Solved: Re: native vlan tagging

Fotiosmark · ‎05-08-2018

Hello,

I was wondering if there is a command to see in a cisco 3650 or an SG550X switch, if the Native Vlan is tagged.

Thanks

Seb Rupik · ‎05-08-2018

I've only a SG300 to go by, but the behavior of trunk ports is slightly different to an IOS device. On IOS switchport mode trunk will tag all VLANs on the switchport unless explicitly defined. On the SG switch the VLANs must be explicitly defined. You can confirm this on the SG with the command sh vlan . You can see that it will be configured with VLAN 1 un-tagged (native) by default.

In your scenario, when the 3560 port is put in trunk mode, the SG will only be receiving tagged frames. Its port is not configured to receive these so will drop all the traffic.

When the 3560 is in mode access it will send VLAN11 frames un-tagged, the SG will accept these un-tagged frames and place them in VLAN 1.

In short, define the VLANs you want tagged on both ends and all will be fine.

cheers,

Seb.

View solution in original post

Seb Rupik · ‎05-08-2018

Hi there,

I think you are misunderstanding what a native VLAN is if you are expecting it to tagged.

On the 3560 the command sh int Gix/x/x switchport will show you the switchport mode, with tagged/ native frame details.

Not sure about the the SG550X.

cheers,

Seb.

Fotiosmark · ‎05-08-2018

I was looking for that command
sh vlan dot1q tag native :)
Basically, I understand what native Vlan is and why some people want it to be tagged.
What I don't understand is the below. I got SG550X switches and there are some issues regarding the communication between Trunk ports. Never experience something like that with the Cisco Switches.
For example I interconnect a Cisco3560 with an SG550x, the port from the cisco is an Access port on Vlan 11

SW-ATH-FL-1-2#sh run int Gig 0/16
Building configuration...

Current configuration : 101 bytes
!
interface GigabitEthernet0/16
switchport access vlan 11
switchport mode access
duplex full
end

and the port from the SG is in Trunk mode.

SG-Edge#sh run int gi1/0/2
interface GigabitEthernet1/0/2
spanning-tree link-type point-to-point
switchport mode trunk
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch
!

Now that doesn't make sense to me, because once I turn the port to Trunk on the cisco side, all communication fails, nothing goes through, not even the layer 3 vlans. Once I turn it to access on Vlan 11, it works, with Native Vlan missmatch.
I though they might have Tagged the native vlan, but thats not the case.

Any ideas? Maybe some incompatibility between the SGs? The same situation I have when I connect 2 SG550 together with the same setup. Once the link between them is Trunk, nothing goes through. Once I put the one side on Vlan Access 11, it works with native vlan mismatch.

Seb Rupik · ‎05-08-2018

I've only a SG300 to go by, but the behavior of trunk ports is slightly different to an IOS device. On IOS switchport mode trunk will tag all VLANs on the switchport unless explicitly defined. On the SG switch the VLANs must be explicitly defined. You can confirm this on the SG with the command sh vlan . You can see that it will be configured with VLAN 1 un-tagged (native) by default.

In your scenario, when the 3560 port is put in trunk mode, the SG will only be receiving tagged frames. Its port is not configured to receive these so will drop all the traffic.

When the 3560 is in mode access it will send VLAN11 frames un-tagged, the SG will accept these un-tagged frames and place them in VLAN 1.

In short, define the VLANs you want tagged on both ends and all will be fine.

cheers,

Seb.

Fotiosmark · ‎05-08-2018

Thank you!
No one (not even cisco from TAC) would explain it so well!!! I will give it a try.
So I m guessing I need to create the Vlans on SG550 (since I had it as layer 2) and then define them on the trunk. Switchport trunk allowed vlan 1 native, Switchport trunk allowed vlan 11 etc.
Then I will need to do the same on the 3560 cisco switch.
Thanks again for the explanation.