Hello Dear experts,
I am new in corporation, I am seeing this config in a trunk inside a core switch catalyst 9300, is it possible to have a port as Access and at the same time with trunk allowed? does this make any sense?
switchport access vlan 90
switchport trunk native vlan 90
switchport trunk allowed vlan 90
switchport mode access
When checking the neighbor in this port it has directly connected another Switch from a different company:
Platform: cisco WS-C3650-48PS, Capabilities: Router Switch IGMP
Interface: TenGigabitEthernet2/0/40, Port ID (outgoing port): GigabitEthernet1/0/20
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 90
Trunking Native Mode VLAN: 90
Administrative Native VLAN tagging: disabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: 90
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Thanks for your help
This is history may be not sure what was the intenetion when some engineer configured or miss-configuraiton.
if this is connected to other switch - i would expect to be Trunk and controlled with allowed VLAN best Option (Looking at future may be some more VLAN required to extend).
Hello @gomezesteban203 ,
the switchport mode access makes all trunk related commands as they were not present.
The port is in access mode as confirmed by the show command.
There may be an historical reason : in the past they tried to use a trunk link and this can have caused some issues so they reverted to access mode. ( Cisco switches use proprietary STP BPDUs on trunk ports standard IEEE BPDUs on access ports)
You can remove all switchport trunk commands with no fear.
Hope to help
Thanks Giusseppe, i appreciate your response, would you know why they would put an access switchport facing another Switch 3650? Is this a good configuration?
If you take about the standards it's recommended to have a trunk link between the switches and from the switch to any end device it should be a access link
But again based on the requirement it will change and when and where they are using
You have static configuration of mode as "access" so your port will be work as "access".
In some cases you can have both statements for trunk (switchport trunk) and (switchport access) on the same port. If trunk connection has not negotiated by DTP the port would be work as "access".