Please select a new password for your account
SUBMIT
CISCO REFERENCE HOME
switchport trunk allowed vlan
Switchport trunk allowed vlan
The switchport trunk allowed vlan command is used to specify the list of VLANs that are allowed on a trunk port. When a Layer 2 interface on a Cisco IOS device is configured to operate in trunk mode, the default setting is for the interface to carry all of the VLANs defined on the switch. The switchport trunk allowed vlan command allows us to specify a subset of the VLANs defined on the switch to be allowed on the interface. This command only takes effect for interfaces that are operating in trunk mode.
The process to configure a Layer 2 interface as a trunk port with a specific list of VLANs allowed on the interface, involves 2 steps:
- Step 1: Configure the interface to operate in trunk mode using the command switchport mode trunk
- Step 2: Assign the list of VLANs that are to be carried on this interface using the switchport trunk allowed vlan command
We can use the context-sensitive help (?) to list the options available for this command, as shown below:
SW1 Console
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface gi0/1
SW1(config-if)#switchport mode trunk
SW1(config-if)#switchport trunk allowed vlan ?
| WORD | VLAN IDs of the allowed VLANs when this port is in trunking mode | |
| add | add VLANs to the current list | |
| all | all VLANs | |
| except | all VLANs except the following | |
| none | no VLANs | |
| remove | remove VLANs from the current list |
SW1(config-if)#switchport trunk allowed vlan
We can add a comma-separated list of VLANs using this command. We can use a '-' character to specify a range of VLANs. For example, to add VLANs 10, 20 and 30 as well as VLANs 55 through to 60, we would enter the command as follows:
switchport trunk allowed vlan 10,20,30,55-60
Let's enter this and run the show run int gi0/1 command:
SW1 Console
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface gi0/1
SW1(config-if)#switchport mode trunk
SW1(config-if)#switchport trunk allowed vlan 10,20,30,55-60
SW1(config-if)#do sh run int gi0/1
Building configuration...
!
interface GigabitEthernet0/1
switchport trunk allowed vlan 10,20,30,55-60
switchport mode trunk
!
end
interface GigabitEthernet0/1
switchport trunk allowed vlan 10,20,30,55-60
switchport mode trunk
!
end
SW1(config-if)#
If we need to add a VLAN to this list, (say VLAN 70) we could simply enter the command as follows:
switchport trunk allowed vlan add 70
SW1 Console
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface gi0/1
SW1(config-if)#switchport mode trunk
SW1(config-if)#switchport trunk allowed vlan 10,20,30,55-60
SW1(config-if)#do sh run int gi0/1
Building configuration...
!
interface GigabitEthernet0/1
switchport trunk allowed vlan 10,20,30,55-60
switchport mode trunk
!
end
interface GigabitEthernet0/1
switchport trunk allowed vlan 10,20,30,55-60
switchport mode trunk
!
end
SW1(config-if)#switchport trunk allowed vlan add 70
SW1(config-if)#do sh run int gi0/1
Building configuration...
!
interface GigabitEthernet0/1
switchport trunk allowed vlan 10,20,30,55-60,70
switchport mode trunk
!
end
interface GigabitEthernet0/1
switchport trunk allowed vlan 10,20,30,55-60,70
switchport mode trunk
!
end
SW1(config-if)#
We can add all VLANs defined on the switch to the interface, by entering the command as follows:
switchport trunk allowed vlan all
However, we must keep in mind that this is the default configuration. After we set the allowed VLANs to "all" the switchport trunk allowed vlan line will not appear in the noral output of the running-config command since the value is set to its default value ("all").
SW1 Console
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface gi0/1
SW1(config-if)#switchport mode trunk
SW1(config-if)#switchport trunk allowed vlan 10,20,30,55-60
SW1(config-if)#do sh run int gi0/1
Building configuration...
!
interface GigabitEthernet0/1
switchport trunk allowed vlan 10,20,30,55-60
switchport mode trunk
!
end
interface GigabitEthernet0/1
switchport trunk allowed vlan 10,20,30,55-60
switchport mode trunk
!
end
SW1(config-if)#switchport trunk allowed vlan add 70
SW1(config-if)#do sh run int gi0/1
Building configuration...
!
interface GigabitEthernet0/1
switchport trunk allowed vlan 10,20,30,55-60,70
switchport mode trunk
!
end
interface GigabitEthernet0/1
switchport trunk allowed vlan 10,20,30,55-60,70
switchport mode trunk
!
end
SW1(config-if)#switchport trunk allowed vlan all
SW1(config-if)#do sh run int gi0/1
Building configuration...
!
interface GigabitEthernet0/1
switchport mode trunk
!
end
interface GigabitEthernet0/1
switchport mode trunk
!
end
SW1(config-if)#
VLANs, trunking, VLAN tagging and inter-vlan routing are covered comprehensively in the following interactive course: Course 5 - VLANs & Trunks. The course features visual, animated explanations and hands-on interactive labs.
Want to test your networking skills with hands-on configuration and troubleshooting questions? Try out the Workshops section of this website here: Workshops (Login required).
Read how to use the device simulators on this website here: Workshops - General Instructions
