%CDP native vlna mismatch

cannone78 · ‎06-04-2008

Hi all,

I have 2 catalyst (WS-C3560G-48TS and ME-3400-24TS) connected back-to-back via fastethernet. The 2 ports are configured in access on different vlan: vlan 3 on 3560 side and vlan 207 on 3400 side.

In my log I see a cdp mismatch of native vlan:

(log un 3400 side):

Jun 4 15:17:38.619: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet0/6 (207), with s3560-fiu1 GigabitEthernet0/48 (3)

Is it a normal behaviour?

Normally I have seen this kind of log on a trunk port if we change the native vlan only on one side..

Is it the same for an access port?

Many thanks in advance for your support

Gianluca

Pravin Phadte · ‎06-04-2008

This is not a noramal behaviour since its a configuration problem with native vlan.

can you paste the configuration on the trunk interface for both the swithes conneted to each other.

or to troubleshoot you may follow as below.

1] show interfaces (name) trunk

in this output u will find which vlan it is been in.same command on the other trunk interface.

2] as per cisco if both the inteface have diffrent native vlan you will have to decide which native vlan you need to use. by default is is vlan1.

3] config t

int (name)

switchport trunk native vlan 2

4] I have come across same errors and providing the above command did not work.

not sure if it was ios problem.

you may need to add this commnad depending on your vlans on the switch.

config t

int (name)

switchport trunk allowed vlan 1,10,179-202,1002-1005

Hope this helps.

cannone78 · ‎06-04-2008

Thanks for your support..

Normal behaviour was not referred to vlan mismatch itself but mismatch on an access port!

Here you are the conf of the 2 port:

3400:

interface FastEthernet0/6

description MAN

port-type nni

switchport access vlan 207

speed 100

spanning-tree bpduguard enable

spanning-tree guard root

3560:

interface GigabitEthernet0/48

switchport access vlan 3

switchport mode access

load-interval 30

mls qos trust ip-precedence

spanning-tree bpdufilter enable

no shutdown

As yuo can see the 2 ports are access port and no trunks.

Issue 'show int trunk' the above interface are not listed as trunk port.

Best regards

Gianluca

ovt · ‎06-04-2008

"Is it the same for an access port?"

Absolutely. If you configured vlan 5 on one side and vlan 10 on the other side you would see this message. Don't do this unless you know what you're doing (such as IPS device on a stick). Otherwise you'll merge two vlans into the single broadcast domain.

Pravin Phadte · ‎06-04-2008

Hi cannone78,

Yes you will get the errors for the access port also. All the taged traffic will be moving from the trunk ports.

Do you have a trunk configured between these two swithes ?

If not are these swithes conneted to some other swith and running trunk link to these swithes ?

If both the swithes are conneted end to end who are faceing the error then you will have to check the vlans configured on the swith.

show int status

and.

config t

int (name)

switchport trunk allowed vlan 1,10,179-202,1002-1005

need to do this on both the swithes to get these errors away.

cannone78 · ‎06-04-2008

I have no other port between the 2 switches.

I have other trunk port towards other switch with native vlan 1.

Anyway, if it's a normal behaviour to see a mismatch vlan also on access port...i'm obliged disabling cdp on that port.

Unfortunatly I can't configure the same vlan between them.

Best regards

Gianluca

Pravin Phadte · ‎06-04-2008

As per my knowledge cisco says that this happens only when there is a native vlan mistatch.

i have seen these errors on many swithes and dint not find problems most of the time.

There was once a problem which i faced with these errors when the cpu utilization of the swithes turned on to be high and after adding the vlans they were normal.

I gues there should be no problem if its not effcting any network.

I would also suggest to wait for more resopnce on this.

Regards,

pravin

Edison Ortiz · ‎06-05-2008

CDP will complain on the mismatch (normal behavior) but traffic should flow as expected.

If the error message bothers you enough, you can disable CDP.

HTH,

__

Edison.

Ryan Carretta · ‎06-05-2008

You should fix this unless it's an intended configuration and you know what you're doing mismatching vlans. The error message is there for a reason. It's not a good fix to just disable CDP to stop the message from getting printed.

CDP is complaining because you are potentially bridging two vlans together into a single broadcast domain. For example, if you transmit an untagged broadcast in vlan 5, and the directly connected switch receives that packet in vlan 10, it will flood the packet in vlan 10. If there are two points of bridging between vlans, you will create a spanning-tree loop, since vlans 5 and 10 will not participate in STP with one another.

cannone78 · ‎06-05-2008

Thabks a lot for your support.

no problem about spanning-tree since as you can see in my configuration I have filtered bpdu on both switch (I've also configured bpduguard..). I can't use the same vlan since on 3400 side the vlan is a VLAN of a MAN network of a service provider; on 3750 is a customer VLAN that can't be changed.

Gianluca