you can configure “#switchport trunk allowed vlan add 200”.
Thank you very much Diogo.
Post your Answer
You must be logged in to post an answer.