Solved: How to Resolve Native Vlan Mismatch?

davidhuynh5 · ‎02-09-2009

Access switch (3550) is connected to Distribution switch (4506). I DO NOT want the access switch to have a trunk connection into the Distribution switch since only users in Vlan 3 will be on the access switch. Here's my configuration on the

access switch:

Interface Fa0/24

Description Uplink to Distro

switchport

speed 100

duplex full

Here's the configuration on the distribution switch:

Interface Fa0/1

Description Uplink to Access

switchport

switch access vlan 9

speed 100

duplex full

How can I resolve the native Vlan mismatch in my log? If I put all ports on the access switch into Vlan 3 do I have to enable trunking since it's passing both Vlan 1 and 3? Thanks in advance.

glen.grant · ‎02-09-2009

You say vlan 3 I assume you mean vlan 9 . The only way to fix it is make sure both sides are in vlan 9 , the dist. switch interface says vlan 9. Instead of having all the access ports in vlan 1 you will have to create the layer 2 vlan 9 on the 3550 then put all your ports into vlan 9 , this will get rid of the message . If your 3550 management address is in vlan 1 now then you have to change your SVI to vlan 9 also instead of vlan 1 .

3550

conf t

vlan 9

interface range f0/1 - 24

switchport access vlan 9

int vlan 9

ip address

View solution in original post

justbailey · ‎02-10-2009

David,

Put the access and distribution switchport into "switchport access vlan 3" as Glen suggests. This will eliminate any confusion with vlan 1 and your error messages will go away.

View solution in original post

Leo Laohoo · ‎02-09-2009

How about you remove the native VLAN statement or you can disable the error message from the interface where it's coming from?

int

no logging event trunk-status

davidhuynh5 · ‎02-09-2009

Yes, I have done that. Also, I can disable cdp which will prevent the message from showing up in my log. However, I want to fix the problem, not hide it.

If I understand correctly when I get that msg, my user vlan 3 information is bleeding over to the native vlan.

glen.grant · ‎02-09-2009

You say vlan 3 I assume you mean vlan 9 . The only way to fix it is make sure both sides are in vlan 9 , the dist. switch interface says vlan 9. Instead of having all the access ports in vlan 1 you will have to create the layer 2 vlan 9 on the 3550 then put all your ports into vlan 9 , this will get rid of the message . If your 3550 management address is in vlan 1 now then you have to change your SVI to vlan 9 also instead of vlan 1 .

3550

conf t

vlan 9

interface range f0/1 - 24

switchport access vlan 9

int vlan 9

ip address

davidhuynh5 · ‎02-09-2009

Sorry, I meant vlan 3. With your suggestion I can still keep the connect as an "access" connection even though its passing Vlan 1 and Vlan 9?

babatunde_sanda · ‎02-09-2009

My Friend,

Native vlan mismatch will always occur because these two switches are acting independently but yet connected. From your explanation this Vlan 3 is still part of your network. For traffic for that VLAN to be carried, the connecting ports must be in trunk mode. VLAN 1 which is the native VLAN by default will always be carried. Now for you to know where the native vlan mismatch is; go to both switches. Professionally I say your distribution switch will have the superior configurations.

Do a â€œshow interface (interface number) switchportâ€ on both switches.

Access switch

Sho Interface Fa0/24 switchport

Distribution switch

Sho Interface Fa0/1 switchport

From your output look for what the switch is reporting as the native vlan (You can do this on the interfaces connecting both switches. If you already know what your native vlan is then skip all this steps.

For you to specify the native vlan, connecting ports have to be in trunk mode.

Access Switch

Interface Fa0/24

Switchport mode trunk

Switchport trunk native vlan (your discovered native vlan number)

This configuration will only be needed on your access switch. Make sure your access switch revision number is lower than the distribution switch before you make this change if they are in the same vtp domain (If you don't you can wipe out your entire vlan on your network).

justbailey · ‎02-10-2009

David,

Put the access and distribution switchport into "switchport access vlan 3" as Glen suggests. This will eliminate any confusion with vlan 1 and your error messages will go away.

davidhuynh5 · ‎02-10-2009

Thank you.

kunalthakkar · ‎02-10-2009

I agree with babatunde_sanda's recommendation. One more thing I infer from your post is that you want to avoid configuring trunk between the Access and Distribution layer switches because the Access Layer switch will only use one VLAN (vlan 3). Well, you can use the 'allowed vlan' command to specify which VLANs you want to allow thru the trunks.

For example you can do following on the access switch:

switchport trunk native vlan 3

switchport trunk allowed vlan 1,3

[assuming the disto switch has vlan 3 as its native vlan for the corresponding port]