damn you vlan 1

scenario you have a switch facing a firewall port and you’re seeing some spurious DHCPv6 hits against the native VLAN despite having no switchport native vlan being set on the trunk interface facing the firewall. a quick look at the link local addresses points at the switches themselves in the network. then you remember that you have cisco switches and that you need to check the most holy VLAN 1. mercifully, the following fixes this broke ass behavior....

July 6, 2021 · steve ulrich