Switchport trunk allowed - Cisco / HP

Hi, I have a simple query and just seeking some clarification....
I have a Cisco 3750X with various vlans configured. One interface has the command: "Switchport Trunk allowed vlan 100, 200". I understand it will ONLY forward packets for vlan 100 & 200 on this interface - certainly the case if connected to another Cisco device.
On the other end of the interface is a HP1810 switch. The ports are configured for vlan 100, 200 and 300. I have looked at the config of the Cisco stack and there is no mention of vlan 300 at all. Is it safe to assume the Cisco switch is not doing any forwarding for vlan 300 to the HP if it is not defined in its config or the allowed command?
Thanks, Harv

yes, you can assume that the Cisco switch is not forwarding anything from itself to towards HP for vlan 300 but the HP will be sending the traffic for VLAN300 on the Tagged ports. 
I think you can remove the Tagged PORTNAME on HP under the VLAN 300 configuration as well. Removing the Tagged PortXX under the vlan 300 configuration on HP where XX is the trunk port connecting to the Cisco will stop HP for forwarding any traffic towards the Cisco as well.
Manish

Similar Messages

  • Switch trunk native and switchport trunk allowed commands

      Hello,
    What will be the result of having these two commands defined on trunk
    Switch(Config-if)# switchport trunk native vlan 500
    Switch(Config-if)# switchport trunk allowed vlan remove 500
    Thanks        

    The first command would send traffic untagged over vlan 500, but the second command removes vlan 500 from the trunk, so I think you would lose traffic for anything using vlan 500....
    HTH,
    John
    *** Please rate all useful posts ***

  • ASA5585-X Switchport Trunk ask security expert

    Hi, I have ASA5585-X version 9.1 and asdm version 7.1
    have alot of diffrent vlans on the asr router. asr router have a subif with vlans. asa 5585 are behind to asr router. want to setting up asa 5585 switch ports trunk mode. is it possible?
    Topology are below.
    ISP -> Cisco ASR with bgp and subif and gateway for the vlans -> ASA5585 all ip addresses security configrations -> Cisco 6500 aggregations switch -> Cisco 2960 cabinets switchs -> Servers

    I can't speak to the ASR router configuration, but you can definitely have trunk ports on the ASA side.  What has worked for me between 3750 switches and assorted generations of ASA hardware and software is configurations like:
    On the switch you set it to mode trunk with negotiation off:
    interface GigabitEthernet1/0/38
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 400
    switchport trunk allowed vlan 1,430-435,543-545
    switchport mode trunk
    switchport nonegotiate
    On the ASA you put the parent physical interface into "no shutdown" state and then set up subinterfaces with vlan tags:
    interface GigabitEthernet0/3
    description trunk port
    no nameif
    no security-level
    no ip address
    interface GigabitEthernet0/3.543
    description first subinterface
    vlan 543
    nameif whatever
    security-level 80
    ip address 192.0.2.1 255.255.255.0
    -- Jim Leinweber, WI State Lab of Hygiene

  • VLAN trunking from Cisco Catalyst 3750 to Cisco SF300-48P issue and related

    Hello expert,
    I'm having difficulties to configure VLAN trunking between Cisco Catalyst 3750 switch with Cisco SF300-48P switch and my workstation unable to get any DHCP IP from our DHCP server via Cisco SF300-48P switch. Below is the snippet of configuration on both switches:
    [Cisco Catalyst 3750 Switch]
    interface GigabitEthernet1/0/45
     description NCC-CC-1stFlr
     no switchport trunk encapsulation dot1q
     no switchport trunk allowed vlan 101-103
     spanning-tree portfast
    [Cisco SF300-48P Switch]
    interface fastethernet48
     spanning-tree link-type point-to-point
     switchport trunk allowed vlan add 101-103
     macro description switch
     !next command is internal.
     macro auto smartport dynamic_type switch
    interface fastethernet29
     switchport mode general
     switchport general allowed vlan add 103 tagged
     switchport general pvid 103
    Are these are correct? Kindly advice!
    Thank you very much!
    Regards,
    Alex

