Showing results for 
Search instead for 
Did you mean: 

Help please


Please help me in building the logic of the scenario. Here is my topology

[3750] >> [2821](subinterface) ---- E1 Link ----(access port)[4948]>>>(subinterface)[7206]

Here is the relevant config.

1. 2821

interface GigabitEthernet0/1.15

description ******

encapsulation dot1Q 15 native

ip address

2. 7206

interface GigabitEthernet0/1.15

description *** ***

encapsulation dot1Q 15

ip address

3. 4948

Created a VLAN - 15 and made a port access port of VLAN 15 pointing towards 2821.

Trunking between 4948 and 7206 is enabled.Native Vlan between 4948 and 7206 is Vlan 13.

interface GigabitEthernet1/32

description *** TO ROUTER 2821 ***

switchport access vlan 15

switchport mode access

Now the things work ok with this configuration.I am confused with this line in the 2821 config . i.e; encapsulation dot1Q 15 native. If I don't use the word native in the end , I cant ping from 2821 to 7206 but still it shows 4948 in its show cdp. As soon as I put native word in the end of this command ping and everthing starts working fine.

One more thing if I plug the E 1(Rj -45) to my laptop (instead of router 2821, just for testing) the laptop can ping to the remote 7206.

Exlpanation required please.




As arun said the trffic flow will be the same.But in my opinion the traffic will not go till 7207 as 4948 is a L3 switch(if you are using it that way).

Here in your senario there is no need of trunking between two routers RTA & B and the switch as they belong to only single VLAN 15 & 16 respectively.The look up is done @ 4948 and trffic will be L3 switched to another port.

The difference between trunking and access port is that access port allows to communicate on only single vlan.Where as trunking allows to communicate on many vlans.So encapsultation will not affect you in this particular scenario.


shri :)

Thanks shrikar..i was waiting to hear from you..You are great..

FYI...i am not usinf 4948 at L3..means no SVI's instead using subinterfaces on 7206.

can u explain a bit or provide me some link how switch and router treats the pakcts they are receving to be forwarded to same or some other vlans. Means how they apply or remove tagging etc etc

PLs ignore my previous something wrong there..

USING encapsulation at RTA and RTB


1.A sends frame towards SW-A without any vlan tag.

2.SW-B send the frame towards RTR-A(which is the default gateway).

3.RTR-a strips the frame,Now RTR-A see's the route toward B.Assuming its in routing table with next hop 7207.It sends frame with tag 16.4948 passes the frame towards 7207,without changing the frame encapsulation.

4.7207 strips the frame ,do routing lookup identifies the outgoing interface and send frame to 4948 with tag 15.4948 passes the towards RTR-B

5.RTR-B strips the frame and do lookup.Identifies it as connected network and send out of interface towards SW-B without any vlan encapsulation.

6.SW-B have mac-table entry for the host B and will forward to B.

If no encapsulating between RTR-A,B and 4948,ie,u have different vlan for link between RTRA/B and 4849 and between 4948 and 7207 as ur 4948 is here acting as L2 switch, i dont think packet will forward towards . I am eager to hear more 4rm experts too on this..

anyway this was a good question..made me to think.. :)

If i am not using vlan between RTR-A,B and 4948, and the RTR port is in acces mode in the 4948, this case i think 4948 will receive a pakcet from 7206 with tag of vlan 15 , will remove the tag before frwarding it to access port, and frwd it to the respective port that is member of VLAN will work properly in this case....I THINK !!

Comments please

What i mentioned in previous post was if there was no vlan (or a different vlan ) between RTR-A/B n 4948 than from 4948 and 7202 ,the routing wont happen.

I think ur question was u have no encapsulation configured on RTR-A/B ,but ur 4948 is configutred for access-port 15 and 16.If so what u said above is right..

Now i was mentioning that the frame will be encapsulated with vlan id during my description.Sorry,here term to be used was "will be tagged"(as the encapsulation is 802.1q)

Also i made a typo at POint2 ,SW-A not SW-B.

Also u didnt mentioned if ur SW-A and SW-B ports towards A and B respectively was configured as access etc,which could add some more point to the description i gave,ie tagging at SW-A with vlan 100 when sending towards RTR-A etc.

I dont think the setup you gave here is best practise ,i hope u have gave this scenario just to understand the working.. :)



My RTR-A and B ports towards A and B are access ports of vlan 100

well , this is the setup i am going to implement.Can u offer me some better design ??

I am not a guy with that much experince to give you suggestion regarding this,but sure would love to share some thought what i have learned from my small experience.

I dont know wht exactly is ur requirements(density of users,ur exsisting setups and other needs etc.).Are just setting up the LAN and also u are going to connect it to outside network??

It would be better if u could provide these details..

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: