09-26-2019 11:09 AM - edited 09-26-2019 11:12 AM
Hi, we have a Cisco SG250-26P. This vendor, does not support DTP. But when we were doing some configuration and tests, we noticed that sometimes VLAN ports changed it's states from access to trunk. How it can be possible?
09-26-2019 11:33 AM
Hi,
Cisco SG250-26P is supporting to the DTP and another vendor may also be understanding the DTP protocol or sending DTP packet. Share another device make and model for more information.
09-26-2019 11:43 AM - edited 09-26-2019 11:52 AM
@Deepak Kumar wrote:Hi,
Cisco SG250-26P is supporting to the DTP and another vendor may also be understanding the DTP protocol or sending DTP packet. Share another device make and model for more information.
Another device is Draytek Vigor 3900 configured as access, and on another cisco switch port (also configured as access) - Ubiquiti NanoStation Loco M5
09-26-2019 11:53 AM
Can we disable any DTP on this Cisco switch?
09-26-2019 11:57 PM
Hi,
Yes, We can disable DTP on the Cisco switch as run a command under the trunk port "switchport nonegotion".
As per my understating, If you Puts the interface (access port) into permanent nontrunking mode and negotiates to convert the link into a nontrunk link. The interface becomes a nontrunk interface, regardless of whether the neighboring interface is a trunk interface. Means if access port will receive a DTP then it will convert to the trunk port.
09-27-2019 01:31 AM
Helllo
@Deepak Kumar wrote:
Hi,
Yes, We can disable DTP on the Cisco switch as run a command under the trunk port "switchport nonegotion".
As per my understating, If you Puts the interface (access port) into permanent nontrunking mode and negotiates to convert the link into a nontrunk link. The interface becomes a nontrunk interface, regardless of whether the neighboring interface is a trunk interface. Means if access port will receive a DTP then it will convert to the trunk port.
This isnt correct @Deepak Kumar switchport nonegotiate DOESN'T put a trunk port into a access mode state, it however does disable dtp on a trunkport and turns off negotiation of a trunk
Disabling DTP on a edge port is done by putting the port in a administrative mode of access mode which also truns off negotiation of a trunk
switchport mode access
09-27-2019 04:06 AM - edited 09-27-2019 04:09 AM
Hi @paul driver
I think you didn't get my point or I failed to explain due to English :). I mentioned that he can disable DTP on a trunk port with "switchport nonegotion" command.
My second paragraph was on the comment where someone mentioned that you can put switchport in access mode and it will disable the DTP. It is not correct, it will not send any DTP packet but if access port will receive a DTP then it will change from access port to trunk port.
09-27-2019 05:10 AM
Hello
@Deepak Kumar wrote:
My second paragraph was on the comment where someone mentioned that you can put switchport in access mode and it will disable the DTP. It is not correct, it will not send any DTP packet but if access port will receive a DTP then it will change from access port to trunk port.
Can you elaborate on the above as my understanding this isn't correct statement !
As far as I am aware a port in an administrative mode of access (switchport mode access)- cannot go into a trunk and it will disable DTP.
09-27-2019 02:19 AM
Well the problem is that I can't disable autonegotiation
(config)#int gi2
(config-if)#switchport mode access
(config-if)#switchport nonegotiate
% Wrong number of parameters or invalid range, size or characters entered
09-27-2019 05:12 AM - edited 09-27-2019 05:16 AM
Hello
@pochtaliot wrote:
Well the problem is that I can't disable autonegotiation
(config)#int gi2
(config-if)#switchport mode access
(config-if)#switchport nonegotiate
% Wrong number of parameters or invalid range, size or characters entered
You only need switchport mode access on a edge port to disable dtp
int x/x
switchport mode access
exit
sh int x/x switchport | in Neg
09-26-2019 04:20 PM - edited 09-27-2019 01:34 AM
Hello
DTP is a Cisco propriety as such other vendors may not support it - However DTP is automatically disabled when you put a port access mode or you apply switchport nonegociate - So it seems to suggest your port is neither set to access mode or doesn’t have nonegociate applied.
Also nonegociate further disables dtp on trunk ports so not to advertise the vtp domain name of the switch’s so to enable establishing a trunk between two switches in different vtp domains
So edge ports it is suggested to disable DTP altogether so no port can possibly ever become a trunk by applying the below:
int x/x
description edge port
switchport mode access
Allow trunk port connecting to different vtp domain by disabling DTP
int x/x
description- trunkport
switchport mode trunk
switchport nonegociate
09-27-2019 12:01 PM
Hi pochtaliot,
I have a similar experience with switches of the small business line. The problem was caused by the "Smartport" functionality. I will suggest that you look into it.
09-28-2019 03:46 AM
Hi, josedelpino
That is interesting. I saw this functionality, but didn't analyse it deeply. I'll try to disable it and write you back. Thank you.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide