cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1526
Views
38
Helpful
22
Replies

Trunk and Access VLAN

ney25
Level 2
Level 2

Hi NetPro,

something new to me, wish netpro can share to me and guide me how to resolve this.

Upstream Switch A- model WS-C3750G-12S-S (version 12.2(35)SE5)

Downstream Switch B - Model WS-C3560-24PS-S ( version 12.2(35)SE5)

vtp domain - jack

vtp mode - transparent.

vtp version - 2

when i configured both switch as trunk and dot1Q. it doesn't work.

so, i tried to change it to access vlan. and it work successful.

i am curious. what wrong with this ?

regards,

jack

22 Replies 22

andrew.prince
Level 10
Level 10

Jack,

OK firstly VTP has nothing to do with trunk configurations, VTP is for VLAN Administration. Just for the record having the VTP mode set to Transparent - means that if the switch recevies a VTP VLAN Change/Deletion/Addition - the switch will ignore it, but pass it on.

Connecting 2 switches together using an access layer port will work, as default. As they are both acting as very intellegent HUBS when you do this.

To get both switched connected via a trunk you must check you config - as it will be wrong.

ALL you need to configure on both switch ports that you want to connect together using as a trunk is the below:-

!

interface <>

switchport trunk encapsulation dot1q

switchport mode trunk

no shut

!

HTH>

Hi andrew,

thanks for your information, yes i agreed with you, but i have tried the configuration which same like yours before i posting to forum, i just feel weird . how come trunk --> trunk doesnt work ? whereby acees vlan --> access vlan work successfully.

thanks.

You should post your config. Did you create the layer 2 vlans ? Verify with show vlan . Trunk config should be like this

conf t

vlan 2

vlan 3

exit

int G1/10

switchport

switchport trunk encapsulation dot1q

switchport trunk native vlan 2

switchport trunk allowed vlan 2,3

switchport mode trunk

Hi Glen,

thanks for your information, yeah i known this configuration, before i posted i have tried these commands as well.

that's why i said i feel something wrong and kind of weird , how come both port set as access vlan and it worked. whereby set to trunk it doesn't work.

i will try to get the switch setting and config and post it .

thanks.

regards,

jack

Can you post the interface config of both the switches you are trying to connect together?

Hi Glen / Andrew.

i found out something pretty weird, for instance:

Switch A - 10.10.10.10 255.255.255.0 VLAN 1

Switch B - 10.10.10.9 255.255.255.0 VLAN 10

now then Switch A - Port 12 (Configured as trunk and dot1Q)

Switch B = Port 24 (configured as trunk and dot1Q)

when i show CDP nei. i can see each other but when come to access and ping .

it is not reachable.

so, from above statement which obviously shown that the VLAN-ID is different.that's why i was unable to reach to each other. so, when i changed the Switch B to VLAN 1. then i can reach to each other.

but, i have just curious i have some other switch which having native vlan-mismatched for months which no problem for pinging / access each other. how this switch totally can not unreachable at all ?

p/s : this 2 switch is peer to peer connecting to each other (Sw A -> Sw B)

your reply will be highly appreciated.

regards,

jack

check your config.

Hi Andrew,

i have wr erase the entire switch.

now this 2 switches are brand new.

i have configured Switch A VLAN 1 - ip address 10.10.10.1 255.255.255.0

and Switch B VLAN 10 - ip add 10.10.10.2 255.255.255.0

and connect this 2 switch from port to port (Port 24 connected to Port 12 as trunk , Dot1Q). but still unable to reach each other. unless i changed the VLAN-ID 1 to VLAN 10 .

thanks.

You can't have the same subnet across two different VLAN's (unless your not routing between the two VLAN's or configuring SVI's) 10.10.10.1/24 and 10.10.10.2/24 are the same subnet. That'll be why it starts to work when you change the VLAN to the same as the other switch. Is the link actually coming up?

sh int fa0/24?

Hi Terryn123,

thanks for your information, let me give you some background first.

the live switch (which done by someone) had configured wrongly, that mean Switch A - Management IP VLAN 1 - 10.10.10.1 255.255.255.0

and the uplink Switch B - Management IP VLAN 10 - 10.10.10.10 255.255.255.0

and both of these switches connected as trunk and it works fine and reachable.

and the model of switch was 3560.

now then, i have another site also got such problem. but this time the uplink switch using 3750. so, similar configuration from the above.

but, somehow this model 3750 doesn't work.

i have wr erase and reconfigured the exactly setting for testing purpose. also doesn't work. unless both trunk port changed to Access VLAN . or Change to the same Management VLAN-ID.

because, i just want to confirm is that the 3750 problem ?

thanks.

Jack,

The 3750 has the same switching/trunking capabilities as 99% of Cisco switches - if it's not working, it's because you are not configuring it right.

Just for testing purposes, as it appears you are not really understanding the concept of VLAN tagging.

Configure 2 VLANs on a switch. Add VLAN 10. So now you will have VLAN 1 and VLAN 10. Configure Fa or Gig 0/1 into vlan 1

interface >

switchport mode access

switchport access vlan 1

Configure the second port into the other vlan

interface >

switchport mode access

switchport access vlan 10

no connect a pc to port 1 and a pc to port 2.

Give the PC's an IP address in the same range but seperate - like:

PC1 - 192.168.1.1 255.255.255.0

PC2 - 192.168.1.2 255.255.255.0

Once the ports are up/up on the switch and the PC's show they are connected try and ping each machine.

Hi Andrew,

i am using packet tracer to simulate the problem which i am facing right now. the output exactly like my live switch environment.

kindly find from attached file.

Jack,

Again I will say it again - it will NOT work, as the SVI (Layer 3 interfaces).

I am not familular with the packet tracer software, so I cannot comment.

If you create vlan68 in switch2 and give it the ip address "ip address 10.76.68.14 255.255.254.0" from vlan 1 and test again.

Hi Andrew,

yes, this will work coz, i have tested all before i posted and looking for advice.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco