Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
16318
Views
8
Helpful
19
Replies

Using different native VLANs on different ports of a switch configured as trunks

Go to solution
Nikolaos Milas
Level 1
Level 1

‎04-14-2015 03:31 PM - edited ‎03-07-2019 11:32 PM

Hello,

The short question:

Is it possible to configure two trunk ports on a Catalyst switch  to use different native VLANs ? I expected the answer to be yes, but in practice it did not work. Why?

The long story:

We have a 3825 router with an Ethernet interface (among others) which is linked to a Catalyst switch over a switch port (G0/1) in trunk mode: native vlan for this trunk is the default (1), and it is also used as an administrative VLAN.

Multiple VLANs (encapsulation dot1q) are 'moving' through this trunk; one of them is VLAN 7.

Is it possible to configure another port of the switch (trunk as well) to use VLAN 7 as native, rather than VLAN 1?

To make it more clear, we would want to configure a particular port of this switch, say int Fa0/20, as a trunk and use VLAN 7 as a native VLAN for it; the native VLAN of the trunk connection to the router would be different from the native VLAN of the trunk defined at int Fa0/20.

The goal is to be able to access from the router-connected LANs (i.e. from the subnets thereof) the devices with addresses in the subnet used at VLAN 7 (which are connected through the Fa0/20 port of the switch) for administration purposes, while at the same time be able to convey other VLANs over this trunk.

I tried this configuration, the switch accepted it, but it did not work: I don't have direct access to the devices on VLAN 7 from router LANs (or from the router itself).
 

Currently the port Fa0/20 is configured as an access port on VLAN 7. This allows access of the associated devices, but does not allow us to 'move' other VLANs through the port.

The problem is that the switch administration VLAN (1) is different than the VLAN used for administration of the network devices connected to port Fa0/20 (wireless devices). In short, the switch configuration (which does not work!) for the ports involved is:

interface GigabitEthernet0/1
 description *** Connection to Router ***
 switchport trunk encapsulation dot1q
 switchport mode trunk

interface FastEthernet0/20
 description *** WiFi Bridge ***
 speed 100
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 7
 switchport mode trunk

Can you please provide some guidance for this? Why this configuration does not work?

Please help. Thanks in advance for any advice.

Regards,
Nick

Labels:
0 Helpful
19 Replies 19

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Nikolaos Milas

‎04-29-2015 04:12 PM

Nick

No it shouldn't have been the problem.

What that link is referring to is that for each trunk link between two switches each switch must agree on the native vlan used for that trunk.

It does not mean you cannot use different vlans for trunk links on the same switch, just that they must match at the other end per trunk link.

Hope that makes sense.

Jon

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎04-14-2015 04:10 PM

Nick

You can use a different native vlan on every trunk link if you want although it is usual to use the same native vlan.

But the native vlan does not extend between different trunks on the switch if they are using different native vlans.

When the switch receives untagged frames on a trunk link it knows what vlan these frames are in and so will only send those frames at L2 to other devices in the same vlan.

If I understand what you are trying to do you want frames in one native vlan received on a trunk to be sent on another trunk link as the native vlan but the native vlans are different on each trunk link.

This won't work.

If you want to access the wireless devices then you need to create a L3 subinterface on the router for that the wireless vlan and  then you will be able to access those devices.

Jon

0 Helpful

Go to solution
Nikolaos Milas
Level 1
Level 1
In response to Jon Marshall

‎04-15-2015 12:30 AM

Thank you for your reply.

Quote:

If I understand what you are trying to do you want frames in one native vlan received on a trunk to be sent on another trunk link as the native vlan but the native vlans are different on each trunk link.

Actually, what I want is to be able to receive on the switch tagged frames from the main trunk interface (router connection) and use them untagged on another trunk interface (I am trying that as a different native VLAN on that trunk).

I found this won't work. But maybe it's possible somehow?

Thanks,
Nick

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Nikolaos Milas

‎04-15-2015 04:38 AM

Nick

Actually, what I want is to be able to receive on the switch tagged frames from the main trunk interface (router connection) and use them untagged on another trunk interface (I am trying that as a different native VLAN on that trunk).

So you want a vlan that is tagged from the router to be the native vlan on another trunk link ?

That should be possible because as I say the native vlan is a per trunk concept.

Is the IP subnet associated with this vlan routed on a subinterface on the router ?

Perhaps I am still misunderstanding what exactly you are trying to do and Bilal may have understood it better.

Jon

Go to solution
Bilal Nawaz
VIP Alumni
VIP Alumni
In response to Nikolaos Milas

‎04-15-2015 10:55 PM

Not possible to un-tag multiple vlans on a trunk, unless you specify multiple access ports - one port for every vlan.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card