Solved: What are the conditions for a switch port to declare itself as a trunk port?

Steph1963 · ‎09-10-2011

Hi,

I would like to know if a trunk can be establish when two switches are connected back to back with the following configurations:

Sw1 -------- Sw2

Sw1

int fa0/1

switchport mode dynamic auto

switchport trunk vlan native vlan 10

Sw2

int fa0/1

switchport dynamic desirable.

If there is not other VLAN define on the two switches except VLAN 1, does both switches needs an operational VLAN 1 to be in trunking mode.

In fact, I am trying to understand the criteria that a switch is using to declare itself as a trunk.

Does it needs to have a successfull DTP negotiation?

What about the case of switchport mode trunk with no DTP negotiation, does it only need layer 1 to be up to declare itself as a trunk?

Thanks for your help
Stephane

johnlloyd_13 · ‎09-10-2011

hi stephane,

yes, a trunk will be formed. see show interface switchport command output under "Operational Mode."

Switch1(config)#int f0/1

Switch1(config-if)#switchport mode dynamic auto

Switch1(config-if)#switchport trunk native vlan 10

Switch1#sh int f0/1 switchport

Name: Fa0/1

Switchport: Enabled

Administrative Mode: dynamic auto

Operational Mode: trunk

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: dot1q

Negotiation of Trunking: On

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 10 (VLAN0010)

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: false

Appliance trust: none

Switch1#

%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet0/1 (10), with Switch2 FastEthernet0/1 (1).

------

Switch2(config-if)#switchport mode dynamic desirable

Switch2#sh int f0/1 switchport

Name: Fa0/1

Switchport: Enabled

Administrative Mode: dynamic desirable

Operational Mode: trunk

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: dot1q

Negotiation of Trunking: On

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: false

Appliance trust: none

see DTP switchport mode interaction matrix below and note this table assumes DTP is enabled on both ends.

Dynamic Auto Dynamic Desirable Trunk Access

Dynamic Auto Access Trunk Trunk Access

Dynamic Desirable Trunk Trunk Trunk Access

Trunk Trunk Trunk Trunk Not recommended

Access Access Access Not recommended Access

as you saw in the output, this setup resulted to a native VLAN mismatch. trunk ports configured with different native VLANs generates this error in console and causes traffic to be misdirected and could pose a security risk.

View solution in original post

Reza Sharifi · ‎09-10-2011

Stephane,

You only need to have a trunk port when you carry more then one vlan (not including the native vlan) in a link.

sw1-------sw2

in the above if you only have one vlan (lets assume vlan 20) then you can make the port a switch port

If you are carrying more then one vlan (lets assume 20 and 30) then you need a trunk port.

Native vlan is 1 by default, but can be changed to any other number. If you change it vlan 1 then that vlan needs to be in both switches. In this case the native vlan carries untagged traffic only.

HTH

Reza

johnlloyd_13 · ‎09-10-2011

hi stephane,

yes, a trunk will be formed. see show interface switchport command output under "Operational Mode."

Switch1(config)#int f0/1

Switch1(config-if)#switchport mode dynamic auto

Switch1(config-if)#switchport trunk native vlan 10

Switch1#sh int f0/1 switchport

Name: Fa0/1

Switchport: Enabled

Administrative Mode: dynamic auto

Operational Mode: trunk

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: dot1q

Negotiation of Trunking: On

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 10 (VLAN0010)

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: false

Appliance trust: none

Switch1#

%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet0/1 (10), with Switch2 FastEthernet0/1 (1).

------

Switch2(config-if)#switchport mode dynamic desirable

Switch2#sh int f0/1 switchport

Name: Fa0/1

Switchport: Enabled

Administrative Mode: dynamic desirable

Operational Mode: trunk

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: dot1q

Negotiation of Trunking: On

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: false

Appliance trust: none

see DTP switchport mode interaction matrix below and note this table assumes DTP is enabled on both ends.

Dynamic Auto Dynamic Desirable Trunk Access

Dynamic Auto Access Trunk Trunk Access

Dynamic Desirable Trunk Trunk Trunk Access

Trunk Trunk Trunk Trunk Not recommended

Access Access Access Not recommended Access

as you saw in the output, this setup resulted to a native VLAN mismatch. trunk ports configured with different native VLANs generates this error in console and causes traffic to be misdirected and could pose a security risk.