Only allow VLAN 1 traffic


Userlevel 1
Hello,

I am config the interface now with following setup.

---
auto swp34
iface swp34
mstpctl-portadminedge yes
alias none
mstpctl-portnetwork no
mstpctl-bpduguard yes

----

I havn't plug the host there now as I see there it allow multi VLANs can to across this port. While using netshow interface to get following output

-----
DN swp34 (none) 0M 1500 Trunk/L2 Untagged VLAN: 1
VLANS: 10 20-21 30-31 50 100 200 300 350 400
----

How can I limit only untagged vlan 1 traffic going thru this interface.

Please advise.

Thanks!

1 reply

Userlevel 1
Hi,

This can be achieved by configuring the port as an access port. In this case, the configuration command for NCLU would be:
net add interface swp34 bridge access 1

Alternatively, the following line can be manually added to the interface stanza in /etc/network/interfaces:
auto swp34  iface swp34   bridge-access 1

Please reference the following docs related to untagged/access ports:
https://docs.cumulusnetworks.com/display/DOCS/VLAN-aware+Bridge+Mode+for+Large-scale+Layer+2+Environ...

Reply