Only allow VLAN 1 traffic

  • 10 August 2017
  • 1 reply

Userlevel 1

I am config the interface now with following setup.

auto swp34
iface swp34
mstpctl-portadminedge yes
alias none
mstpctl-portnetwork no
mstpctl-bpduguard yes


I havn't plug the host there now as I see there it allow multi VLANs can to across this port. While using netshow interface to get following output

DN swp34 (none) 0M 1500 Trunk/L2 Untagged VLAN: 1
VLANS: 10 20-21 30-31 50 100 200 300 350 400

How can I limit only untagged vlan 1 traffic going thru this interface.

Please advise.


1 reply

Userlevel 2

This can be achieved by configuring the port as an access port. In this case, the configuration command for NCLU would be:
net add interface swp34 bridge access 1

Alternatively, the following line can be manually added to the interface stanza in /etc/network/interfaces:
auto swp34  iface swp34   bridge-access 1

Please reference the following docs related to untagged/access ports: