Solved: Thank you Akash for the

bwagner48 · ‎09-17-2014

Hello-

I am looking to clarify a point of confusion for myself regrading connecting an access port to a trunk port. Consider the following switchport config on switch1:

Switch#1

interface GigabitEthernet0/5
switchport
switchport access vlan 6

....and the corresponding config on it's neighbor:

Switch#2

Interface GigabitEthernet10/8

switchport

switchport mode trunk

switchport trunk allowed vlan 1,6,100

My first question is- Is this a valid configuration? Secondly, what would the expected results be? I am curious about what vlans would be allowed to pass through..

Thanks in advance-

Brian

Akash Agrawal · ‎09-17-2014

Hi,

Sorry i read your question wrongly. I thought you are changing access port to trunk port, but actually you are connecting an access port to a trunk port.

In this setup, vlan6 of SW1 will be connected to vlan 1 of SW2.

Reason : When SW1 will forward traffic of vlan 6 on access port, it will be untagged traffic and SW2 will consider this traffic coming on native vlan which is bydefault vlan1. similarly reverse way. Now SW2 can forward traffic for vlan 1,6, and 100 but for vlan 6 and 100 traffic will be tagged and sw1 will not accept. But for vlan1 , sw2 will pass untagged traffic even on trunk port since this is native vlan for trunk port and sw1 will forward it further on vlan 6.

Regards,

Akash

View solution in original post

InayathUlla Sharieff · ‎09-17-2014

Hi Brian,

Any port by default will be in dynamic desirable mode or dynamic auto based on the different hardware models.

In any case it would try to become a trunk if the other end desires to become a trunk.

In your case you have not specified that your port will be access. You have just mentioned that the access vlan for your port will be vlan 6.

To make the port an access port you need to give the command “switch port mode access”

So two things here:

1. Switchport mode access---- makes the switcport to behave like an access port.

2. Switchport access vlan 6---- makes the switch port part of vlan 6

The first command is very important. The second command is not required. Even if there is no command it will default to default vlan 1.

Example;

Sw1----F0/1-----F0/1---SW2

!
interface FastEthernet0/1
!

Switch#sh int trunk
>.No output as the ports doesnt have any config.
Switch#

2)
Sw1----F0/1-----F0/1---SW2
I will configure the trunk port only on Sw1 ports.

SW1:
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!

SW2:
!
interface FastEthernet0/1>>>> no config on this port.
!

Result:
========

Switch1 & 2

#sh int tr
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/1 1-1005

Port Vlans allowed and active in management domain
Fa0/1 1

Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1

HTH

Inayath

View solution in original post

Akash Agrawal · ‎09-17-2014

Hi Brian,

Yes this is correct configuration and vlan 1,6 and 100 would be pass through. Are you seeing different result?

Regrds,

Akash

bwagner48 · ‎09-17-2014

thank you for the feedback Akash, I have not labbed this up, was just curious on the concept more than anything.

Akash Agrawal · ‎09-17-2014

Hi,

Sorry i read your question wrongly. I thought you are changing access port to trunk port, but actually you are connecting an access port to a trunk port.

In this setup, vlan6 of SW1 will be connected to vlan 1 of SW2.

Reason : When SW1 will forward traffic of vlan 6 on access port, it will be untagged traffic and SW2 will consider this traffic coming on native vlan which is bydefault vlan1. similarly reverse way. Now SW2 can forward traffic for vlan 1,6, and 100 but for vlan 6 and 100 traffic will be tagged and sw1 will not accept. But for vlan1 , sw2 will pass untagged traffic even on trunk port since this is native vlan for trunk port and sw1 will forward it further on vlan 6.

Regards,

Akash

bwagner48 · ‎09-17-2014

Thank you Akash for the explanation, that answered my questions.

Brian

InayathUlla Sharieff · ‎09-17-2014

This would work fine but not recommended.

Also the traffic between the switches would be only Native Vlan and vlan 6 will pass through.

SW1-----F0/1----------f0/1----SW2

SW1#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 auto n-802.1q trunking 1

Port Vlans allowed on trunk
Fa0/1 1-1005

Port Vlans allowed and active in management domain
Fa0/1 1,6

Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,6
SW1#

SW2

SW2#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/1 1,6,100

Port Vlans allowed and active in management domain
Fa0/1 1,6,100

Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,6,100
SW2#

2) Part of this config is that any vlans which are been configured under the SW1 would be allowed through that access port.

ex:

SW1#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 auto n-802.1q trunking 1

Port Vlans allowed on trunk
Fa0/1 1-1005

Port Vlans allowed and active in management domain
Fa0/1 1,6,10,20,30,40,50,60,70,80,90,100

Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,6,10,20,30,40,50,60,70,80,90,100 ...>>>>>>>>>>all vlans are allowed here.

b)

Were as on Switch 2 if you create all these vlans and u dont allow that to go through the trunk interface which you have configured those vlans would nt be flowing through.

eg;

SW2#sh int tr
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/1 1,6,100

Port Vlans allowed and active in management domain
Fa0/1 1,6,100

Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,6,100>>>>>>>>>>>>>>>.Only 3 vlans would be flowing through due to explicit defined. but if you defined allowed all then all vlans would be shown here.

i created all the vlans above on sw2 but you can see only 3 vlans are allowd as you have explicitly defined it.

Hope this clarifies your query.

Regards

Inayath

*************Plz dont forget to rate posts***********

bwagner48 · ‎09-17-2014

Inayath-

Thank you for labbing this up and providing results. One question I have before rating the post is how is it that you are seeing fa0/1 on Switch#1 with the "show int trunk" command, when it is configured as an access port? or is it? In my example, the switch#1 port is an access port.

Thanks-

Brian

InayathUlla Sharieff · ‎09-17-2014

Hi Brian,

Any port by default will be in dynamic desirable mode or dynamic auto based on the different hardware models.

In any case it would try to become a trunk if the other end desires to become a trunk.

In your case you have not specified that your port will be access. You have just mentioned that the access vlan for your port will be vlan 6.

To make the port an access port you need to give the command “switch port mode access”

So two things here:

1. Switchport mode access---- makes the switcport to behave like an access port.

2. Switchport access vlan 6---- makes the switch port part of vlan 6

The first command is very important. The second command is not required. Even if there is no command it will default to default vlan 1.

Example;

Sw1----F0/1-----F0/1---SW2

!
interface FastEthernet0/1
!

Switch#sh int trunk
>.No output as the ports doesnt have any config.
Switch#

2)
Sw1----F0/1-----F0/1---SW2
I will configure the trunk port only on Sw1 ports.

SW1:
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!

SW2:
!
interface FastEthernet0/1>>>> no config on this port.
!

Result:
========

Switch1 & 2

#sh int tr
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/1 1-1005

Port Vlans allowed and active in management domain
Fa0/1 1

Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1

HTH

Inayath

Access to trunk port clarification