Even if i am using VLAN 13 as native , will cdp traffic be traveling over VLAN 1 ??

Here is the output from the interface connected to the 2821..

4948#show interfaces gigabitEthernet 1/25 switchport

Name: Gi1/25

Switchport: Enabled

Administrative Mode: trunk

Operational Mode: trunk

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: dot1q

Negotiation of Trunking: On

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 13 (native)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk associations: none

Administrative private-vlan trunk mappings: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Unknown unicast blocked: disabled

Unknown multicast blocked: disabled

Appliance trust: none

Hi Munawar,

CDP will always travel on vlan 1 whether it is native or not on trunk port. Even if vlan 1 is not allowed on trunk still cdp packets will travel on vlan 1 internally.

HTH

Ankur

hi munawar,

If I understood your config properly you are using trunking on 2821 (towards 4948) and using access port on 4948 (towards 2821).

Well in this case when you are using encapsulation dot1q 15 command you are tagging frames for this vlan.On the otherside (4948) you have created the access port which do not understand tagging hence no ping.

Now when you configure Native keyword the frames of the native vlan are sent untagged and hence can reach the 4948 and traverse the network and hence you can ping the remote router.

When you use Laptop there is no tagging of the frames as well the port is also an access port hence you can ping the remote router.

Anything else experts?

HTH

regards,

shri :)

Great Shri....

It helped a lot..Thanks.

The subinterface of a router carries the traffic of only one VLAN, then why is there need for encapsulation / tagging ??

Can u suggest me some way in which i havent to use NATIVE word ?

Hi Munawar,

As you have not configured any trunking on your switch port on which router is connected this means you do not want your switch to pass traffic for more than 1 vlan and you only want to pass data for vlan 15.

In this case there is no need to configure trunking and even subinterface on your router. The subinterface and encapsulation is required when you want to pass multiple vlan traffic and router between vlans which is not in your case. Instead of creating subinterface even if you want to use main physical interface and simply configure with an ip address which belong to vlan 15 subnet you are good to go.

Coming to your second question if you had removed vlan 1 from a trunk port then also cdp,vtp traffic will flow from vlan 1. This is called as vlan 1 minimisation feature.

HTH

Ankur

In the case i disable my VLAN 1, and set VLAN 13 as native. then on which vlan does VTP and other management traffic travel ??

hi munawar,

You can bring up a trunk with different native VLANs on each end; however,

both switches will log error messages about the mismatch, and the potential exists that traffic

will not pass correctly between the two native VLANs.

The native VLAN mismatch is discovered through the exchange of CDP messages, not

through examination of the trunk itself. Also, the native VLAN is configured

independently of the trunk encapsulation.

If you disable VLAN 1 your VTP/DTP/CDP trffic will traverse through the native vlan.

If only one vlan is present then you dont recquire trunking between 2821 and 4948 and hence no encapsulation!!!

You can use access link between them:

The switchport mode access command forces the port to be assigned to only a single VLAN.

HTH,

regards,

shri :)

Thanks guys..much helpful.

One more thing...Y i cant put encapsulation on a physical interface, when i don't need to have other VLANS terminating on that router.Means i have no requirement for subinterfaces.

Second, lets assume a router has two sub interfaces, for two vlans. How does router treat each tagged packet when it receives from one VLAN, to be routed to other VLAN. VLAN tag is still there or removed when a tagged pckt enters in a subinterface.

I hope i conveyed, what was confusing me.

Thanks Kevin..Thats what i was intending to know..

Thanks very much

I want to understand the following scenario…with respect to VLAN operations.

1. When computer A sends packets to computer B, what happens at each switch and router in the way. Means which switch adds what VLAN tag at ingress of a packet and also at engrees.

2. If i dont use any kind of encapsulaiton/subiinterface at RTR-A and RTR-B then what will the paket flow be.What information / tagging will be added and deleted and each network device.

Keven and Shrikar....You guys make many things clear to me..Thanks for that and request for further help.

what is ur gateway configured for devices in vlan 100 and 110 and where is that IP configured???

Ignoring the above....

From A ---> B

(aasuming that RTA have route to B via 7202 and RTB knows about the networks in SW-B )

A---->SWA---(100)-->RTA--(16)-->4948---(16)-->7202(here the tag is striped and lookupis done and outgoing int is found)---(15)-->4948---(15)-->RTRB--->SWB-->B.

Subinterfaces at RTR-A and RTR-B are gateways for there respective VLANS.

Please i want some details at each point of network, to make things very clear to me. AND in both the case, i.e A) i use encaspulation at RTR-A and RTR-B towards 4948 and B) If i dont use encapsulation at RTR-A and RTR-B towards 4948

I further want to eloborate that ports of 4948 pointing towards RTR-A and RTR-B are access ports of respective VLANS