Connecting two 3650 (trunkproblems?) via wire problem.

Unanswered Question

Hi all.

Im trying to simply connect two 3650 with a patch cable but i cant get it to work. I have set the ports on both switches with:

switchport mode trunk auto

When i connect the two switches i get bpdu-error, "Description: Gi0/25: Unexpected BPDU received. Port has been Disabled". I can't really figure out what that means. Im stuck and dont really know what to look for anymore so any help is apreciated.

Here is the port settings (same on both):

Name: Gi0/2

Switchport: Enabled

Administrative Mode: trunk

Operational Mode: down

Administrative Trunking Encapsulation: dot1q

Negotiation of Trunking: On

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

I have same settings on both ends. I should also mention that on one end i have two switches connected thru optical cabel and working with aprox. 70 clients.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
glen.grant Tue, 11/20/2007 - 04:35
User Badges:
  • Purple, 4500 points or more

The trunk will never come up if you have both ends as "auto" because neither end initiates the the conversation . Set one or both ends as "switchport mode dynamic desirable " . Vtp domain name must match on both switches also. PS it also looks like you have bpdu guard enabled on one or both ports so that is probably what is taking down the port , remove those statements if this is to link 2 switches.

thx for the reply!

I did switchport dyn des and turned off bpdu guard and filter. The links seems to try to talk to each other but then it the intf shuts down.

Trying to find out why but i can't see anything wrong (newbie), i noticed this thou:

switch_vaning-5>sh int gig 0/2 trunk

Port Mode Encapsulation Status Native vlan

Gi0/2 desirable negotiate other 1

Port Vlans allowed on trunk

Gi0/2 none

Port Vlans allowed and active in management domain

Gi0/2 none

Port Vlans in spanning tree forwarding state and not pruned

Gi0/2 none

Its seems that the interface don't have any vlans allowed? I did this in switchport trunk but should i do it anywere else?



glen.grant Tue, 11/20/2007 - 06:19
User Badges:
  • Purple, 4500 points or more

Can you post the actual configs of the interfaces you are trying to connect ?


Sure here's what show in sh run (or did u mean the whole config?):

switch 1:

interface GigabitEthernet0/2

switchport trunk encapsulation dot1q

switchport mode dynamic desirable

spanning-tree bpdufilter disable

spanning-tree bpduguard disable


interface GigabitEthernet0/2

switchport trunk encapsulation dot1q

switchport mode dynamic desirable

spanning-tree bpdufilter disable

spanning-tree bpduguard disable

I also have to restart the switch to get the interface to work, no shutdown doesn't work!

On switch 2 i get an orange light for about 2 sec, after that the light goes out.



Kevin Dorrell Tue, 11/20/2007 - 07:06
User Badges:
  • Green, 3000 points or more

What puzzles me is how you got the BPDU guard error on G0/25 when it is G0/2 that you are connecting. Was that a typo?

Another comment I will make is that your interface configs contain spanning-tree bpdufilter disable. That is good news. The bad news is that it implies you have bpdufilter enabled by default, which means none of your spanning-tree is working anywhere.

You should only enable bdpufilter anywhere if you have a very very good reason for doing so. BPDUs are there to protect your network from loops, so filtering them out is Bad News.

My advice to you is to disable bpdufilter globally, and only ever enable on individual ports, and then only when you are absolutely sure that you need it for good technical reasons.

Your network may be a bit bumpy while you are doing this change. After all, it will detect any loops and will reconfigure itself to avoid them. But it will be much much safer in the long run.

Kevin Dorrell


Kevin Dorrell Tue, 11/20/2007 - 07:10
User Badges:
  • Green, 3000 points or more

I'm sorry, but what do you mean "On one end I have two switches connected thru optical cable." Could you explain that topology a bit please?

Kevin Dorrell


Hi again, thx for the input. I try to explain my top:

Switch one (24p)

- I want to connect one and two with a EN-cable (don't have the opt-cable yet). (interface 0/2 on Switch one and two.)

Switch two (48p)

- switch two and three is connected with optical LC-LC cable, works like a charm. (interface 0/49 on Switch two and three.)

Switch three (48p)

(connected to switch 2 with optical).

The optical connection works great, i have no problems there. Only when i try to use a patch-cable (first time for me but it should be the same principle as opt?).

When i try to use the patch, the interface shuts down and im forced to restart the switch to be able for another try. I tried to set the port exactly the same as the opt-interfaces with no success.


glen.grant Tue, 11/20/2007 - 18:33
User Badges:
  • Purple, 4500 points or more

You shouldn't have to restart the switch my guess is that you are err-disabling the ports due to a misconfig , to start them back up just do a "shut" then a no shut and that should liven the links . your config for those 2 interfaces to trunk looks ok an should work , make sure your vtp domain name is the same on both switches, if you don't have one then assign one exactly the same on both sides , trunk won't come up without it using negotiated trunking . Next time if your link goes down , check it with a show int status command and I bet it says err-disable , do a "shut" first thena no shut . Are you using a crossover cable?

Godmorning and thx for replying.

The vtp is on transparent and domain empty on both sides (when transparent that doesn't matter?).

Ok, will try shu & no shu to get the port back up.

No, i don't use a crossover cable, trustning mdix to do its magic here.. I checked the logg and all i see there is that the inteface goes down, nothing more.


glen.grant Wed, 11/21/2007 - 02:59
User Badges:
  • Purple, 4500 points or more

I would set the vtp domain name the same on both sides. Don't think the trunk will come active unless they match even in transparent mode.

Hi Glen.

Its better to have a name than no name at all i presume? I should do it on all three switches.

Man am i strugglig with this! When i set the interfaces to switchport trunk (dot1q) i get an orange light first, then a green light for a second before it shuts down the port. I'm now trying to set the logging to debugg (in the terminal, telnet im using) but i get no debugg info, is this right for this:

conf t

logging monitor debugging

(even tried logging console debugging).

Bug i get no info when i try connect these two switches together..


Albertdeng Wed, 11/21/2007 - 15:32
User Badges:

I think this is more physical link problem than config erorrs, try to make sure interfaces are up even ports on sw1 and sw2 is configed to access mode port in same vlan then config these ports to trunk mode.

try to use diff cables to test (straight, cross-over)


This Discussion