Switch Port Access

Answered Question
Jun 25th, 2010

Hi

Please refer the below Senario ,

Switch 1 ------ Switchport mode access ----- Switch 2

    |                                                                |

    |                                                                |

PC1 in VLAN 2                                             PC 2 in VLAN3

In this senario you ca see that PC 1 is configured in VLAN 2 & PC 2 is configured in VLAN3 & the cable that connect between Switch 1 & Switch 2 is configured as a Access Port.

Then can PC 1 communicate with PC 2 if they are in different VLAN.

If No then Why ?

Regards

Chetan Kumar

I have this problem too.
0 votes
Correct Answer by Edison Ortiz about 6 years 5 months ago

With Cisco switches, you will receive Vlan mismatch messages with CDP but your design will work.

Theory put on practice:

Rack1SW2#sh ver | i IOS
Cisco IOS Software, C3560E Software (C3560E-UNIVERSALK9-M), Version 12.2(44)SE6, RELEASE SOFTWARE (fc1)

Rack1SW1#sh ver | i IOS
Cisco IOS Software, C3560E Software (C3560E-UNIVERSALK9-M), Version 12.2(44)SE6, RELEASE SOFTWARE (fc1)

On Switch 1

interface GigabitEthernet0/15
switchport access vlan 112
  switchport mode access

interface Vlan112
ip address 1.1.1.1 255.255.255.0

On Switch 2

interface GigabitEthernet0/15
switchport access vlan 122
switchport mode access

interface Vlan122
ip address 1.1.1.2 255.255.255.0

Rack1SW2#ping 1.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms
Rack1SW2#
Rack7Pod1>1
[Resuming connection 1 to sw1 ... ]

*Mar  9 17:47:11.859: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet0/15 (112), with Rack1SW2 GigabitEthernet0/15 (122).
Rack1SW1#ping 1.1.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/8 ms
Rack1SW1#

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
John Blakley Fri, 06/25/2010 - 12:11

I would say YES. Here's why.

If you have  a port on the edge (switch 1) configured as an access port, that  automatically means that the traffic coming through that port is now  untagged. It's native VLAN is now 2 on that port. When you put the  uplink that connects to switch 2 as an access port on both ends, you've  configured those as untagged as well, and the same thing goes for PC2 as  an access port.

The only thing is that both computers would have to be on  the same subnet. If they're on different subnets, then you'd need a  router in between to route the vlans.

Although, I'd need to test this

*** Edit *** I tested this in GNS, and I can't get it to work. In theory it should work, but best practice anyway would be to have your switch interconnected links as trunk ports.

HTH,

John

.

Chetan Kumar Ress Fri, 06/25/2010 - 13:07

Hi

As per theroy it should work , But to get result we should test the same on praticle devices.

But Thanks for you reply.

Regards

Chetan Kumar

Correct Answer
Edison Ortiz Fri, 06/25/2010 - 14:21

With Cisco switches, you will receive Vlan mismatch messages with CDP but your design will work.

Theory put on practice:

Rack1SW2#sh ver | i IOS
Cisco IOS Software, C3560E Software (C3560E-UNIVERSALK9-M), Version 12.2(44)SE6, RELEASE SOFTWARE (fc1)

Rack1SW1#sh ver | i IOS
Cisco IOS Software, C3560E Software (C3560E-UNIVERSALK9-M), Version 12.2(44)SE6, RELEASE SOFTWARE (fc1)

On Switch 1

interface GigabitEthernet0/15
switchport access vlan 112
  switchport mode access

interface Vlan112
ip address 1.1.1.1 255.255.255.0

On Switch 2

interface GigabitEthernet0/15
switchport access vlan 122
switchport mode access

interface Vlan122
ip address 1.1.1.2 255.255.255.0

Rack1SW2#ping 1.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms
Rack1SW2#
Rack7Pod1>1
[Resuming connection 1 to sw1 ... ]

*Mar  9 17:47:11.859: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet0/15 (112), with Rack1SW2 GigabitEthernet0/15 (122).
Rack1SW1#ping 1.1.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/8 ms
Rack1SW1#

Chetan Kumar Ress Mon, 06/28/2010 - 07:18

Hi  Edison

Thanks for you an helpful explanation & sharing the praticle result.

So i was thinking correct , If i configured access port between both switches then it won't see the vlan tag ,Ir work with Broadcast mode.

Different VLAN can communicate in mention senario.

Regards

Chetan Kumar

Actions

This Discussion