**Remove VLAN the clean way, or remove all ports of a VLAN** Remove VLAN the clean way, or remove all ports of a VLAN I've juts realized the following on our 5900 switches. If I create a VLAN and add some ports to that vlan I can list all ports with display vlan 111 so it show's me something like display vlan 111 VLAN ID: 111 VLAN type: Static Route interface: Not configured Description: VLAN 0111 Name: VLAN 0111 Tagged ports: Ten-GigabitEthernet1/0/1 Ten-GigabitEthernet1/0/2 Ten-GigabitEthernet1/0/3 Ten-GigabitEthernet1/0/4 Ten-GigabitEthernet1/0/5 Ten-GigabitEthernet1/0/6 Ten-GigabitEthernet2/0/1 If this VLAN comes obsolete and isn't anymore needed **undo vlan 111** (or via the gui delete - actually I first did the delete via the gui). The result will be display vlan 11 | This VLAN does not exist. But! VLAN stays permited on all the interfaces.. and if I recreate the vlan for a new purpose later the Interface is assigned to the VLAN again automatically. I think because the permit stays on the interface after deletion # interface Ten-GigabitEthernet1/0/3 port link-mode bridge description *** to XYZ*** port link-type trunk port trunk permit vlan 1 11 to 12 19 21 to 22 29 31 to 32 39 101 to 103 105 107 to 112 port trunk permit vlan 140 170 197 to 199 201 to 202 204 to 206 299 301 to 309 311 313 to 319 338 port trunk permit vlan 340 to 345 347 349 355 360 362 370 to 374 399 to 408 440 to 443 452 port trunk permit vlan 460 to 461 463 470 to 473 490 to 491 493 499 501 to 502 599 602 605 to 607 port trunk permit vlan 611 621 to 631 681 to 683 699 901 903 905 907 to 908 912 to 913 940 to 941 port trunk permit vlan 960 970 to 971 981 990 1001 to 1003 1005 to 1009 1011 1013 1015 to 1016 1018 to 1029 port trunk permit vlan 1031 to 1032 1034 1036 to 1037 1039 to 1046 1100 1200 to 1201 1203 1301 to 1302 1304 1306 port trunk permit vlan 1310 to 1311 1313 to 1314 1400 1410 to 1411 1413 to 1414 1900 to 1902 # return is there a way that if I delete a VLAN to also delete the permit? **Tags:** **port** **confVLAN** that's the way it works..! When you do a "display interface Te1/0/3, for instance, you'll notice, below the line with "Port link-type: trunk" there are two lines, one beginning with "VLAN passing:" and the other one beginning with "VLAN permitted:". The difference between "passing" and "permitted" is that "passing" denotes the allowed VLAN Tags which correspond with EXISTING Vlans on the switch, and "permitted" denotes the allowed VLAN Tags which correspond with Vlan NOT existing on the switch. Thus "passing" will not include your vlan 111 and "permitted" will. I guess this mechanism allows VLAN Tags to be pushed across the switch when the switch doesn't know about the VLans. I don't know about a command to delete undefined Vlans from the Trunks, so if nobody else does you'll have to do this using "**undo**".