    Hi Alex,
    for the trunk port on Catalyst on port GE 1/0/45, we need to enable the trunk and for on encapsulation dot1q because this catalyst model is ISL capable also and the SF300 working only with Dot1q Encapsultion
    The configuration on catalyst should :
    #config terminal
    #interface Gi 1/0/45
    # switchport encapsulation 
    #switchport trunk encapsulation dot1q
    #switchport mode trunk 
    #switchport trunk allowed vlan 101-103
    #spanning-tree portfast
    For SF300 the port trunk it looks fine but for the port where the PC should receive an IP address
    #interface fastethernet29
     #switchport mode access
     #switchport ccess vlan 103
    Please let me know after this configuration
    Thanks
    Mehdi
    Please rate or mark as answered to help other Cisco Customers

  • Trunk between cisco and huawei

    One of my edge Huawei S5700-28C-EI stack switches  is dead, I am going to replace it with a Cisco switch Catalyst 3750 series PoE-48 via a trunk link  with GE fiber port on both ends, please see the diagram below.
                                      trunk                     trunk
       Core switchrouter<----------S5700<--------------->Cisco Catlyst 3750
    I haven’t touch Cisco switch for many years, I would like to ask the following questions:
    1.)      Do I need to take any precaution before connecting this Cisco switch into my Huawei network? Only one link between S5700 and C3750, so I don't need worry anout STP? Do I need to worry about Default vlan regarding trunking port?
    2.)      I need to use different trucking protocol e.g. 802.1Q etc to interconnect these two switches (S5700 and Catalyst 3750), please see the following configuration:
    For C3750:
    switchport trunk encapsulation dot1q
    switchport trunk native vlan (What you want)
    switchport trunk allowed vlan (VLANs required)
    switchport mode trunk
    spanning-tree portfast trunk
    For S5700:
    port link-type trunk
    port trunk permit vlan all
    Do you think the configurations above are right?
    Do I need to manually enter Duplex and speed options ?     
    3.)If the configurations are not right, then what are the commands for trucking port/link should I use on the Cisco switch (it uses IOS software) and Huawei switch?  Procedures of the commands would be really helpful !
    Any information and help would be much appreciated.

    I know the problem,When I change the native vlan of my  S5700-28C-EI ,it's just ok.

