Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2140
Views
35
Helpful
14
Replies

Trunking configurations during upgrade

Go to solution
Ken S
Level 1
Level 1

‎10-21-2021 12:11 PM - edited ‎10-21-2021 12:29 PM

Hello,

What VLANs should be passed if the following configurations are on a 3750 to 2960x?

 

3750 (version 12.2(25)SEB4)

interface GigabitEthernet1/0/10
switchport trunk encapsulation dot1q
switchport mode trunk

 

2960x (version 15.2(7)E4)

interface GigabitEthernet1/0/49
switchport trunk allowed vlan 1,45,46,70,90,91,95,96,120,150,151
switchport mode trunk

 

on a 3850 to 2960x

 

3850 (version 16.12.05b)

interface GigabitEthernet1/0/10
switchport mode trunk

 

I did have switchport trunk encapsulation dot1q on the 3850, but that is not allowed on it.

 

2960x (version 15.2(7)E4)

interface GigabitEthernet1/0/49
switchport trunk allowed vlan 1,45,46,70,90,91,95,96,120,150,151
switchport mode trunk

 

I appreciate any assistance.  

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mlund
Level 7
Level 7

‎10-22-2021 02:10 AM

Hi

I agree with Reza and Balaji, it is best to have same config on both side.

But as an answer to your question, the vlans 1,45,46,70,90,91,95,96,120,150,151 is the ones that will be function in this configuration.

If there are vlan on 3850 side that is not allowed on 2960 side, they will be sent over the trunk to 2960, but 2960 will drop them because they are not in the allowed list.

/Mikael

View solution in original post

14 Replies 14

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎10-21-2021 03:09 PM

Hi,

On the 3750, match the config that is already on the 2960X as follows:

 

interface GigabitEthernet1/0/10
switchport trunk encapsulation dot1q
switchport mode trunk

switchport trunk allowed vlan 1,45,46,70,90,91,95,96,120,150,151

 

HTH

 

Go to solution
Ken S
Level 1
Level 1
In response to Reza Sharifi

‎10-22-2021 06:36 AM

Thank you @Reza Sharifi.  I did want to make the question more complex.  If the configuration stands as is, only the VLANs listed would be allowed correct?

 

It both sides had switchport trunk encapsulation dot1q, then all VLANs would be allowed through?  

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to Ken S

‎10-22-2021 06:42 AM

Hi Ken,

only the VLANs listed would be allowed correct?

Yes, and that is best practice. You only want to allow what is needed and no more.

 

It both sides had switchport trunk encapsulation dot1q, then all VLANs would be allowed through?  

That is correct. 

HTH

Go to solution
Ken S
Level 1
Level 1
In response to Reza Sharifi

‎10-22-2021 06:48 AM

Except when I cutover the 3750 to 3850, it didn't seem the listed VLANs were being sent over.  The phones and APs on the 2960X didn't come back up.  

 

Thank you for the clarification on the switchport trunk encapsulation dot1q. 

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to Ken S

‎10-22-2021 06:55 AM

Ken,

 

Except when I cutover the 3750 to 3850, it didn't seem the listed VLANs were being sent over.  The phones and APs on the 2960X didn't come back up.  

If you don't see the vlans sent over, check to make sure you actually have created all the vlans. Do a "sh vlan" and you should see what vlans you have created and what ports are assigned to each vlan.

HTH

 

Go to solution
Ken S
Level 1
Level 1
In response to Reza Sharifi

‎10-22-2021 07:15 AM

Interesting note, but I do believe the VLANs were created on both switches due to VTP. I actually had this 3850 connected to the network and trunked to my office switch to upgrade it.  Also, I believe I was able to see another switch come up with phones, only when I added switchport trunk allowed vlan #,#,#.  

 

I am sure that matching the allowed VLANs on both sides of the switches will work, but why didn't the original configuration for the 3850 and 2960X work?  Do I need both

 

switchport trunk encapsulation dot1q

switchport mode trunk

 

to send VLANs over the trunk or just 

 

switchport mode trunk?

