Solved: Re: Native Vlan mistach issue.

mfaccin · ‎03-07-2025

Running into an issue with our network stack and Vlan Mismatch.

We have in our environment a mix of ubiquiti and cisco switches. With the current configuration it seems that all the routing is mostly working but we are running into an issue where on two of our cisco switches we are getting a Native vlan mismatch issue. We have two stacks of 2960x's plugged into a ubiquiti aggregation switch via 10gb fiber connection, which then plugs into our Cisco core switch (3560) via a fiber connection as well. Another oddity is that on our second edge stack we will periodically lose connection to it via ssh, while the rest of the hosts that are connected to the switch stay up. We've disabled bpdugaurd on the second edge stack as it wasn't allowing a connection the ubiquiti switch without causing a bpdugaurd error, but we're not sure if that's part of the problem.

On the core and one of the edge stack switches we are getting the following errors:

Edge: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on TenGigabitEthernet1/1/4 (3250), with COM4-EDGE03 TenGigabitEthernet1/0/1 (1)

Core: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on TenGigabitEthernet2/ 0/1 (3250), with COM4-EDGE03 TenGigabitEthernet1/0/1 (1). (COM3-EDGE01-2).

These errors do not appear on the second edge stack, they only appear on the first edge stack and core switch.

Configurations for each ports as follows:

Edge stack 1:

interface TenGigabitEthernet2/0/1
description Link to Agg
switchport trunk native vlan 3250
switchport trunk allowed vlan 364,380,388,396,464,480,3104,3250
switchport mode trunk
end

Core:

interface TenGigabitEthernet1/1/4
description Link to Agg
switchport trunk native vlan 3250
switchport trunk allowed vlan 364,380,388,396,464,480,3104,3250
switchport mode trunk
end

Edge stack 2:

interface TenGigabitEthernet1/0/1
description Link to 3rd Floor Agg
switchport trunk native vlan 3250
switchport trunk allowed vlan 364,380,388,396,464,480,3104,3250
spanning-tree bpduguard disable
end

Any help would be appreciated.

mfaccin · ‎03-07-2025

Switched to a different te port and the mismatch issue resolved.

View solution in original post

David Ruess · ‎03-07-2025

Hello,

In this very rare instance, the error message is pretty descriptive of the issue. It looks like you have a trunk interface configured between the switches with different Native VLANs. By default, Cisco uses VLAN 1 as noted in the error. The other switch is using 3250. It appears the Ubiquiti is using VLAN 1 while you have changed your Cisco devices to use 3250.

%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on TenGigabitEthernet1/1/4 (3250), with COM4-EDGE03 TenGigabitEthernet1/0/1 (1)

To fix this you just need to make them the same. I'm not sure what Ubiquiti uses but to fix the Cisco side you can use the configuration below on the Edge device:

TenGigabitEthernet1/1/4

switchport trunk native vlan ### <-- make this the same on both sides. If you only control one side, then just make them match.

Since your edge devices go through the Ubiquiti you need to make sure they match on all P2P interfaces that connect to a switch.

-David

mfaccin · ‎03-07-2025

All trunk interfaces should be on native vlan 3250, i have pasted the show ip int output for each of the ports in my post, and they're all on 3250. The Ubiquiti side is also 3250.

interface TenGigabitEthernet1/1/4
description Link to Agg
switchport trunk native vlan 3250

interface TenGigabitEthernet1/0/1
description Link to 3rd Floor Agg
switchport trunk native vlan 3250

krmp010608 · ‎03-07-2025

You can provide the output of the

show interface trunk command from both devices
show interface TenGigabitEthernet2/0/1 switchport
show interface TenGigabitEthernet1/1/4 switchport
show interface TenGigabitEthernet1/1/1 switchport
show vlan id 3250

mfaccin · ‎03-07-2025

COM3-CORE01#show interface trunk

Port Mode Encapsulation Status Native vlan
Gi1/0/1 on 802.1q trunking 1
Gi1/0/13 on 802.1q trunking 1
Gi1/0/15 on 802.1q trunking 1
Gi1/0/24 on 802.1q trunking 1
Gi1/0/29 on 802.1q trunking 1
Gi1/0/31 on 802.1q trunking 1
Gi1/0/33 on 802.1q trunking 1
Gi1/0/34 on 802.1q trunking 1
Gi1/0/38 on 802.1q trunking 1
Gi1/0/39 on 802.1q trunking 1
Gi1/0/40 on 802.1q trunking 1
Gi1/0/41 on 802.1q trunking 1
Gi1/0/44 on 802.1q trunking 1
Te1/1/4 on 802.1q trunking 3250