  • Trunking on Cisco SF300 Issue

    Hello Friends,
    Issue: I have 3 Cisco SF300 multilayer switches, I have configured one switch as a core switch and changed the mode to Router (from layer2 to Layer3) and configured Vlans and DHCP pools accordingly, but when i am trying to connect another SF300 to this switch by using VTP it's giving error then i tried searching a solution and found that it does not support VTP protocol, can someone please help me on that, how i can connect other SF300 to this core switch by using trunking.
    My goal is to connect the Switch1 and Switch2 to the CoreSwitch by using trunking so that CoreSwitch can advertise all Vlan information to Switch1 and 2. and PC connected to Switch1 & 2 on different Vlans can communicate to each other.
    Network Diagram:
    CoreSwitch fast-Ethernet port 1 to 8 are connected to Huwai Router Port 1 to 8 using a dedicated physical enter phase to connect each Vlan to the internet. using Nat overload.   CoreSwitch's fastethernet Port 9 to 24 are disabled, gigabit port 1 to 4 are trunk port and allowed vlan are 11, 12,13,14,15,16,17 and 20.
    Note: All 3 switches are in Layer3 mode.
    CoreSwitch Gigabit ethernet Port1 connected to = Switch1 gigabit ethernet port 1 
    CoreSwitch Gigabit ethernet Port2 connected to = Switch2 gigabit ethernet port 2
    Switch1 Gigabit ethernet Port4 connected to = Switch2 gigabit ethernet port 4
    Configuration:
    CoreSwitch:
    User Name:cisco
    Password:XXXXXXX
    Welcome to CoreSwitch.
    Regards,
    Sandy
    CoreSwitch#show run
    config-file-header
    CoreSwitch
    v1.3.7.18 / R750_NIK_1_35_647_358
    CLI v1.0
    set system mode router
    file SSD indicator encrypted
    ssd-control-start
    ssd config
    ssd file passphrase control unrestricted
    no ssd file integrity control
    ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
    spanning-tree priority 0
    vlan database
    vlan 11-17,20
    exit
    voice vlan oui-table add 0001e3 Siemens_AG_phone________
    voice vlan oui-table add 00036b Cisco_phone_____________
    voice vlan oui-table add 00096e Avaya___________________
    voice vlan oui-table add 000fe2 H3C_Aolynk______________
    voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
    voice vlan oui-table add 00d01e Pingtel_phone___________
    voice vlan oui-table add 00e075 Polycom/Veritel_phone___
    voice vlan oui-table add 00e0bb 3Com_phone______________
    gvrp enable
    ip dhcp excluded-address 192.168.11.1 192.168.11.2
    ip dhcp excluded-address 192.168.12.1 192.168.12.2
    ip dhcp excluded-address 192.168.13.1 192.168.13.2
    ip dhcp excluded-address 192.168.14.1 192.168.14.2
    ip dhcp excluded-address 192.168.15.1 192.168.15.2
    ip dhcp excluded-address 192.168.16.1 192.168.16.2
    ip dhcp excluded-address 192.168.17.1 192.168.17.2
    ip dhcp pool network CashOfficedepo
    address low 192.168.12.1 high 192.168.12.254 255.255.255.0
    default-router 192.168.12.1
    dns-server 192.168.20.3 192.168.20.4
    exit
    ip dhcp pool network Churn5StarPayrollWeb
    address low 192.168.11.1 high 192.168.11.254 255.255.255.0
    default-router 192.168.11.1
    dns-server 192.168.20.3 192.168.20.4
    exit
    ip dhcp pool network Commission
    address low 192.168.13.1 high 192.168.13.254 255.255.255.0
    default-router 192.168.13.1
    dns-server 192.168.20.3 192.168.20.4
    exit
    ip dhcp pool network Inventory
    address low 192.168.15.1 high 192.168.15.254 255.255.255.0
    default-router 192.168.15.1
    dns-server 192.168.20.3 192.168.20.4
    exit
    ip dhcp pool network Managers
    address low 192.168.17.1 high 192.168.17.254 255.255.255.0
    default-router 192.168.17.1
    dns-server 192.168.20.3 192.168.20.4
    exit
    ip dhcp pool network ReportingAccount
    address low 192.168.14.1 high 192.168.14.254 255.255.255.0
    default-router 192.168.14.1
    dns-server 192.168.20.3 192.168.20.4
    exit
    ip dhcp pool network TechDept
    address low 192.168.16.1 high 192.168.16.254 255.255.255.0
    default-router 192.168.16.1
    dns-server 192.168.20.3 192.168.20.4
    exit
    bonjour interface range vlan 1
    hostname CoreSwitch
    snmp-server location
    snmp-server contact
    clock timezone " " 0 minutes 0
    ip name-server  202.XXX.XXX.XXX       
    ip telnet server
    interface vlan 1
     ip address 192.168.10.3 255.255.255.0
     no ip address dhcp
    interface vlan 11
     name Churn5StarPayrollWeb
     ip address 192.168.11.1 255.255.255.0
    interface vlan 12
     name CashOfficedepo
     ip address 192.168.12.1 255.255.255.0
    interface vlan 13
     name Commission
     ip address 192.168.13.1 255.255.255.0
    interface vlan 14
     name ReportingAccount
     ip address 192.168.14.1 255.255.255.0
    interface vlan 15
     name Inventory
     ip address 192.168.15.1 255.255.255.0
    interface vlan 16
     name TechDept
     ip address 192.168.16.1 255.255.255.0
    interface vlan 17
     name Managers
     ip address 192.168.17.1 255.255.255.0
    interface vlan 20
     name SERVERS
     ip address 192.168.20.1 255.255.255.0
    interface fastethernet1
     switchport trunk allowed vlan add 11
    interface fastethernet2
     switchport trunk allowed vlan add 12
    interface fastethernet3
     switchport trunk allowed vlan add 13
    interface fastethernet4
     switchport trunk allowed vlan add 14
    interface fastethernet5
     switchport trunk allowed vlan add 15
    interface fastethernet6
     switchport trunk allowed vlan add 16
    interface fastethernet7
     switchport trunk allowed vlan add 17
    interface fastethernet8
     switchport trunk allowed vlan add 20
    interface fastethernet9
     shutdown
    interface fastethernet10
     shutdown
    interface fastethernet11
     shutdown
    interface fastethernet12
     shutdown
    interface fastethernet13
     shutdown
    interface fastethernet14
     shutdown
    interface fastethernet15
     shutdown
    interface fastethernet16
     shutdown
    interface fastethernet17
     shutdown
    interface fastethernet18
     shutdown
    interface fastethernet19
     shutdown
    interface fastethernet20
     shutdown
    interface fastethernet21
     shutdown
    interface fastethernet22
     shutdown
    interface fastethernet23
     shutdown
    interface fastethernet24
     shutdown
    interface gigabitethernet1
     gvrp enable
     switchport trunk allowed vlan add 11-17,20
    interface gigabitethernet2
     switchport trunk allowed vlan add 11-17,20
    interface gigabitethernet3
     switchport trunk allowed vlan add 11-17,20
    interface gigabitethernet4
     switchport trunk allowed vlan add 11-17,20
    exit
    banner login ^C
    Welcome to CoreSwitch.
    Regards,
    Sandy
    ^C
    banner exec ^C
    Welcome to CoreSwitch.
    Regards,
    Sandy
    ^C
    ip default-gateway 192.168.11.2   (huwai router's fast ethernet port1 ip address)
    ip default-gateway 192.168.12.2   (huwai router's fast ethernet port2 ip address)
    ip default-gateway 192.168.13.2   (huwai router's fast ethernet port3 ip address)
    ip default-gateway 192.168.14.2   (huwai router's fast ethernet port4 ip address)
    ip default-gateway 192.168.15.2   (huwai router's fast ethernet port5 ip address)
    ip default-gateway 192.168.16.2   (huwai router's fast ethernet port6 ip address)
    ip default-gateway 192.168.17.2   (huwai router's fast ethernet port7 ip address)
    ip default-gateway 192.168.20.2   (huwai router's fast ethernet port8 ip address)
    CoreSwitch#
    =====================
    Switch1: no configuration yet (Tried configuring VTP but got no luck, it's not supported so i turned on the GVRP...running RSTP and spanning-tree priority is 4096)
    =====================
    Switch2:  no configuration yet.....
    Thanks,
    Sandy

