08-15-2019 03:42 PM
hi all,
i have a question in that when i do a "sh run" on my cat 3850 one port its both an access and a trunk but i thought it could either be a trunk or a access port and NOT both (see below)
interface GigabitEthernet1/0/37
switchport access vlan 22
switchport mode trunk
switchport nonegotiate
switchport voice vlan 35
switchport port-security mac-address sticky
trust device cisco-phone
auto qos voip cisco-phone
spanning-tree portfast
service-policy input AutoQos-4.0-CiscoPhone-Input-Policy
service-policy output AutoQos-4.0-Output-Policy
but then when i do a "sh int status" its listed as a trunk
Gi1/0/37 connected trunk a-full a-100 10/100/1000BaseTX
thanks,
rob
Solved! Go to Solution.
08-16-2019 01:52 AM
Hello Robert,
Cisco IOS switches allow switchport commands related to different type of port to co - exist on the same interface.
However, the command that says what commands are considered and implemented is the
switchport mode
In your case the port is configured with switchport mode trunk so all commands related to access mode are ignored.
For sure switchport access vlan 22 is ignored.
As noted by Martin most of the commands are intended for a port that should work as an access port with an IP phone and a PC downstream the phone.
Not only the voice vlan command also the QoS commands refer to this scenario.
You can check with
show cdp neighbor
or
show lldp neighbor
If there is an IP phone connected to the port you may want to revert to switchport mode access.
IF instead there is a switch or a server using multiple Vlans connected to the port you may want to change the QoS configuration.
Note:
The worst misleading configuration I have seen instead of using access port was the following
interface gi0/10
swithport mode trunk
switchport trunk native vlan 22
Instead of using
int gi0/10
switchport mode access
switchport access vlan 22
This was done on many ports with different native Vlans depending on the access switch.
We were trying to make STP stable and we wanted to control what Vlans are permitted to /from each access switch to minimize the number of PVST instances running on each box.
Looking only at show vlan provides you only the access ports.
So we had to add a check also on show run | inc native vlan
Hope to help
Giuseppe
08-15-2019 04:15 PM - edited 08-15-2019 04:22 PM
because of switchport mode trunk command. this is access port (or should be) since u have Voice and data vlans.
try removing mode trunk command with no switchport mode trunk
or change trunk to access with switchport mode access
For more detailed info, use interface GigabitEthernet1/0/37 switchport command. it will show u Admin and Operational modes. Admin is what u configured and Operational is what port is doing now.
Regards, ML
**Please Rate All Helpful Responses **
08-16-2019 12:23 AM
08-16-2019 01:52 AM
Hello Robert,
Cisco IOS switches allow switchport commands related to different type of port to co - exist on the same interface.
However, the command that says what commands are considered and implemented is the
switchport mode
In your case the port is configured with switchport mode trunk so all commands related to access mode are ignored.
For sure switchport access vlan 22 is ignored.
As noted by Martin most of the commands are intended for a port that should work as an access port with an IP phone and a PC downstream the phone.
Not only the voice vlan command also the QoS commands refer to this scenario.
You can check with
show cdp neighbor
or
show lldp neighbor
If there is an IP phone connected to the port you may want to revert to switchport mode access.
IF instead there is a switch or a server using multiple Vlans connected to the port you may want to change the QoS configuration.
Note:
The worst misleading configuration I have seen instead of using access port was the following
interface gi0/10
swithport mode trunk
switchport trunk native vlan 22
Instead of using
int gi0/10
switchport mode access
switchport access vlan 22
This was done on many ports with different native Vlans depending on the access switch.
We were trying to make STP stable and we wanted to control what Vlans are permitted to /from each access switch to minimize the number of PVST instances running on each box.
Looking only at show vlan provides you only the access ports.
So we had to add a check also on show run | inc native vlan
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide