creating a trunk between catos & ios

Answered Question
Nov 16th, 2007

we have a layer 2 cat-6506 switch (catos) uplinking to a layer 3 cat-6509 (ios). we're also required to portchannel the link between the 2 devices. So, we have trunked up 2 ports on the layer 2 switch and used vlan 4 as the native vlan. Do we need to place the ports on the IOS switch into the vlan 4 PRIOR to trunking them and defining vlan 4 as the native vlan?

thanks.

Correct Answer by Edison Ortiz about 9 years 3 months ago

From the portion of the config you've posted, I'm not 100% sure the 'mode' you are running.

If the 'mode' is not entered under a switchport, it runs in dynamic mode.

The dynamic mode can be desirable or auto, depending upon the switch you are running.

The dynamic behavior is unpredictable as you don't know when you are running trunk or access mode. It's best practice to always enter the 'mode'.

You can find out the 'mode' you are running with the show interface fx/x switchport command.

Based on your last post, it seems you were running in access mode, not trunk mode. Perhaps a failure in the negotiation with the remote peer.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
Kevin Dorrell Fri, 11/16/2007 - 22:55

Not necessarily. In IOS (unlike CatOS), the access VLAN and the trunk native VLAN are two completely independent parameters. The access VLAN only comes into play when the switchport is in access mode, and the trunk native only when the switchport is in trunk mode.

Be aware that if you are PortChannelling, it is the Po interface that you put into trunk, and set the VLANs, and not the physical interfaces. Also, set up the chanelling while the ports are shutdown, otherwise you will get tied in errdisable knots.

Kevin Dorrell

Luxembourg

axfalk Sat, 11/17/2007 - 08:38

Thanks for your response. we could not get the layer3 communication between the two devices until we placed the PO1 int on the layer3 switch in vlan4..in fact, we started getting native vlan mismatch errors as soon as we placed the ports on the layer 2 switch in vlan4...so, when I did sh int PO1 switchport on the layer3 switch, I noticed the native vlan for that trunk port was 1, not 4 as I had expected...Here is the commands we used for the PO1:

interface Port-channel1

no ip address

switchport

switchport trunk encapsulation dot1q

switchport trunk native vlan 4

switchport trunk allowed vlan 4

switchport trunk allowed vlan add 4

Thanks again...

_Greg

Edison Ortiz Sat, 11/17/2007 - 11:55

Greg,

Your approach was right. The native Vlan must match between the inter-connecting switches. By default, Vlan 1 would be your native Vlan.

axfalk Sun, 11/18/2007 - 15:23

Thanks...I thought it was going to work also, however it did not as the native vlan ended up being 1, not 4 and, as the result, I was having the "native vlan mismatched" error msg as the catos end of the trunk was on vlan4.

What fixed the problem was putting the int in the ios switch into the access vlan4 first as in the following:

interface Port-channel1

no ip address

switchport access vlan4

switchport trunk encapsulation dot1q

switchport trunk native vlan 4

switchport trunk allowed vlan 4

This kind of does not make much sense as, it was mentioned, the access vlan on the int in ios is not related to the native vlan on the trunk. Any suggestion as to what may be going on here?

thanks again...

Kevin Dorrell Mon, 11/19/2007 - 03:37

On the CatOS end, it is the same command that sets the access-mode VLAN, as to set the trunk-mode native VLAN. So when you converted the CatOS end into a trunk, the CatOS end took VLAN 4 as native. But on IOS, you have to set the native VLAN explicitly, otherwise it defaults to 1. Once the IOS end is a trunk, the switchport access vlan command is not longer relevant.

Kevin Dorrell

Luxembourg

axfalk Mon, 11/19/2007 - 16:52

Thanks...The original question still remains though - does a port on IOS need initially be placed in a vlan as a switchport, so that when a trunk is subsequently created on this port, its native vlan will be the same as the one the port was a member of?

thanks...

Edison Ortiz Tue, 11/20/2007 - 08:06

The answer is no.

switchport access vlan has no meaning if you have the switchport mode trunk enabled.

The switchport trunk native vlan instructs the switch not to tag the packets on the specified Vlan.

While the switchport access vlan is often seen and left behind in the trunk switchport config, it has no usefulness being there.

axfalk Tue, 11/20/2007 - 08:31

Thanks for your response and I hate to belabor this point, but as you can see from the configs I provided, the trunk native vlan remained 1, UNTIL I put the port into the access mode on the vlan 4, PRIOR to creating the trunk....anybody happens to know what gives here, as I completely agree with your assessment and kind of stumped as to what's going on?

thanks again...

Correct Answer
Edison Ortiz Tue, 11/20/2007 - 08:40

From the portion of the config you've posted, I'm not 100% sure the 'mode' you are running.

If the 'mode' is not entered under a switchport, it runs in dynamic mode.

The dynamic mode can be desirable or auto, depending upon the switch you are running.

The dynamic behavior is unpredictable as you don't know when you are running trunk or access mode. It's best practice to always enter the 'mode'.

You can find out the 'mode' you are running with the show interface fx/x switchport command.

Based on your last post, it seems you were running in access mode, not trunk mode. Perhaps a failure in the negotiation with the remote peer.

axfalk Tue, 11/20/2007 - 09:15

Thanks for your reply... This is what's currently on the int and it's working:

interface Port-channel1

no ip address

switchport

switchport access vlan4

switchport trunk encapsulation dot1q

switchport trunk native vlan 4

switchport trunk allowed vlan 4

Doing the sh int po1 switchport:

Name: Po1

Switchport: Enabled

Administrative Mode: dynamic desirable

Operational Mode: static access

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: native

Negotiation of Trunking: On

Access Mode VLAN: 4

Trunking Native Mode VLAN: 4

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan: none

Trunking VLANs Enabled: 4

Pruning VLANs Enabled: 2-1001

However, if I were to take the "switchport access vlan4" statement out, the resulting trunk would have vlan1 for the native vlan..

thanks...

Kevin Dorrell Tue, 11/20/2007 - 15:09

Sorry to disagree, but ... If you take the switchport access vlan 4 out, then it would be on VLAN 1 when it is in access mode. At the moment it is in access mode so the switchport access vlan determines which VLAN it is on. "Operational Mode: static access". 4 at the moment, 1 if you took that command out.

But when it goes into trunk mode, its native VLAN would be 4. "Trunking Native Mode VLAN: 4", regardless of the setting of the switchport access vlan command.

Kevin Dorrell

Luxembourg

Albertdeng Tue, 11/20/2007 - 16:55

You just need to add command "swichport mode trunk" then your problem will be solved.

Albert

Edison Ortiz Tue, 11/20/2007 - 18:17

As suspected, your switchport is not trunking thus it's relying on the switchport access vlan for Vlan membership (See the Operational Mode entry).

If you want to trunk, you must use switchport mode trunk.

Actions

This Discussion