    Please find the below mentioned show vlan output of both the Switches  :
    CoreSwitch#show vlan
    Created by: D-Default, S-Static, G-GVRP, R-Radius Assigned VLAN
    Vlan       Name                   Ports               Created by
     1           1             fa1-24,gi1-4,Po1-8             D
     11  Churn5StarPayroll          fa1,gi1-4                 S
         Web
     12   CashOfficedepo            fa2,gi1-4                 S
     13     Commission              fa3,gi1-4                 S
     14  ReportingAccount           fa4,gi1-4                 S
     15      Inventory              fa5,gi1-4                 S
     16      TechDept               fa6,gi1-4                 S
     17      Managers               fa7,gi1-4                 S
     20       SERVERS               fa8,gi1-4                 S
    AccessLayer1#show vlan
    Vlan       Name                   Ports                Type     Authorization
     1           1             fa1-24,gi1-4,Po1-8        Default      Required
    AccessLayer1#
    I just wondering that i have enabled GVRP on both side and made them trunk then why Switch1 is not showing me the Vlan i created on CoreSwitch :(
    Thanks,
    Sandy

  • Switch Port Trunk allowed Vlan

    Hi Guys
    Request your help on my query :
    I have a distribution switch  and access switch and port channel between them.
    Dist switch is the VTP server
    lets assum I have 25 vlan
    when I do show vlan brief on the access switch I can see all 25 vlans listed now
    no when I configure switch port trunk allowed vlan (ex : permitting 10 vlans )on the link connecting to access switch at Dist switch
    Dist switch po1 -- connecting to - po Access switch
    Dist switch #
    int po1
    switch port trunk alllowed vlan x,x,x,x,x,x,x,x,x,
    After permitting 10 vlan through trunk allowed vlan and then when I do show vlan brief on the access switch , I should see only the 10 vlan whcih I have permiited right ?
    Thanks in advance  

