Difference between revisions of "VLAN Pruning Trick"

Let's say you have a trunk port, and your sloppy coworkers never bothered to prune the unnecessary VLANs from the "switchport trunk allowed vlan" statement. It's trunking the entire 1-4094 range, even through they're not all supposed to be there.

You can't just paste in "switchport trunk allowed vlan 10,20,30", because it may flap the VLANs on the port, and they'll be down until spanning-tree finishes its work. You have to go through and prune out all the individual VLANs using the "switchport trunk allowed vlan remove ##" command. If there are a lot of VLANs, it will be time consuming to manually go through and do that for every VLAN or group of VLANs from the list. And a single typo can knock out a bunch of VLANs.

Here's how to make the switch do the work for you.

The list of VLANs that are supposed to be on the port is 10,20,30,40,50,60,70,80,90,100

Find an available port that has no config on it. It doesn't need to be the same switch. On that port, do this:

switchport trunk allowed vlan remove 10,20,30,40,50,60,70,80,90,100

That will give you a list of the VLANs that aren't supposed to be on the real port:

SWITCH#show run int fa0/30
Building configuration...

Current configuration : 227 bytes
!
interface FastEthernet0/30
 switchport trunk allowed vlan 1-9,11-19,21-29,31-39,41-49,51-59,61-69,71-79
 switchport trunk allowed vlan add 81-89,91-99,101-4094
 switchport mode dynamic desirable
 shutdown
 no cdp enable
end

Copy that list to a text editor, remove the word "add" and put in the word "remove".

 switchport trunk allowed vlan remove 1-9,11-19,21-29,31-39,41-49,51-59,61-69,71-79
 switchport trunk allowed vlan remove 81-89,91-99,101-4094

Paste that in to your switch, and you'll be left with a nice clean interface.