How to Resolve Native Vlan Mismatch?

Answered Question
Feb 9th, 2009
User Badges:

Access switch (3550) is connected to Distribution switch (4506). I DO NOT want the access switch to have a trunk connection into the Distribution switch since only users in Vlan 3 will be on the access switch. Here's my configuration on the

access switch:

Interface Fa0/24

Description Uplink to Distro

switchport

speed 100

duplex full


Here's the configuration on the distribution switch:

Interface Fa0/1

Description Uplink to Access

switchport

switch access vlan 9

speed 100

duplex full


How can I resolve the native Vlan mismatch in my log? If I put all ports on the access switch into Vlan 3 do I have to enable trunking since it's passing both Vlan 1 and 3? Thanks in advance.



Correct Answer by justbailey about 8 years 4 months ago

David,


Put the access and distribution switchport into "switchport access vlan 3" as Glen suggests. This will eliminate any confusion with vlan 1 and your error messages will go away.

Correct Answer by glen.grant about 8 years 4 months ago

You say vlan 3 I assume you mean vlan 9 . The only way to fix it is make sure both sides are in vlan 9 , the dist. switch interface says vlan 9. Instead of having all the access ports in vlan 1 you will have to create the layer 2 vlan 9 on the 3550 then put all your ports into vlan 9 , this will get rid of the message . If your 3550 management address is in vlan 1 now then you have to change your SVI to vlan 9 also instead of vlan 1 .


3550

conf t

vlan 9


interface range f0/1 - 24

switchport access vlan 9


int vlan 9

ip address

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Leo Laohoo Mon, 02/09/2009 - 17:34
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

How about you remove the native VLAN statement or you can disable the error message from the interface where it's coming from?


int

no logging event trunk-status

davidhuynh5 Mon, 02/09/2009 - 17:49
User Badges:

Yes, I have done that. Also, I can disable cdp which will prevent the message from showing up in my log. However, I want to fix the problem, not hide it.

If I understand correctly when I get that msg, my user vlan 3 information is bleeding over to the native vlan.

Correct Answer
glen.grant Mon, 02/09/2009 - 18:19
User Badges:
  • Purple, 4500 points or more

You say vlan 3 I assume you mean vlan 9 . The only way to fix it is make sure both sides are in vlan 9 , the dist. switch interface says vlan 9. Instead of having all the access ports in vlan 1 you will have to create the layer 2 vlan 9 on the 3550 then put all your ports into vlan 9 , this will get rid of the message . If your 3550 management address is in vlan 1 now then you have to change your SVI to vlan 9 also instead of vlan 1 .


3550

conf t

vlan 9


interface range f0/1 - 24

switchport access vlan 9


int vlan 9

ip address

davidhuynh5 Mon, 02/09/2009 - 18:51
User Badges:

Sorry, I meant vlan 3. With your suggestion I can still keep the connect as an "access" connection even though its passing Vlan 1 and Vlan 9?

babatunde_sanda Mon, 02/09/2009 - 19:42
User Badges:
  • Bronze, 100 points or more

My Friend,

Native vlan mismatch will always occur because these two switches are acting independently but yet connected. From your explanation this Vlan 3 is still part of your network. For traffic for that VLAN to be carried, the connecting ports must be in trunk mode. VLAN 1 which is the native VLAN by default will always be carried. Now for you to know where the native vlan mismatch is; go to both switches. Professionally I say your distribution switch will have the superior configurations.


Do a “show interface (interface number) switchport” on both switches.


Access switch

Sho Interface Fa0/24 switchport


Distribution switch


Sho Interface Fa0/1 switchport




From your output look for what the switch is reporting as the native vlan (You can do this on the interfaces connecting both switches. If you already know what your native vlan is then skip all this steps.


For you to specify the native vlan, connecting ports have to be in trunk mode.


Access Switch

Interface Fa0/24

Switchport mode trunk

Switchport trunk native vlan (your discovered native vlan number)


This configuration will only be needed on your access switch. Make sure your access switch revision number is lower than the distribution switch before you make this change if they are in the same vtp domain (If you don't you can wipe out your entire vlan on your network).


Correct Answer
justbailey Tue, 02/10/2009 - 08:23
User Badges:

David,


Put the access and distribution switchport into "switchport access vlan 3" as Glen suggests. This will eliminate any confusion with vlan 1 and your error messages will go away.

kunalthakkar Tue, 02/10/2009 - 05:17
User Badges:

I agree with babatunde_sanda's recommendation. One more thing I infer from your post is that you want to avoid configuring trunk between the Access and Distribution layer switches because the Access Layer switch will only use one VLAN (vlan 3). Well, you can use the 'allowed vlan' command to specify which VLANs you want to allow thru the trunks.


For example you can do following on the access switch:


switchport trunk native vlan 3

switchport trunk allowed vlan 1,3


[assuming the disto switch has vlan 3 as its native vlan for the corresponding port]


Actions

This Discussion