cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1443
Views
0
Helpful
10
Replies

Access port and trunk port in switch

nitinquiet
Level 1
Level 1

Hi,

 

I have below two topologies for Access port and trunk port

Let me know your thought whether it will work or not

 

As per my view it should not work.

PC1(access)vlan10-------vlan10 SW1(access)-------(access)vlan20 SW2----------(access)vlan 20 PC2


PC1(access)vlan10-------vlan10 SW1(trunk)-------(trunk)vlan20 SW2----------(access)vlan 20 PC2

1 Accepted Solution

Accepted Solutions

Assuming at either end of the trunk link, both switchports are configured with:

 

 

!
switchport mode trunk
switchport trunk allowed vlan all
!

...the tagged frames will transit the link fine, however the two PCs will remain in separate VLANs so will be unable to communicate. You need a Layer3 interface to make this topology work.

 

If your switches are configured like:

! SW1
!
switchport mode trunk
switchport trunk vlan 10
!

!SW2
!
switchport mode trunk
switchport trunk vlan 20
!

...broadcast frames will transit the link however they will be silently dropped by the receiving switch as they are received on a switchport which has not been configured to receive that VLAN ID.

 

cheers,

Seb.

 

View solution in original post

10 Replies 10

Leo Laohoo
Hall of Fame
Hall of Fame
None of them will work.

Seb Rupik
VIP Alumni
VIP Alumni

Hi there,

If I am reading you diagram correctly in scenario 1, the link between the switches, SW1 interface is mode access on VLAN 10 connected to SW2 on a switchport with mode access on VLAN20. If so, the frame would travel across the link untagged and when it reaches the other switch would then be tagged with the 'other' VLAN ID. 

So in effect PC1 and PC2 are in the same broadcast domain. They would only be able to communicate if they were in the same IP subnet.

 

With the second scenario PC1 and PC2 would remain in separate broadcast domains.

 

cheers,

Seb.

So do you mean when packet from PC1 is received on SW, packet will be tagged with vlan10 and while egressing out on switch port2 it will be untagged?

Yes if it is leaving via a mode access port, then there will be no VLAN ID on the frame, therefore SW2 can receive it on its own access port and it will end up in VLAN20.

Seb,
Won't work. Left side are all VLAN 10 and right side are all VLAN 20.
Won't work without a Layer 3 somewhere.

An access to access connection will strip out all VLAN information from the frames in transit.
I've used this kludge several times on production networks when receiving a connection from a third party and I need to put it in a different VLAN with a different ID to fit the local allocation.

Try it :)

As Seb notes, V10 access<>access V20, will work. However, if CDP is enabled, it will complain about the access ports being in two different VLANs.

As to the second case, V10 trunk<>trunk V20, Seb is correct, i.e. the VLANs will be kept separate, unless you set V10 and V20 to be the native VLAN on the trunks. Then the two VLANs will intermingle again. CDP, I recall, complains about this, i.e. the mismatched native VLANs, too.

BTW, something similar to this question came up before, and Rick didn't believe it would work. So, I posted results from two switches to show it does (or as Seb says, "try it").

Can you please provide your opinion on case2 when there is trunk?

Assuming at either end of the trunk link, both switchports are configured with:

 

 

!
switchport mode trunk
switchport trunk allowed vlan all
!

...the tagged frames will transit the link fine, however the two PCs will remain in separate VLANs so will be unable to communicate. You need a Layer3 interface to make this topology work.

 

If your switches are configured like:

! SW1
!
switchport mode trunk
switchport trunk vlan 10
!

!SW2
!
switchport mode trunk
switchport trunk vlan 20
!

...broadcast frames will transit the link however they will be silently dropped by the receiving switch as they are received on a switchport which has not been configured to receive that VLAN ID.

 

cheers,

Seb.

 

Thank you all for bearing my questions. It was very informative.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco