A trunk is a point-to-point link that sends and receives traffic between switches, or between switches and routers. Trunks carry the traffic of multiple VLANs and can extend VLANs across an entire network. 100Base-T and Gigabit Ethernet trunks use Cisco Inter-Switch Link Protocol (ISL), the default protocol, or industry standard IEEE 802.1q, to carry traffic for multiple VLANs over a single link.
IEEE 802.1q trunks impose these limitations on the trunking strategy for a network:
f the native VLAN on one end of the trunk is different from the native VLAN on the other end, Spanning Tree Protocol (STP) loops might result. Therefore, the native VLAN for an 802.1q trunk must be the same on both ends of the trunk link.
If you disable the STP on the native VLAN of an 802.1q trunk and did not disable STP on every VLAN in the network, you can potentially cause STP loops. It is recommended that you leave STP enabled on the native VLAN of an 802.1q trunk, or disable STP on every VLAN in the network. Make sure your network is loop free before you disable STP.
The best practice is to leave STP on so that it can detect loops that might otherwise cause serious network problems.
After you enter the enablemode, complete these steps for Catalyst 2900XL and 3500XL series switches:
Enter global configuration mode by issuing the configure terminal command.
Enter interface configuration mode, and issue the interface [type] <mod/port> command in order to enter the port to be added to the VLAN.
Issue the switchport mode trunk command in order to configure the port as a VLAN trunk.
Issue the switchport trunk encapsulation[isl|dot1q] command in order to configure the port to support ISL or 802.1q encapsulation. You must configure each end of the link with the same encapsulation type. If you choose 802.1q, you must choose a default VLAN for the trunk link (this step is not required for the 2950/2955 switches).
Issue the switchport trunk native vlan [vlan-id] command in order to configure the VLAN. This VLAN sends and receives untagged traffic on the 802.1q trunk port. Valid IDs are from 1 to 1001.
Issue the end command in order to return to the privileged EXEC mode.
Issue the show interfaces [type] <mod/port> switchport command in order to verify your entries. In the display, check the Operational Mode and the Operational Trunking Encapsulation fields.
Issue the copy running-config startup-config command in order to save the configuration.
By default, a trunk port sends and receives traffic from all VLANs in the VLAN database. All VLANs, 1 to 1005, are allowed on each trunk.
For any port, the default trunking mode is dynamic desirable, which means that the interface becomes a trunk interface if the neighboring interface is set to trunk, desirable, or auto mode.
Note: The steps to configure trunking on the Catalyst 2950 or 3550 series are almost the same. The 2950/2955 series switches do not require step 4, as they only support 802.1q and do not support ISL trunk encapsulation.Cisco Catalyst 3550 Series switches support both ISL and 802.1Q trunks. A recommended migration to the ISL trunking standard while using the Cisco Catalyst 2950 is to place an ISL/dot1Q-capable device between the ISL-supported device and the Cisco Catalyst 2950 Series switch.The following URL outlines some FAQ about the 2950:
Hi everyone - i'm trying to find TCP script to shutdown 150 tunnel interfaces/clear crypto session on the main router and unshut them on a backup router RouterA:Interface Tunnel200shutdowndo clear crypto session remote 220.127.116.11Interface Tunnel300shutd...
I have a problem where multicast packets are sent on ports where they should not.The network contains five switches and no router, the five switches are connected in a circle and using RSTP. Among a lot of other devices there are a few devices conne...
Hi, everyone When I run a simulation of uRPF loose mode on the GNS3, I found that the suppressed verification counter increased.And from the document,https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_urpf/configuration/xe-3s/sec-data-urpf-xe...
Before the upgrade, I was able to SSH into a level 15 user and it would land me directly to # without using enable. After upgrading to from 16.3.8 to 16.9.4, my level 2 account can still SSH in but level 15 user account gets % login invalid. So I try...