31 Days Before Your CCNA Exam

Day 23 91Operational private-vlan: noneTrunking VLANs Enabled: ALLPruning VLANs Enabled: 2-1001Capture Mode DisabledCapture VLANs Allowed: ALLProtected: falseAppliance trust: noneS2#For the sample topology shown in Figure 23-1, you would configure the VLANs on S1 and S3 aswell, but only S3 needs VLANs assigned to interfaces.Configuring and Verifying TrunkingFollowing security best practices, we are configuring a different VLAN for the management anddefault VLAN. In a production network, you would want to use a different one for each: one forthe management VLAN and one for the native VLAN. However, for expediency we are usingVLAN 99 for both.To begin, we must first define a new management interface for VLAN 99, as shown in Example 23-7.Example 23-7Defining a New Management InterfaceS1#config tEnter configuration commands, one per line. End with CNTL/Z.S1(config)#interface vlan 99%LINK-5-CHANGED: Interface Vlan99, changed state to upS1(config-if)#ip address 172.17.99.31 255.255.255.0S1(config-if)#end%SYS-5-CONFIG_I: Configured from console by consoleS1#Repeat the configuration on S2 and S3. The IP address is used for testing connectivity to theswitch as well as the IP address the network administrator uses for remote access (Telnet, SSH,SDM, HTTP, etc.).Depending on the switch model and IOS version, DTP may have already established trunkingbetween two switches that are directly connected. For example, the default trunk configuration for2950 switches is dynamic desirable. Therefore, a 2950 will initiate trunk negotiations. For ourpurposes, we will assume the switches are all 2960s. The 2960 default trunk configuration isdynamic auto, in which the interface will not initiate trunk negotiations.In Example 23-8, the first five interfaces on S1 are configured for trunking. Also, notice that thenative VLAN is changed to VLAN 99.