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to Ken S

‎10-22-2021 07:28 AM

Do I need both

Depends on the IOS. In most older IOS, you had to specify "switchport trunk encapsulation dot1q" because you could use dot1.q or ISL as trunking (ISL is a Cisco proprietary protocol that is not being used anymore). On most newer IOS versions, dot1.q is the default, and the only trunking protocol and therefore you don't need to specify it anymore.

As for using VTP, I personally do not recommend it as it can be more harmful than helpful especially when you only have a few vlans to worry about.

 

HTH

 

 

Go to solution
Ken S
Level 1
Level 1
In response to Reza Sharifi

‎10-22-2021 07:37 AM

I am assuming that the IOS-XE has dot1q on my default and I am sure I verified that either on the 3850 I am working with or another one.  So essentially I would say I do have both 

 

switchport trunk encapsulation dot1q

switchport mode trunk

 

but the devices on the 2960X didn't come up. 

 

VTP is another story.  Thank you for the feedback.  

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to Ken S

‎10-22-2021 07:48 AM

but the devices on the 2960X didn't come up

If all the vlans are present and assigned to the correct ports (show vlan) then check VTP, you may want to put VTP in "transparent mode" and see if the issue gets resolved. VTP is a pain.

HTH

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎10-21-2021 10:03 PM

is this 2 setup or 1 setup

 

I see you looking to connect 3750 to 2960 and 3850 to 2960 ?

 

always should match bot the side config.

 

if you like to control the vlan

you should go with both the side :

 

switchport trunk allowed vlan 1,45,46,70,90,91,95,96,120,150,151

 

If you like to allow all vlan then :

both the side: switchport mode trunk (should allow all vlan)

 

On 3850 new IOX XE code so that should be ok. you just configure the required vlan along with trunk should work

 

any issue post any logs.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
Ken S
Level 1
Level 1
In response to balaji.bandi

‎10-22-2021 06:40 AM

Thank you @balaji.bandi. This is an upgrade.  A 3750 is connected to a 2960X, but I want to replace the 3750 with the 3850.  

 

That is what I read about matching both sides.  It is good for many things, keeping good documentation is one of them.

 

When I cut over the 3750 to 3850, the interfaces with just switchport mode trunk didn't bring up the 2960X side.  This is why I am asking this question.  I could not add switchport trunk encapsulation dot1q to the 3850 as I think it might be removed. 

 

I don't have any logs, but if this is a bug, I would be happy to work with Cisco.  

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Ken S

‎10-22-2021 09:01 AM

I do not believe this is a bug :

 

you can verify this command, some command default in the interface

 

show interface GigabitEthernet1/0/10 capabilites

 

you see example output

 

Model: WS-C3850-48P
Duplex: full
Trunk encap. type: 802.1Q
Dot1x: yes

 

Since you mentioned outage. Now you need to test offline with out cutover

 

 

you can run 3750 and 3850 same time connecting to Cisco 2960 switch, test it  before you do cutover, i do not see any Loops herer, so you should be good for testing standalone.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
mlund
Level 7
Level 7

‎10-22-2021 02:10 AM

Hi

I agree with Reza and Balaji, it is best to have same config on both side.

But as an answer to your question, the vlans 1,45,46,70,90,91,95,96,120,150,151 is the ones that will be function in this configuration.

If there are vlan on 3850 side that is not allowed on 2960 side, they will be sent over the trunk to 2960, but 2960 will drop them because they are not in the allowed list.

/Mikael

Go to solution
Ken S
Level 1
Level 1
In response to mlund

‎10-22-2021 06:44 AM

Thank you @mlund.  As I mentioned in a reply, same configs on both side is what I read. 

 

Since the 3850 has 

 

interface GigabitEthernet1/0/10
switchport mode trunk

 

Those mentioned VLANs should be sent over, but the devices (phones, APs) on the 2960X didn't come up.  

 

 

0 Helpful
Customers Also Viewed These Support Documents