We have following config on one of corporate switch.
Is it Ok to configure access and trunk on same switch port?
Below is the config.
switchport access vlan 166
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 16,58,59,160-163,166,204
switchport mode trunk
The configured port is a trunk. And it's a valid config. The command "switchport access vlan 166" doesn't mean that the port is trunk and access at the same time. Only when you switch from "mode trunk" to "mode access", the command will get active and the port will be in VLAN 166.
Your current configuration could potentially cause a loop in the network - basically having a trunk for all those vlans and with stp portfast enabled is not a very good idea?
Trunks can be used for host connections too, but it isn't advisable to run the portfast command on a trunking port; specifically when that port trunks with another switch. It skips the listening and learning stages of STP in order to get the port forwarding traffic more quickly but in doing so has the potential to create loops.
Thanks for information.
Is it advisable to remove below commands from configuration to resolve slowness issue?
no switchport access vlan 166
no spanning-tree portfast
It's unlikely that these commands have anything to do with a slow connection.
Agree - nothing to do with slow connections - check sh interface - sh int gi1/0/1 for interface errors or CRCs or framing errors if there are perceived problems.
switchport can be either trunk or access port, as per you configuration you have both the command on the interface so dont get confused it is a trunk port if trunk command is there.
And why you are seeing both commands because if you have configured a port as access port and then add trunk command or vice versa it will not remove the other command. you need to manually remove the command with no keyword.
Thanks & Regards
As the others mentioned the port is working in trunk mode, the only thing is that as pointed out using port fast on a trunk link is not recommended since it can cause a loop condition.
For the danger of creating a loop with that config:
The port will still go through the full spanning-tree listening and learning states. Although "spanning-tree portfast" is configured on the port, it's not active in trunk-mode. To have portfast active the command "spanning-tree portfast trunk" is needed.
Agreed, leaving 'spanning-tree portfast' is not creating a potential issue of creating a loop when the switchport is configured in trunking mode as the switch will not enable portfast on the switch until it is in non-trunking mode. Example:
%Portfast has been configured on GigabitEthernet2/0/1 but will only
have effect when the interface is in a non-trunking mode.
What are you trying to achieve configuring the access port and trunk on the same port? Any specific reason you are thinking of.
The port is trunk , as you see the "switchport mode" command. All the commands related to trunk will be taken into consideration, but also the default configuration of a trunk port : 802.1q protocol, native vlan 1 and vlans allowed on this trunk 1,16,58,59,160-163,166,204. The access vlan will be used only in case of switching from trunk to access.
So you can delete the " switchport access vlan 166" from this interface.
Also you might be aware that cisco recommends not to use Portfast on the trunk interfaces.There are other few STP features which are designed to be used on trunk ports.
Thanks for detailed information.
Above cnofiguration was pre-configured and it is production. While troubleshooting for slowness issue I obsereved that server is connected to this switch port and we saw above config on the port.