    Hi,
    John is absolutely correct - even if you do not permit a VLAN on a trunk, it can still provide communication among local ports on a switch that are all assigned to the same VLAN.
    I have a feeling that your original question was focused on a different aspect, though: You probably expected that if you exclude some VLANs from trunks, these VLANs will not be propagated via VTP to surrounding switches. Sadly, this is not the case. The switchport trunk allowed vlan command only affects data traffic in individual VLANs but it has no impact on the operation of VTP protocol. The VTP still advertises all VLANs, regardless of which VLANs are allowed on a trunk. To put it plainly, in a VTP domain, all server/client switches will know about all VLANs. THere is no legal possibility of having a single VTP domain consisting of server/client switch and yet have the switches differ in their VLAN database contents. It's as easy as that: one VTP domain = one big common VLAN database.
    Best regards,
    Peter

  • Switchport trunk

    De la siguiente configuración cual es la mas apropiada para que tarabajen en redundancia entre 2 equipos 4507.
    interface GigabitEthernet4/15
    switchport access vlan 110
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 110
    switchport mode trunk
    duplex full
    speed 100
    interface GigabitEthernet4/15
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 110
    switchport mode trunk
    duplex full
    speed 100

    Hi Frind,
    Can you please post the question in english. I tried translating it but was not very successfull.
    Your first config and second config is exactly the same with only one difference that in your first config you have configured native vlan as 110 and in your second config the native vlan is 1 which is bydefault.
    Native vlan is the vlan which is sent across the trunk without tagging.
    Make sure if you are connecting these 2 switches together try to make native vlan as same on both the end. Also for etherchannel or teaming to work config on both the ports shoould be same.
    HTH
    Ankur

  • Switchport trunk native vlan & switchport access vlan dual configuration

    I've discovered this dual configuration on a 3500xl switch while troubleshooting an incrementing runts issue. Could the config of this port be related to the issue at hand?
    port configuration:
    interface FastEthernet0/3
    duplex full
    speed 100
    switchport access vlan 203
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 203
    switchport trunk allowed vlan 1,203,204,220,1002-1005
    switchport mode trunk
    spanning-tree portfast

    Hi,
    The 'switchport access vlan' command will have no effect on the configuration you have on this port. The port will operate as a trunk and will dis-regard any config that pertains to an access port.
    Hope that helps ...
    Paresh

  • 2960 will not allow "switchport trunk encapsulation dot1q" CLI

    I have a Cisco 2960 switch that is not allowing me to setup switchport trunk encapsulation dot1q on a trunking interface.
    The show capabilities shows that the interface can use 802.1q, but when I try to CLI the command the work encapsulation is not an option.
    Please advise with a solution.
    Thanks, S
    Model - WS-C2960G-24TC-L  
    SW Version - 12.2(44)SE6          
    SW Image - C2960-LANBASEK9-M
    S1#
    S1#sh int gi0/23 capabilities
    GigabitEthernet0/23
    Model:                 WS-C2960G-24TC-L
    Type:                 1000BaseLX SFP
    Speed:                 1000
    Duplex:               full
    Trunk encap. type:     802.1Q
    Trunk mode:           on,off,desirable,nonegotiate
    Channel:               yes
    Broadcast suppression: percentage(0-100)
    Flowcontrol:           rx-(off,on,desired),tx-(none)
    Fast Start:           yes
    QoS scheduling:       rx-(not configurable on per port basis),
                             tx-(4q3t) (3t: Two configurable values and one fixed.)
    CoS rewrite:           yes
    ToS rewrite:           yes
    UDLD:                 yes
    Inline power:         no
    SPAN:                 source/destination
    PortSecure:           yes
    Dot1x:                yes
    Multiple Media Types: rj45, sfp, auto-select
    S1#
    S1#
    S1#
    S1(config-if)#switchport ?
    access         Set access mode characteristics of the interface
    backup         Set backup for the interface
    block         Disable forwarding of unknown uni/multi cast addresses
    host           Set port host
    mode           Set trunking mode of the interface
    nonegotiate   Device will not engage in negotiation protocol on this
                     interface
    port-security Security related command
    priority       Set appliance 802.1p priority
    protected     Configure an interface to be a protected port
    trunk         Set trunking characteristics of the interface
    voice         Voice appliance attributes
    S1#
    S1#
    S1#
    S1(config-if)#switchport trunk ?
    allowed Set allowed VLAN characteristics when interface is in trunking mode
    native   Set trunking native characteristics when interface is in trunking
               mode
    pruning Set pruning VLAN characteristics when interface is in trunking mode
    S1#
    S1#
    S1#

