02-27-2017 11:12 AM - edited 03-08-2019 09:31 AM
Hello. I have a cisco 9372PX and a 3750-x connected to each other.
I am getting native vlan mismatches in the logs on the 3750-x only and unsure why as i'm in the understanding that both switches can use their own native vlan.
9K Config
interface Ethernet1/9
switchport
switchport mode trunk
switchport trunk native vlan 7
switchport trunk allowed vlan 190
bandwidth 5000000
no shutdown
3K Config
interface GigabitEthernet2/0/45
switchport trunk encapsulation dot1q
switchport trunk native vlan 6
switchport trunk allowed vlan 190
switchport mode trunk
3K Error
Feb 27 13:48:07: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/0/45 (6), with x Ethernet1/9 (7).
Solved! Go to Solution.
02-27-2017 01:47 PM
Hi, you could create the vlan 6 or 7 on both switches and use it as native vlan on both devices. If these vlans are not being used for operations or end users you have green light to proceed.
For example you could create a native vlan for your entire layer 2 infrastructure and assign it for that role only. This vlan should be created the native vlan on all your switches.
Switch 1
vlan 999
name NATIVE-VLAN
interface g1/1/1
description TRUNK-TO-SWITCH2
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 999
no shutdown.
Switch 2
vlan 999
name NATIVE-VLAN
interface g1/1/1
description TRUNK-TO-SWITCH1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 999
no shutdown.
02-27-2017 11:42 AM
Hi
Both switches must use the same native vlan otherwise you will receive that error message and problems with the communication between them.
02-27-2017 11:49 AM
Can I just tag vlan 190 as native then since i'm dedicating that VLAN for this traffic anyway? Would that change this config at all?
02-27-2017 11:59 AM
Hi
A good practice for security purposes is to create a specific vlan for native, and this vlan should not be used for other role.
:-)
02-27-2017 01:33 PM
so since I already have vlan 190 specified for the allowed traffic, vlan 6 specified as the default native for the 9k, vlan 7 specified as the default native for the 3k. I should create a 4th vlan that both switches will use just for the native?
Is it best practice for every trunk to have a new native vlan or is it best practice to create a second native vlan for all trunks?
02-27-2017 01:47 PM
Hi, you could create the vlan 6 or 7 on both switches and use it as native vlan on both devices. If these vlans are not being used for operations or end users you have green light to proceed.
For example you could create a native vlan for your entire layer 2 infrastructure and assign it for that role only. This vlan should be created the native vlan on all your switches.
Switch 1
vlan 999
name NATIVE-VLAN
interface g1/1/1
description TRUNK-TO-SWITCH2
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 999
no shutdown.
Switch 2
vlan 999
name NATIVE-VLAN
interface g1/1/1
description TRUNK-TO-SWITCH1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 999
no shutdown.
02-27-2017 02:04 PM
If the trunk is configured to allow only vlan 190 then the error is pretty much cosmetic. If the trunk did carry traffic for the native vlan then the results would be much more of a problem. If the trunk did carry traffic for the native vlan then the result would be that you are bridging vlan 7 on one side with vlan 6 on the other side. So effectively you would have a single larger vlan instead of two smaller vlans. I have seen a situation where this was done by mistake and the result was a spanning tree failure and a layer 2 loop that impacted the network.
But if the only vlan carried by the trunk is vlan 190 then there is no bridging of the vlans and no spanning tree failure. But it does make me wonder what is the logic of configuring a trunk if it is to carry only a single vlan. Why not just configure the interfaces as access ports in vlan 190?
HTH
Rick
02-28-2017 07:38 AM
Ok. I'll have to tackle that another time since there are additional changes. Thanks for all your help!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide