Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4710
Views
0
Helpful
5
Replies

Native Vlan1 over Trunk

Go to solution
David Kondicz
Level 1
Level 1

‎01-29-2013 02:03 PM - edited ‎03-07-2019 11:23 AM

Hi all,

if i have this config:

switchport mode trunk

trunk aloved vlan 50

will travel over this trunk untaged packets? For eg the vlan 1 is by default native vlan without tag.

If i have created a bog ring with catalyst 3560x switches with no spanning tree on vlan 1 can be the case of this config a loop ???

I am using upper config on interfaces that are connected the switches  together in ring.

Other interfaces on switch have this config:

int range 0/1-4

switchport mode acc

switchport acc vlan1

int range 0/5-24

switchport mode acc

switchport acc vlan50

I am using vlan1 just for local switching without connection to internet!

Thank you guys for fast answers.

I am asking just becouse i have this king of messages in logs:

%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet1/0/27 (1), with SW3560x_BR8874 GigabitEthernet1/0/19 (50).

GI 1/0/27 and GI 1/0/19 have this config:

switchport mode trunk

trunk aloved vlan 50

BR

Dave

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jan Hrnko
Level 4
Level 4

‎01-29-2013 02:52 PM

Hi David,

I am asking just becouse i have this king of messages in logs:
%CDP-4-NATIVE_VLAN_MISMATCH:  Native VLAN mismatch discovered on GigabitEthernet1/0/27 (1), with  SW3560x_BR8874 GigabitEthernet1/0/19 (50).

the problem is that on port GigabitEthernet1/0/27 you have VLAN 1 configured as native vlan and on port GigabitEthernet1/0/19 the native VLAN is 50. You MUST have both sides of a trunk configured with SAME native VLAN even if you block this VLAN. I believe that it is because of CDP that runs even when no VLANs are allowed on a trunk - it is simply VLAN independent. (STP is not, but if you have blocked vlan 1 so that no traffic will pass through (despite the disabled spanning tree in vlan 1), it should be ok = no switching loops).

So the solution is to either have VLAN1 or VLAN50 as native on both ends of the trunk (po Gi1/027 on one switch and Gi1/0/19 on another).

Best regards,

Jan

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Jan Hrnko
Level 4
Level 4

‎01-29-2013 02:52 PM

Hi David,

I am asking just becouse i have this king of messages in logs:
%CDP-4-NATIVE_VLAN_MISMATCH:  Native VLAN mismatch discovered on GigabitEthernet1/0/27 (1), with  SW3560x_BR8874 GigabitEthernet1/0/19 (50).

the problem is that on port GigabitEthernet1/0/27 you have VLAN 1 configured as native vlan and on port GigabitEthernet1/0/19 the native VLAN is 50. You MUST have both sides of a trunk configured with SAME native VLAN even if you block this VLAN. I believe that it is because of CDP that runs even when no VLANs are allowed on a trunk - it is simply VLAN independent. (STP is not, but if you have blocked vlan 1 so that no traffic will pass through (despite the disabled spanning tree in vlan 1), it should be ok = no switching loops).

So the solution is to either have VLAN1 or VLAN50 as native on both ends of the trunk (po Gi1/027 on one switch and Gi1/0/19 on another).

Best regards,

Jan

0 Helpful

Go to solution
David Kondicz
Level 1
Level 1
In response to Jan Hrnko

‎01-29-2013 03:21 PM

Thank you for fast answer!

I dont know why it hapends, that sometimes i have 5min -300sec outages on this vlan.

I thought that this was the config problem.

Next thing is that i havent set any native vlan on switch. By default native vlan is vlan1, but i added some ports to vlan 50 for internet connection. I just made it with : switchport acces vlan 50, no native vlan 50

BR

dave

0 Helpful

Go to solution
Jan Hrnko
Level 4
Level 4
In response to David Kondicz

‎01-29-2013 03:36 PM

Hi David,

no need to thank me , I am glad if I can help.

Next thing is that i havent set any native vlan on switch. By default  native vlan is vlan1, but i added some ports to vlan 50 for internet  connection. I just made it with : switchport acces vlan 50, no native  vlan 50

Aaah I see, but can you please post the output of following command on SW3560x_BR8874?

show interfaces GigabitEthernet 1/0/19 switchport

Because the cdp error message is quite clear, I'm just curious...maybe someone configured it before? The addition of the other ports doesn't matter really in this case... it should be related to port 1/0/19 only.

I dont know why it hapends, that sometimes i have 5min -300sec outages on this vlan. 
I thought that this was the config problem.

You have outage in vlan1? How often? It sure is strange, 5min sounds like ARP table or MAC table timeout...maybe we can figure it out somehow. Have you noticed anything strange regarding the outage? Have you tried some debug commands or look into MAC address table?

Best regards,

Jan

0 Helpful

Go to solution
David Kondicz
Level 1
Level 1
In response to Jan Hrnko

‎01-29-2013 04:07 PM

Hi Jan,

here is the required info from interface:

Name: Gi1/0/19

Switchport: Enabled

Administrative Mode: trunk

Operational Mode: trunk

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: dot1q

Negotiation of Trunking: On

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk associations: none

Administrative private-vlan trunk mappings: none

Operational private-vlan: none

Trunking VLANs Enabled: 50

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: true

Unknown unicast blocked: disabled

Unknown multicast blocked: disabled

Appliance trust: none

0 Helpful

Go to solution
Jan Hrnko
Level 4
Level 4
In response to David Kondicz

‎01-30-2013 01:59 AM

Hi David,

everything seems to be in order and it is quite strange. I don't know what can cause such CDP messages to be populated...but still thinking about it. I will let you know if something comes to my mind, in the meantime I would like to test this in the lab, would you mind attaching configs in .txt files somewhere here? Maybe then I could find the error causing this messages appearing.

Just one more thing... if you are in a production network ( not lab environment ) I highly suggest you to NOT turn off the STP in any VLAN - just in case. It is not that much of a burden and you will sleep much better knowing there is a protocol which can deal with loops if some occur (even by accident / misconfiguration).

Best regards,

Jan

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card