09-17-2014 06:33 AM - edited 03-07-2019 08:47 PM
Hello-
I am looking to clarify a point of confusion for myself regrading connecting an access port to a trunk port. Consider the following switchport config on switch1:
Switch#1
interface GigabitEthernet0/5
switchport
switchport access vlan 6
....and the corresponding config on it's neighbor:
Switch#2
Interface GigabitEthernet10/8
switchport
switchport mode trunk
switchport trunk allowed vlan 1,6,100
My first question is- Is this a valid configuration? Secondly, what would the expected results be? I am curious about what vlans would be allowed to pass through..
Thanks in advance-
Brian
Solved! Go to Solution.
09-17-2014 10:35 AM
Hi,
Sorry i read your question wrongly. I thought you are changing access port to trunk port, but actually you are connecting an access port to a trunk port.
In this setup, vlan6 of SW1 will be connected to vlan 1 of SW2.
Reason : When SW1 will forward traffic of vlan 6 on access port, it will be untagged traffic and SW2 will consider this traffic coming on native vlan which is bydefault vlan1. similarly reverse way. Now SW2 can forward traffic for vlan 1,6, and 100 but for vlan 6 and 100 traffic will be tagged and sw1 will not accept. But for vlan1 , sw2 will pass untagged traffic even on trunk port since this is native vlan for trunk port and sw1 will forward it further on vlan 6.
Regards,
Akash
09-17-2014 09:47 PM
Hi Brian,
Any port by default will be in dynamic desirable mode or dynamic auto based on the different hardware models.
In any case it would try to become a trunk if the other end desires to become a trunk.
In your case you have not specified that your port will be access. You have just mentioned that the access vlan for your port will be vlan 6.
To make the port an access port you need to give the command “switch port mode access”
So two things here:
1. Switchport mode access---- makes the switcport to behave like an access port.
2. Switchport access vlan 6---- makes the switch port part of vlan 6
The first command is very important. The second command is not required. Even if there is no command it will default to default vlan 1.
Example;
Sw1----F0/1-----F0/1---SW2
!
interface FastEthernet0/1
!
Switch#sh int trunk
>.No output as the ports doesnt have any config.
Switch#
2)
Sw1----F0/1-----F0/1---SW2
I will configure the trunk port only on Sw1 ports.
SW1:
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
SW2:
!
interface FastEthernet0/1>>>> no config on this port.
!
Result:
========
Switch1 & 2
#sh int tr
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1-1005
Port Vlans allowed and active in management domain
Fa0/1 1
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1
HTH
Inayath
09-17-2014 07:04 AM
Hi Brian,
Yes this is correct configuration and vlan 1,6 and 100 would be pass through. Are you seeing different result?
Regrds,
Akash
09-17-2014 09:12 AM
thank you for the feedback Akash, I have not labbed this up, was just curious on the concept more than anything.
09-17-2014 10:35 AM
Hi,
Sorry i read your question wrongly. I thought you are changing access port to trunk port, but actually you are connecting an access port to a trunk port.
In this setup, vlan6 of SW1 will be connected to vlan 1 of SW2.
Reason : When SW1 will forward traffic of vlan 6 on access port, it will be untagged traffic and SW2 will consider this traffic coming on native vlan which is bydefault vlan1. similarly reverse way. Now SW2 can forward traffic for vlan 1,6, and 100 but for vlan 6 and 100 traffic will be tagged and sw1 will not accept. But for vlan1 , sw2 will pass untagged traffic even on trunk port since this is native vlan for trunk port and sw1 will forward it further on vlan 6.
Regards,
Akash
09-17-2014 02:36 PM
Thank you Akash for the explanation, that answered my questions.
Brian
09-17-2014 07:20 AM
This would work fine but not recommended.
Also the traffic between the switches would be only Native Vlan and vlan 6 will pass through.
SW1-----F0/1----------f0/1----SW2
SW1#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 auto n-802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1-1005
Port Vlans allowed and active in management domain
Fa0/1 1,6
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,6
SW1#
SW2
SW2#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1,6,100
Port Vlans allowed and active in management domain
Fa0/1 1,6,100
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,6,100
SW2#
2) Part of this config is that any vlans which are been configured under the SW1 would be allowed through that access port.
ex:
SW1#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 auto n-802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1-1005
Port Vlans allowed and active in management domain
Fa0/1 1,6,10,20,30,40,50,60,70,80,90,100
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,6,10,20,30,40,50,60,70,80,90,100 ...>>>>>>>>>>all vlans are allowed here.
b)
Were as on Switch 2 if you create all these vlans and u dont allow that to go through the trunk interface which you have configured those vlans would nt be flowing through.
eg;
SW2#sh int tr
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1,6,100
Port Vlans allowed and active in management domain
Fa0/1 1,6,100
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,6,100>>>>>>>>>>>>>>>.Only 3 vlans would be flowing through due to explicit defined. but if you defined allowed all then all vlans would be shown here.
i created all the vlans above on sw2 but you can see only 3 vlans are allowd as you have explicitly defined it.
Hope this clarifies your query.
Regards
Inayath
*************Plz dont forget to rate posts***********
09-17-2014 09:11 AM
Inayath-
Thank you for labbing this up and providing results. One question I have before rating the post is how is it that you are seeing fa0/1 on Switch#1 with the "show int trunk" command, when it is configured as an access port? or is it? In my example, the switch#1 port is an access port.
Thanks-
Brian
09-17-2014 09:47 PM
Hi Brian,
Any port by default will be in dynamic desirable mode or dynamic auto based on the different hardware models.
In any case it would try to become a trunk if the other end desires to become a trunk.
In your case you have not specified that your port will be access. You have just mentioned that the access vlan for your port will be vlan 6.
To make the port an access port you need to give the command “switch port mode access”
So two things here:
1. Switchport mode access---- makes the switcport to behave like an access port.
2. Switchport access vlan 6---- makes the switch port part of vlan 6
The first command is very important. The second command is not required. Even if there is no command it will default to default vlan 1.
Example;
Sw1----F0/1-----F0/1---SW2
!
interface FastEthernet0/1
!
Switch#sh int trunk
>.No output as the ports doesnt have any config.
Switch#
2)
Sw1----F0/1-----F0/1---SW2
I will configure the trunk port only on Sw1 ports.
SW1:
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
SW2:
!
interface FastEthernet0/1>>>> no config on this port.
!
Result:
========
Switch1 & 2
#sh int tr
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1-1005
Port Vlans allowed and active in management domain
Fa0/1 1
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1
HTH
Inayath
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide