2960x: Untagged trunk

db62 · ‎09-24-2018

Hi,

Newbie question:

I have a 2960x with 3 VLANs, 1 (native), 2 & 3.

Port 24 is set up as a trunk so that it can carry traffic from all 3 VLANs. It will be connected to a router, to provide Internet access. We do not need to route anything between VLANs. Very simple setup.

However, at the moment, the router we are using is not a VLAN aware router.

Question: How do you set up an untagged trunk port?

I'm more familiar with the Netgear managed switches, where this is done by simply clicking a button in the GUI.

Thanks in advance.

Deepak Kumar · ‎09-24-2018

Hi,

You can't setup all three VLANs as native or untagged in the Cisco Switch. Only one native VLAN is allowed on trunk port and configuration as below:

interface gig 1/0/24

Switchport mode trunk

Switch trunk native vlan <VLAN ID>

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

paul driver · ‎09-24-2018

Hello

FYI -You don't need to trunk on any port if you desire, Do you have access to the router?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

db62 · ‎09-24-2018

Hi,

Yes, I have access to the router.

How do you get the 2960 to send traffic from all VLANs out to the router if the port is not trunked?

And if the router is not VLAN aware, how do you send untagged traffic?

Thanks.

Dennis Mink · ‎09-24-2018

If your router is not vlan aware and yet you are using 3 vlans you will need to route between vlans. this will need to happen on the switch, and the switch will then have a default gateway to the router. the port between switch and router will then need to be an access port in either vlan 1 2 or 3

Please remember to rate useful posts, by clicking on the stars below.

Deepak Kumar · ‎09-24-2018

Hi,

As your router is not vlan aware then you must configure your switch as L3 mode and add a default route on the switch pointing to the router IP. And Add static routes in your router for all VLANs pointing to the Switch IP address.

Switch configuration may like

IP routing <Enable L3 Routing>

IP route 0.0.0.0 0.0.0.0 <IP address of Router>

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

paul driver · ‎09-24-2018

Hello

@Dennis Mink has now stated what is required..

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

db62 · ‎09-24-2018

But we don't want to route between VLANs; if we do, what is the point of having them?

paul driver · ‎09-24-2018

Hello

@db62 wrote:

But we don't want to route between VLANs; if we do, what is the point of having them?

Vlans are good for cutting down on broadcast traffic as it segregates that traffic to just that particular vlan, For example If you had just one large broadcast domain, Then anytime a broadcast query is initiated it would have to hit every device in that vlan which is very resource intensive and not good for users on that network, so its a good idea to segregate your network.

Also you can define various- differing security policys specific to the users of those vlans, it also good from an administrative perspective.

Now getting back to your query, You can still route from the switch or router and negate vlan to vlan communication, It all depends how you set up you network - This can be implemented in various ways ( vrf's, pvlans, vlan or routed access list,)

I would suggest if applicable to you opt for a straight forward RACL on the switch, this way you have vlan separation and no trunk port as you desired

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul