Native VLAN Mismatch on access ports

lochydejavo · ‎02-02-2024

Let's say you have two switches connected to eachother's g0/0 ports via an ethernet cable. Both switches are preconfigured and you need to create an access port between them in vlan 15. So you go into g0/0 on sw1 and type the following commands:

switchport mode access
switchport access vlan 15

You then do this on sw2's g0/0 interface. The switches then present a message stating that they have mismatched native VLANs on g0/0, one has vlan 1 and one has vlan 15 as native.

My question is, in this scenario, since neither link is a trunk how do you go about setting the native vlan on one of the switches to either 1 or 15? My understanding is that you can perform this action on a specific interface if it's a trunk port via the command switchport trunk native vlan XX, but I've no clue how to change the native vlan beyond that.

Just trying to understand something I ran into in a practice problem sim. Thanks ahead of time.

omegle xender

fniccola · ‎02-03-2024

ciao!

an access port is a port that forward frame without any dot1q tag, so if a port is under vlan x, the frame is identical to a port under vlan y
a trunk port is a port that forward frame related to many vlans, to identifiy them it use a dot1q tag, except for the native vlan,
all frame related to this vlan are forwarded without dot1q tag, so is important choose the same vlan on both side.

in your case the CDP protocol is informing you (via logs) that there is a native vlan mismatch between two ports directly connected.
on access ports you cannot configure a native vlan, this conceps is related only to a trunk ports,
so, if your idea is to connect two access interface, is better to put them under the same vlan,
this is good not only for the log itself that appear continuosly,
but also because this vlan mismatch could create loops or strange behaviors in the network environment.

TKK
FabioN

balaji.bandi · ‎02-03-2024

Native VLAN – Native VLAN allows untagged traffic to be part of one particular VLAN. Native VLAN functionality is used when untagged traffic is received on the trunk connection of the switch.

One side not configured that means Cisco default is VLAN1, So you need to match that to work.

There is good explanation in learning network read below :

https://learningnetwork.cisco.com/s/article/effects-of-mismatched-native-vlans-on-a-trunk-link

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Joseph W. Doherty · ‎02-03-2024

From what you've described, you shouldn't have this issue.

Since you also mentioned "preconfigured" and "sim" either might lead to this issue more so than using real switches starting with a default configuration.

Next step might be to confirm, hardware and configuration are truly configured as required.

Gopinath_Pigili · ‎02-03-2024

Hello lochydejavo,

In situations like this, you may consider to disable cdp for those interfaces.This would be a (somewhat dirty) workaround.

Another solution is to make the Native vlan numbers to match. This requires more work but it would be the best solution.

Referece: https://community.cisco.com/t5/switching/native-vlan-mismatch-error-on-access-port/td-p/1534103

Best regards
******* If This Helps, Please Rate *******

liviu.gheorghe · ‎02-03-2024

Hello @lochydejavo ,

like others have stated, it's best practice and recommended to have both ends of a link between switches configured in the same vlan.

What happens after you configure the figure the port on the first switch in vlan 15 - CDP detects that the other end of the link is configured in another vlan and issues the syslog message:

%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet0/3 (1), with sw2 GigabitEthernet0/0 (15)

After you configure the port on the second switch, the messages about mismatching vlans will stop.

If you issue the command show cdp entry sw2, you will see at the end of the output:

advertisement version: 2
VTP Management Domain: ''
Native VLAN: 15
Duplex: full

The switch is stating that the interface towards the other switch is in NATIVE vlan 15, witch I think must be understood as the vlan used to send ethernet frames without the 802.1Q tag.

Regards, LG
*** Please Rate All Helpful Responses ***

Joseph W. Doherty · ‎02-03-2024

What @liviu.gheorghe describes, is expected behavior, and also what @lochydejavo describes, in OP, was done, but with different results. (Assuming I understood OP correctly.)

What my prior reply was trying to explain, if OP is not getting these results there could be several causes, one of which, I didn't think to mention in context of a "sim" being used, might also include it's just "slow". I.e. after changing 2nd switch, CDP error message is using "stale" information. Do these messages persist for more than a minute?

Ruben Cocheno · ‎02-03-2024

@lochydejavo

You set the vlan in access vlan x on both switches, and CDP will stop. Now if you need to bridge two VLANs due some migration, you can have those ports in different VLANs but you need to disable the STP.

Tag me to follow up.
Please mark it as Helpful and/or Solution Accepted if that is the case. Thanks for making Engineering easy again.
Connect with me for more on Linkedin https://www.linkedin.com/in/rubencocheno/