cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

4070
Views
10
Helpful
4
Replies
Beginner

Two switches connected by access port but with two different vlan at both end

I have two switch connected by access port. And in syslog it is showing native vlan mismatch. Can anyone describe it why we connect two switches by access port with different access vlan in 2 switches. Here is an sample configuration given below:

A#show running-config interface fa0/22
Building configuration...

Current configuration : 200 bytes
!
interface FastEthernet0/22
description "With A"
switchport mode access
storm-control broadcast level 5.00
storm-control multicast level 5.00
storm-control action shutdown
end

A#


====================================================
B#

Current configuration : 231 bytes
!
interface GigabitEthernet4/0/41
description "With A"
switchport access vlan 963
switchport mode access
storm-control broadcast level 5.00
storm-control multicast level 5.00
storm-control action shutdown
end

4 REPLIES 4
Enthusiast

Since the ports are defined

Since the ports are defined as access ports, this will "function" normally, and just send standard untagged Ethernet packets, and will function.

CDP, however, runs on the ports and has determined you have interconnected 2 switches; and the VLAN neighbor information differs (CDP will also report on duplex mismatches and a few other things).   It looks like the first switch listed above has no vlan specified, so presumably it's vlan will be 1 - was that intentional?

While this isn't technically a problem, it can cause some confusion; and wouldn't work at all if you later decide you need VLANs in place and designate these ports as trunk.  This can also be annoying during troubleshooting when the logs are full of VLAN mismatch messages, and your important event has scrolled off. 

Fix is to actually change the vlan numbering on one of the switches to match the other; although this can be tricky to change if remote (you probably lose the connection when you change the port vlan setting; midway through the reconfig ! ).  A workaround is to disable CDP on these ports ("no cdp enable"), so they don't exchange CDP information.

It may work well, but as

It may work well, but as pwwiddicombe said, in case if you make it to trunk it can end up in undesired results. So in future if you are changing this to a trunk to allow multiple vlans over this link, ensure you remove these access vlan commands and configure same native vlan at both ends.

Thanks,

Madhu

Highlighted
Beginner

Hi

Hi

Native Vlan or That Traffic will not be tagged by the Switch

Switch A is having Vlan 1 a Native Vlan and Switch B is having Vlan 2 As Native Vlan.Its obvious that you will see native Vlan Mismatch Because Switch A Is Sending Vlan 1 Without Tagging to switch B and vice Versa..Both starts processing packets and See Two Diffrent Vlan traffic as Native Vlan.

Regards,

Gurudath K S

Hall of Fame Master

The original post asks an

The original post asks an important question which none of the responses so far have addressed. The question was "  Can anyone describe it why we connect two switches by access port with different access vlan in 2 switches". I can suggest a couple of possible answers to this question:

1) It is quite likely that this configuration is the result of an error on switch A. Perhaps the person overlooked the need to assign a vlan, or perhaps the switchport access vlan command was entered but there was a syntax error and the command was not accepted, or perhaps the config was done with cut and paste and there was a buffering issue which caused a command to be dropped.

2) It is possible that the configuration was done as a test to see what would happen.

3) It is possible that someone did this "because I can do it"

Several responses have said that this configuration does work. I think it gets interesting to look at that from the perspective of processing layer 2 and from the perspective of processing layer 3. To begin the consideration of layer 2 processing it might help to refresh out understanding of a vlan. At layer 2 a vlan defines a broadcast domain which means that any device in this broadcast domain will be locally connected to every other device in the broadcast domain (any device can arp for the other device and will receive an arp response and will be able to communicate directly with each other. So with this config the broadcast domain of vlan 963 on switch B is joined to the broadcast domain of vlan 1 on switch A and any device on switch B in vlan 963 will be able to communicate directly with any device on switch A in vlan 1. 

From the perspective of layer 3 this gets a bit problematic. We tend to assume that there is a one to one relationship between vlans and subnets. So the assumption might be that vlan 963 uses subnet 192.168.3.0 and that  vlan 1 uses subnet 192.168.10.0. So from the perspective of layer 2 all these devices are locally connected, but from the perspective of layer 3 the devices would appear to be remote but they could be able to communicate directly with each other without requiring layer 3 routing to be enabled.

HTH

Rick

CreatePlease to create content
Content for Community-Ad