    Newer devices don't support ISL so you can only run 802.1Q. That means that there is no need for an encapsulation command because only one encapsulation is supported. If the device had support for ISL then you would also have that command.
    Daniel Dib
    CCIE #37149
    Please rate helpful posts.

  • Switchport trunk encapsulation on L3 switches

                    Why is 'switchport trunk encapsulation <dot1q or isl> required on L3 switches?  The default trunk encapsuation mode on 'modern' Cisco switches is to 'auto' negotiate, so why doesn't 'auto-negotiate' work when configured from the L3 switch port?  If I configure 'switchport mode trunk' on an L2 switch (capable of only dot1q) and don't configure the adjacent L3 port, the trunk is auto-negotiated.  However, if I configure 'switchport mode trunk' on the L3 port first, it gives the error we've all witnessed: Command rejected: An interface whose trunk encapsulation is "Auto" can not be configured to "trunk" mode. Interestingly, if I configure, 'switchport mode dynamic desirable' on the L3 port, the interface does indeed negotiate the trunk encapsulation and establish the trunk.  According to Cisco documentation, the 'switchport mode trunk' command is also supposed to negotiate the trunking status and encapsulation--so why doesn't this command work the same as 'switchport mode dynamic desirable?'

    John,
    You're absolutely correct.  My hope is that Cisco will change its definition for 'switchport mode trunk.'
    This is from their documentation:
    switchport mode dynamic desirable
    Makes the interface actively attempt to convert the link to a trunk link. The interface becomes a trunk interface if the neighboring interface is set to trunk, desirable, or auto mode.
    switchport mode trunk
    Puts the interface into permanent trunking mode and negotiates to convert the neighboring link into a trunk link. The interface becomes a trunk interface even if the neighboring interface is not a trunk interface.
    switchport nonegotiate
    Prevents the interface from generating DTP frames. You can use this command only when the interface switchport mode is access or trunk. You must manually configure the neighboring interface as a trunk interface to establish a trunk link.
    I've highlighted negotiates to point out that DTP frames are still sent to the neighboring device to negotiate the trunking status. Therefore, why doesn't it also negotiate the encapsulation type when desiring to trunk? My point being, if it's going to trunk unconditionally and not negotiate the trunking protocol, and since you'd have to have an ISL-only switch (non-extant), Cisco should simply get rid of ISL on their switches or have the 'negotiation' process or (unconditional state) select dot1Q as the trunking protocol.

  • VLAN DOT1Q, SWITCHPORT TRUNK NATIVE VLAN, and VLAN1

    Hi All,
    L2 security documents suggest to avoid using vlan1 and tagging all frames with vlan IDs using the global configuration of vlan dot1q. Other Cisco non-security documents suggest using the switchport trunk native vlan # which removes any vlan tagging. It seems to me that the global vlan dot1q command and the interface switchport trunk native vlan # are contradictory; therefore, both should not be used. Furthermore, my understanding is to avoid using vlan 1 to tighten L2 security. When vlan 1 is removed from all trunked uplinks, user access ports are other than vlan 1, and no spanning-tree vlan 1 operations exists, what is the native vlan 1 actually used for?. The output of show interface gi0/1 trunk shows the native vlan as 1.
    Thanks,
    HC

