Native VLAN & Trunking Issues

cnap-ccsn · ‎01-26-2005

I have a Win2k Server with an Intel Pro 1000 MT Server Adapter that supports 802.1q. This server is connected to a 2950T on one of the two Gig uplink ports. The switch port is configured with:

switchport mode trunk

spanning-tree portfast

I'm typing this from memory but, that was it as I recall.

There is a router trunked off of the other Gig port with the same config on the switchport and ports 21-24 are in VLAN 1.

Okay. So, am I correct in saying that by default when I made the 2 ports trunks they are using VLAN 1 as they're Native VLAN?

The server has 5 VLAN interfaces if you will created with the Intel utility which, created virtual network interfaces that were configured with their respective IP info.

We could ping from hosts on the other (not VLAN 1) VLAN's to the interfaces on the server (in their subnet) but, not to the interface on the server that's in VLAN 1.

I added two test PC's to ports 22 & 23 (in VLAN 1).

They could ping each other and the router (default gateway) for VLAN 1. They could not ping the server.

HOWEVER,

we changed the Native VLAN on the switch port for that server to VLAN 2 and it worked.

--- switchport mode trunk native VLAN 2 as I recall.

So, my question is why did that work?

BTW,

we were debugging ARP on the switch and could observe that after clearing the ARP cache we could ping the router (the other Gig trunk) and the ARP request was forwarded to the router and the reply recieved. The switch has int VLAn 1 in the management VLAN which was 1. However, when we would ping the address for the server the ARP request wasn't passed.

The error was something like:

" IP ARP: request for 172.26.26.50 has been throttled"

Why did changing the Native VLAN solve this issue?

Thanks in advance,

Joshua

scottmac · ‎01-26-2005

Depending on your IOS version, you may also have to set the trunk mode to 802.1q (older versions default to ISL).

You can verify the mode with (from the enable prompt) "show interface switchport."

You should get a display similar to:

Smack_2950#sh int fa0/1 switchport

Name: Fa0/1

Switchport: Enabled

Administrative Mode: dynamic desirable

Operational Mode: static access

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: native

Negotiation of Trunking: On

Access Mode VLAN: 100 (VLAN0100)

Trunking Native Mode VLAN: 1 (default)

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: false

Unknown unicast blocked: disabled

Unknown multicast blocked: disabled

Appliance trust: none

Smack_2950#

Of course, the specific output will vary depending on your config .... but you get the idea.

Good luck

Scott

cnap-ccsn · ‎01-27-2005

I'll check to make sure but I think the 2950T's will only do 802.1q.

Kevin Dorrell · ‎01-26-2005

It could be that the server insists that if 802.1Q is configured, then all VLANs must be explicitly tagged, even the native vlan.

On some platforms you can force this with vlan dot1q tag native (see below), but not on all of them I think.

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12119ea1/3550cr/cli3.htm#1881269

Kevin Dorrell

Luxembourg

cnap-ccsn · ‎01-27-2005

I think you and I are in the same ballpark on this one.

Some questions though:

1) Why did setting the Native VLAN to "2" work? Don't all ports start in VLAN 1?

2) Going back to the basics for a minute...

When I ping from the router which is on a trunked port who inserts the VLAN ID into the frame the router or the switchport?

3) Why did it fix the issue with the other host in VLAN 1?

Any links to documentation would be greatly appericiated.

Thanks in advance,

Joshua