Port Vlans allowed on trunk
Gi1/0/1 1,20,3400
Gi1/0/13 1-4094
Gi1/0/15 1-4094
Gi1/0/24 1-4094
Gi1/0/29 1-4094

Port Vlans allowed on trunk
Gi1/0/31 1-4094
Gi1/0/33 1-4094
Gi1/0/34 1-4094
Gi1/0/38 1-4094
Gi1/0/39 1-4094
Gi1/0/40 1-4094
Gi1/0/41 1-4094
Gi1/0/44 1-4094
Te1/1/4 364,380,388,396,464,480,3104,3250

Port Vlans allowed and active in management domain
Gi1/0/1 1,20,3400
Gi1/0/13 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/15 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/24 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/29 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/31 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/33 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402

Port Vlans allowed and active in management domain
Gi1/0/34 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/38 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/39 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/40 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/41 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/44 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Te1/1/4 364,380,388,396,464,480,3104,3250

Port Vlans in spanning tree forwarding state and not pruned
Gi1/0/1 1,20,3400
Gi1/0/13 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/15 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/24 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/29 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402

Port Vlans in spanning tree forwarding state and not pruned
Gi1/0/31 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/33 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/34 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/38 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/39 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/40 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/41 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Gi1/0/44 1,5,10,20,50,80,250,350,352,355-356,364,372,380,388,396,414,464,472,480,488,3104,3112,3250,3400-3402
Te1/1/4 364,380,388,396,464,480,3104,3250

COM3-EDGE01#show interfac trunk

Port Mode Encapsulation Status Native vlan
Te2/0/1 on 802.1q trunking 3250
Gi5/0/2 on 802.1q trunking 3250

Port Vlans allowed on trunk
Te2/0/1 364,380,388,396,464,480,3104,3250
Gi5/0/2 364,380,388,396,464,480,3104,3250

Port Vlans allowed and active in management domain
Te2/0/1 364,380,388,396,464,480,3104,3250
Gi5/0/2 364,380,388,396,464,480,3104,3250

Port Vlans in spanning tree forwarding state and not pruned
Te2/0/1 364,380,388,396,464,480,3104,3250
Gi5/0/2 364,380,388,396,464,480,3104,3250

here is the output of the last edge switch, interestingly the 10gb connection is not listed in the output even though it's trunking.

COM4-EDGE03#show interface trunk

Port Mode Encapsulation Status Native vlan
Gi1/0/5 on 802.1q trunking 3250

Port Vlans allowed on trunk
Gi1/0/5 364,380,388,396,464,480,3104,3250

Port Vlans allowed and active in management domain
Gi1/0/5 364,380,388,396,464,480,3104,3250

Port Vlans in spanning tree forwarding state and not pruned
Gi1/0/5 364,380,388,396,464,480,3104,3250

COM4-EDGE03#show run int te 1/0/1
Building configuration...

Current configuration : 241 bytes
!
interface TenGigabitEthernet1/0/1
description Link to agg
switchport trunk native vlan 3250
switchport trunk allowed vlan 364,380,388,396,464,480,3104,3250
switchport mode trunk
spanning-tree bpduguard disable
end

krmp010608 · ‎03-07-2025

the show interface TenGigabitEthernet1/0/1 switchport command?

Configure terminal

interface TenGigabitEthernet1/0/1
switchport mode trunk

Can you apply it again?

Additionally you can remove the command from the interface

no spanning-tree bpduguard disable

Recommendations for using BPDU Guard

Enable BPDU Guard on ports that should not receive BPDUs from any device.
Use BPDU Guard on ports that are directly accessible by end-user devices, such as laptops and mobile phones.
Use BPDU Guard to prevent an access port from participating in spanning tree.

mfaccin · ‎03-07-2025

Switched to a different te port and the mismatch issue resolved.