Switchport Access VLAN 123

Unanswered Question
Jun 18th, 2007
User Badges:

All, what happens if a port is configured as:


interface GigabitEthernet1/0/21

switchport access vlan 100

spanning-tree portfast


but does not have switchport mode access?


is the switchport mode access command needed?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Edison Ortiz Mon, 06/18/2007 - 09:54
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

If you connect another switch on this port, it may trunk if you don't set the switchport mode access.


By entering the switchport mode access, you are forcing the port to only use access mode.


You can view the current switchport mode by typing:


show int g1/0/21 switchport



rwamstutz Mon, 06/18/2007 - 10:02
User Badges:

so it really doesnt hurt anything by not having the command, but without it, if someone were to plug a switch into that port, it would go into trunking mode?

Edison Ortiz Mon, 06/18/2007 - 10:05
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

It may go into trunking mode, yes.


In a secure environment, it's always recommended to enter the switchport mode access command.


Can you post the 'show int g1/0/21 switchport' output ?

rwamstutz Mon, 06/18/2007 - 10:12
User Badges:

This is the output on a port without the switchport mode access command:


BOSTON#sh int g4/0/12 switchport

Name: Gi4/0/12

Switchport: Enabled

Administrative Mode: dynamic auto

Operational Mode: static access

Administrative Trunking Encapsulation: negotiate

Operational Trunking Encapsulation: native

Negotiation of Trunking: On

Access Mode VLAN: 101 (VLAN0101)

Trunking Native Mode VLAN: 1 (default)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL


Protected: false

Unknown unicast blocked: disabled

Unknown multicast blocked: disabled

Appliance trust: none

Edison Ortiz Mon, 06/18/2007 - 11:31
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

As you can see:


BOSTON#sh int g4/0/12 switchport

Name: Gi4/0/12

Switchport: Enabled

Administrative Mode: dynamic auto

Operational Mode: static access

Administrative Trunking Encapsulation: negotiate



_____________


Administrative mode is set to dynamic auto, if you connect a switch with dynamic mode desirable, it will form a trunk. A switch with dynamic mode auto, won't form a trunk. So, it depends on the type of switch you connect here.


Currently, the port is running:


Operational Mode: static access


because that's what it sensed from the workstation connection.


You should be fine under this config but I wanted to point out, the 'what if' ..


Actions

This Discussion