08-27-2014 05:55 AM - edited 03-07-2019 08:32 PM
We have following config on one of corporate switch.
Is it Ok to configure access and trunk on same switch port?
Below is the config.
interface GigabitEthernet0/3
switchport access vlan 166
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 16,58,59,160-163,166,204
switchport mode trunk
speed 1000
spanning-tree portfast
end
08-27-2014 06:13 AM
The configured port is a trunk. And it's a valid config. The command "switchport access vlan 166" doesn't mean that the port is trunk and access at the same time. Only when you switch from "mode trunk" to "mode access", the command will get active and the port will be in VLAN 166.
08-27-2014 06:15 AM
Hello
Your current configuration could potentially cause a loop in the network - basically having a trunk for all those vlans and with stp portfast enabled is not a very good idea?
08-27-2014 06:50 AM
Trunks can be used for host connections too.
03-22-2016 01:29 PM
Trunks can be used for host connections too, but it isn't advisable to run the portfast command on a trunking port; specifically when that port trunks with another switch. It skips the listening and learning stages of STP in order to get the port forwarding traffic more quickly but in doing so has the potential to create loops.
10-15-2020 06:19 AM
Portfast behavior on a port in trunking mode requires the spanning-tree portfast trunk configuration statement. And there is nothing wrong with enabling portfast on a trunk port. Unless the device that the port is connected to is bridging the VLANs then there is no danger of a loop. I enable spanning-tree portfast trunk on all trunks that are not connected to a switch. So end-hosts, routers, firewalls, access points.... any device that is not bridging the VLAN can benefit from portfast mode.
08-27-2014 07:48 AM
HI Paul,
Thanks for information.
Is it advisable to remove below commands from configuration to resolve slowness issue?
no switchport access vlan 166
no spanning-tree portfast
Thanks
Ashok
08-27-2014 08:12 AM
It's unlikely that these commands have anything to do with a slow connection.
06-26-2019 06:54 AM
Agree - nothing to do with slow connections - check sh interface - sh int gi1/0/1 for interface errors or CRCs or framing errors if there are perceived problems.
02-05-2016 05:43 AM
I agree remove the port fast
08-27-2014 06:18 AM
Hi,
switchport can be either trunk or access port, as per you configuration you have both the command on the interface so dont get confused it is a trunk port if trunk command is there.
And why you are seeing both commands because if you have configured a port as access port and then add trunk command or vice versa it will not remove the other command. you need to manually remove the command with no keyword.
Thanks & Regards
Sandeep
08-27-2014 06:38 AM
Hi,
As the others mentioned the port is working in trunk mode, the only thing is that as pointed out using port fast on a trunk link is not recommended since it can cause a loop condition.
Regards,
08-27-2014 07:10 AM
For the danger of creating a loop with that config:
The port will still go through the full spanning-tree listening and learning states. Although "spanning-tree portfast" is configured on the port, it's not active in trunk-mode. To have portfast active the command "spanning-tree portfast trunk" is needed.
10-03-2016 09:00 AM
Agreed, leaving 'spanning-tree portfast' is not creating a potential issue of creating a loop when the switchport is configured in trunking mode as the switch will not enable portfast on the switch until it is in non-trunking mode. Example:
%Portfast has been configured on GigabitEthernet2/0/1 but will only
have effect when the interface is in a non-trunking mode.
08-27-2014 07:24 AM
Hi Abasapure,
What are you trying to achieve configuring the access port and trunk on the same port? Any specific reason you are thinking of.
Secondly:
The port is trunk , as you see the "switchport mode" command. All the commands related to trunk will be taken into consideration, but also the default configuration of a trunk port : 802.1q protocol, native vlan 1 and vlans allowed on this trunk 1,16,58,59,160-163,166,204. The access vlan will be used only in case of switching from trunk to access.
So you can delete the " switchport access vlan 166" from this interface.
Also you might be aware that cisco recommends not to use Portfast on the trunk interfaces.There are other few STP features which are designed to be used on trunk ports.
HTH
regards
Inayath
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide