Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1719
Views
5
Helpful
3
Replies

access vlan-trunk allowed vlan

yatisspor
Level 1
Level 1

‎07-26-2009 02:55 AM - edited ‎03-06-2019 06:56 AM

Hello;

Imagine a LAN contains backbone and access switches. What is the difference between using "switchport access vlan X" and "switchport trunk allowed vlan X" on bockbone switch?

And is the config below works?

interface gig a/b

switchport

switchport access vlan X

switchport trunk encapsulation dot1q

switchport trunk allowed vlan X,Y,Z

switchport mode trunk

Labels:
0 Helpful
3 Replies 3

Peter Paluch
Cisco Employee
Cisco Employee

‎07-26-2009 03:14 AM

Hello,

Actually, the commands can not be compared because they will never be both in effect.

The command "switchport access vlan X" is in effect only if the port is in access mode (i.e. by issuing the "switchport mode access" command). If the port is in trunking mode, the command does not have any effect.

Your configuration example works but the command "switchport access vlan X" is ignored in your configuration because you have put the interface in trunking mode with 802.1Q frame tagging. On this trunk, only frames from VLANs X, Y and Z will be transmitted and received, all other will be dropped.

As a rule, commands starting with words "switchport access" have effect only if the port is in access mode. Similarly, commands starting with words "switchport trunk" are effective only if the port is in trunking mode.

Best regards,

Peter

0 Helpful

yatisspor
Level 1
Level 1
In response to Peter Paluch

‎08-02-2009 07:40 AM

let me change my question. What is the difference between following configs?

config1:

interface gig 1/5

switchport

switchport access vlan 100

switchport mode access

config2:

interface gig 1/5

switchport

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 100

switchport mode trunk

This config is on backbone. and the interface gig1/5 is connnected to an access layer switch.

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to yatisspor

‎08-02-2009 12:54 PM

Hello,

The first configuration sets the port gi1/5 to static access mode and assigns it to the VLAN 100. This port send and accepts untagged frames only.

The second configuration sets the port gi1/5 to a trunk mode. By subsequent configuration, this trunk is limited to transporting the VLAN 100 only. So far, its apparent function is very similar to the first configuration. However, the frames sent and received on this port will be 802.1Q tagged. If an untagged frame is received, it is assigned to the native VLAN, which is VLAN1 by default.

There is a principial difference between an acess port and a trunk port, even if configured in such a way that both allow only a single VLAN to flow through it. An access port shall connect devices that belong to a single VLAN only, like PCs, printers, servers and so on. A trunk port shall connect to other switches or routers that are capable of transmitting frames of multiple VLANs through a single physical link. In order to distinguish between frames from different VLANs, each frame has to be tagged by its VLAN number. In essence, a trunk link is a multiplexed link and should interconnect devices that are capable of doing such multiplexing and demultiplexing and where it makes sense.

I am not sure if this tackles the point for you. Please ask further.

Best regards,

Peter

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card