    Hi HC,
    the command "switchport trunk native vlan" is used to define the native (untagged vlan) on a dot1q link. The default is 1, but you can change it to anyting you like. But it does only change the native vlan, all the others vlan on the trunk are of course tagged (and it only applies to dot1q, as ISL "taggs/encapsulates" all the vlans). The command "vlan dot1q tag native" is mostly used in dot1qindot1q tunnels, where you tunnel a dot1q trunk within a dot1q trunk. Thats something mostly service Providers offer to there customers. There it is important that there is no untagged traffic, as that would not work with dot1qindot1q. This command tagges the native vlan traffic, and drops all traffic which is not tagged.
    Whatfor is the native VLAN? Switches send control PDU such as STP,CDP or VTP over the native VLAN.
    If you don't happen to be a service Provider for L2 metropolitan Ethernet, you wan't need the "vlan dot1q tag native" command. For my part I'm trying not to use vlan 1 everywhere in my campus, because it gives a huge spanningtree topology and if you ever get a switch to blow a heavy load of traffic into it, you have your whole campus network degradet. I try to keep Vlan's a small as possible and to have as much L3 separaton as possible, that's good for the stability!
    Simon

  • Switchport trunk native vlan question...

    What am I missing in regards to the following two lines assigned to a sw interface:
    switchport trunk native vlan 80
    switchport mode trunk
    Why assign a VLAN to the port when your trunking it (meaning you allowing all VLANs to pass)?
    Thank you.

    By default native VLAN is VLAN 1, but can be changed to any No. on the trunk port by command "switchport trunk native vlan #". This will make a new vlan# as native & allow all pkts from this vlan to pass thru trunk untagged.
    Native VLANs are used to carry CDP, PAgP & VTP messages. Thus the Frames on native VLAN are untagged. For these messages to propagate between devices, native VLANS must match on both sides of the trunk. In case of native VLAN mismatch on bothsides of the trunk, STP will put the trunk port in err-disabled state.

  • Native VLAN on switchport trunk

    Is i possible to set more than ONE native vlan on a switchport trunk.
    Thanks

    Hi there,
    Just to clarify, the native vlan is set in the trunk configuration. This means that you can set this per trunk.
    You can only have 1 per trunk. If you had more than 1, which one would it send it to??
    Hope that clarifys,
    LH
    Please rate all posts

  • What is the effect of the command switchport trunk native vlan x

    Hello all,
    I have a SG500 switch. The port Gi0/19 is directly connected to a machine. When i show the running config file i find the following config in the interface gi0/19:
    switchport trunk native vlan 70
    I need to understand this command because i'm a bit confused that i know that only if we have a link between two switch that we put an interface in a trunk mode.
    Please Help :)

    Trunks can carry all the traffic(vlan 70,80,........Including vlan1)
    Access port can only be in one vlan (Say vlan 70)
    So if you configured as trunk and connect the server,  and since native vlan is 70, when traffic is of vlan 70, it will not be tagged so your server can understand it.(Assuming that server do not have the capacity to understand the tagged frames). Traffic in other vlan will also be received by this interface (say vlan 80,....vlan1....) but will be dropped.
    If you configure it as only access and in vlan 70, only untagged vlan 70 traffic will be received on the interface.
    Thanks

Maybe you are looking for

  • Email addresses in Mail into Address Book

    Is there a quick way to export all the email addresses from my emails stored in Mail into my Address Book? Thanks in advance, Jamie

  • Sleep Freeze

    My MBP is not going to sleep when I close the lid. When I open the lid the computer is froze and I have to do a hard reboot. This is a new development. Any thoughts on this?

  • Importing files via MDS

    I'm trying to import an event handler via MDS but I don't think the file is getting imported: This is what my weblogic.properties look like: wls_servername=oim_server1 application_name=OIMMetadata metadata_from_loc=/apps/mds/from metadata_to_loc=/app

  • Reader Extensions workflow

    I make XFA forms and usually just add reader extensions through Acrobat but now have a form from which I will need to extract data from more than 500 users so can't do it this way. Can I just purchase the Reader Extension module to allow me the licen

  • PS with SD - assembly processing

    hello I would like to make assemly processing, assignement between SD and PS, what I have at this time: 1. I have standard project with one element PSP the structure is: AR-0001 - definition, AR-0001 - main element, AR-0001.01 one element PSP, I chec