Читать книгу CCNP Enterprise Certification Study Guide: Implementing and Operating Cisco Enterprise Network Core Technologies - Ben Piper, David Higby Clinton - Страница 77

On any 802.1Q trunk, the native VLAN is the VLAN whose traffic isn't tagged. By default, this is VLAN 1. VLAN 1 is a special VLAN that plays a crucial role in many protocols, including Spanning Tree. If you're using an 802.1Q trunk, by default VLAN 1 traffic is sent untagged. You can force a switch to tag native VLAN traffic using the global configuration command vlan dot1q tag native. This is useful to prevent untagged traffic from inadvertently slipping into VLAN 1, as well as to prevent VLAN hopping attacks.

VLAN 1 always exists on all switches, and you can't disable it. But you can prune it from a trunk. If you prune VLAN 1 from a trunk on a switch running (R)PVST+, the switch won't forward any BPDUs for VLAN 1. However, if the switch is running MST, it will continue to forward BPDUs for VLAN 1—untagged—to maintain compatibility with switches that don't support 802.1Q trunks.