Vlan trunk vs. vlan mode access

rc.castillo · ‎04-07-2009

Hi,

I have this config in my network,

switchport trunk encapsulation dot1q

switchport trunk native vlan 16

switchport mode trunk

switchport voice vlan 201

is it the same as configuring

switchport voice vlan 201

switchport mode access

switchport access vlan 16

What is the difference of this command if this is configured on a port wherein a computer is connected

tim1csolutions · ‎04-07-2009

It's not the same.

In your second configuration you defined the port as an access port that is a member of VLAN 16. If you have other ports that are in this VLAN they all are essentially in the same broadcast domain - they can communicate with each other via layer 2. You would most likely be connecting a computer to this type of port.

In the first configuration the port is configured to be a trunk port with dot1q encapsulation. This port would be connected to another switch and frames would be tagged on egress. An example would be if switch 1 has ports in let's say VLAN 10 and 20 and switch 2 has ports in VLAN 10 and 20 you would trunk these VLANS over that port. The switch will tag the frame on egress so the switch on the other end of the trunk knows which VLAN the frame came from so the frame can be sent to the appropiate port(s) of the particular VLAN. the "switchport trunk native vlan" command tells the switch to send frames from that VLAN untagged.

rc.castillo · ‎04-07-2009

Hi Tim,

Thanks for your answer.

But what i'm asking for is to what is the effect of configuring a port designed for PC with a trunk port. Can we say that it would be a cause of a broadcast storm in my lan if i have it configured on an access port

Thanks

Leo Laohoo · ‎04-07-2009

No. Configuring a trunk port-facing PC will not cause a broadcast storm.

If the port is connected to a PC, it is appropriate to configure the said port as an access port instead of a trunk port.

The only time I've configured a PC's port as a Trunk port is when I want to specify what VLAN is allowed to talk to the PC: Developers, Production, Funky, etc.

tim1csolutions · ‎04-07-2009

I'm not sure I understand. Do you mean if you connect a PC to a trunk port?

rc.castillo · ‎04-07-2009

HI Tim,

Yes i want to connect a PC to a trunk and specify it with a native vlan

tim1csolutions · ‎04-07-2009

What would be the purpose of connecting a pc to a trunk port with a native vlan. Why not just connect it to an access port? The PC won't recognize tagged frames and it will drop them and you will just have excess broadcast traffic being sent out that port

rc.castillo · ‎04-07-2009

Hi Tim,

So you mean that setting a port to trunk port can cause broadcast storm if you would put those pc to trunk ports

Thanks

tim1csolutions · ‎04-07-2009

yes if it is a large network and you were to configure multiple trunk ports and then connect a PC to each trunk port.

rc.castillo · ‎04-07-2009

Hi Tim,

Thanks for the answer.

I'll try your suggestion, hope this will resolve our issue with regards to broadcast storm. One more thing, does broadcast storm contribute to the cpu usage of my core switch

tim1csolutions · ‎04-07-2009

Yes. It can contribute to cpu usage. Common practice is to just connect the pc to an access port. If you are having issues with broadcast storms you can use the port level storm-control command.

rc.castillo · ‎04-07-2009

Ok then. So what is the typical threshold you would set if you would apply the storm control on a per port basis. Would you only configure it on a trunk port or on the access port

Thanks

glen.grant · ‎04-08-2009

Servers and vmware installs are trunked all the time to a switch, not unusual anymore.

tim1csolutions · ‎04-08-2009

Yes but not a pc/workstation just connecting to a trunk port for basic access.