I configured vlan 1,2 and 3 on switch cat2960 ios: C2960 Software (C2960-LANBASE-M), Version 12.2(25)SEE2.
I connected the switch f0/1 port configured like a TRUNK 802.1q, to a cisco2610 router with ios : C2600 Software (C2600-IS-M), Version 12.2(40).
I configured Ethernet SUBINTERFACES on router for 802.1q intervlan routing.
E0/0 subinterface on router has vlan 1 NATIVE encapsulation.
I can't ping the switch from router console and viceversa, intervlan routuing does not work.
THE PROBLEM IS THAT ON CAT2960 THE TRUNK HAS THE VLAN1 TAGGED but the router NO.
Switch#sh interfaces f0/1 switchport
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
IS THERE A COMMAND THAT CAN DISABLE "ADMINISTRATIVE NATIVE VLAN TAGGING" on CAT2960 ?
the command that you specify does NON exist on cat2960.
VLAN Config guide (OL-8603-01) for IOS 12.2(25)SEE, pag 12-19 say that native VLAN (default vlan 1) is not tagged on truk interfaces.
It seems me that it's not right.
Have you an idea for removing tagging for native vlan 1 on trunks ?
you might want to post the port configs from the router and the switch . Normally you should not have to mess with the tagging stuff just make sure the native vlan matches on each end of the link .
If you still want to remove the Vlan1 as the native vlan, you can simply create a bogus vlan which does not exist anywhere on the network and set that as the native vlan on the trunk port. This way all the inter-vlan traffic will be tagged towards the router.
Name Bogus Vlan
Int fa 0/1
switchport trunk native vlan 999
On the router side do not use the native keyword on the router side.
But to be very true, I have personally seen a lots of issues when you remove native vlan on a router-on-stick model for inter-vlan routing that you are setting up.
If you have the same native vlan setup on both the sides it should work. Please paste the router and switch config and we will be able to take it further.
On the router, you have
encapsulation dot1Q 1 native
ip address 192.168.1.2 255.255.255.0
Remove the native keyword on the encapsulation, then reset both ports and check the 2960 status again.
If you remove the native keyword on the interface e0/0.1, the original poster will face the native vlan issues as the trunk port will have vlan 1 as the native vlan bydefault.The router will drop the untagged poackets sourced from vlan1 in this case.
I would agree on this if there is a bogus vlan configured on the trunkport as the native vlan instead of the vlan1.
I believe the native tagging is being learned by the router on this case. I was unable to duplicate this behavior when trunking 2 switches. I understand this may cause a disruption of services but I wanted to verify if by removing the native keyword from the router, would the switch behave any differently.
[edit:] never mind, I checked on 3560 switches and the native VLAN tagging is indeed enabled. Very interesting. I don't see this information on the 3500 or 6500 switches ...
Unfortunately You cannot do it on 2960, the command to tag the native vlan on the trunk port is not supported on 2960.The work around that I gave in my earlier post will eventually do the same function but the Native vlan tagging will remain enabled.
I agree with you.
On Cat2960 at the moment I think we can't disable native vlan tagging on trunk ports.
On cisco2610 native vlan 1 tagging is by default, we have just tried this ...
I think like you that a bogus vlan at the moment is the only solution.
I don't like this but it's the only...
Do you think that it could be an IOS bug ?
What is the IOS version running on the 2600 router. If it is later than 12.1.3T then, I think its a bug. This is not an expected behaviour. This behaviour could have been expecetd in the earlier IOS than 12.1.3T.
In earlier IOS " native " keyword was not supported under the sub-interface config.If configured wrong, the router would expect a tag dot1q frame on VLAN1 and the switch is not expecting a tag on VLAN1. As a result, no traffic will pass between VLAN1 on the switch and the router. In these situations always put the configuration for the native VLAN under the main interface and on the trunk create subinterface for all other VLAN.
I think you might be hitting this BUG : CSCds42715
Did you try upgrading the IOS on the router with int the same train. We have only two options here:
Try upgrading the IOS to the latest train
Confiigure the bogus vlan on the trunk port and TAG all the vlans to the router trunk.
Let us know if that works.
You are running 12.2.40 which is a much later release than 12.1.3T.
This looks a bug for me so try upgrading the IOS to the latest one in 12.2 series to 12.2.46 or move to 12.3 train and it should work for you.
Otherwise you can create a bogus vlan on the trunkport to tag all the vlans on the trunkport and it should for you as well.
HTH,Please rate all the posts that helped.
the bug is in cat2960 ios or cisco2610 ios ?
For me it's cat2960 that works wrong !
I think that trunk native vlan tagging "administratively enabled" isn't a good thing.
One would choose if tagging or not the native vlan !
DO you agree
The Bug is on the 2610 router end. Cisco's implemetation for native vlan tagging has been the same over a period of time. Its only Cisco's implementation which uses native vlan on the trunkports, IEEE implementation doesnot use that.I think upgrading the IOS on 2610 should resolve the issue. Try uploading it and update us on this.
HTH,Please rate if it does.
It's first time I work with cat2960...
With cat2950 I never had this problem of native vlan tagging on trunk 802.1q with cisco routers.
I never used the tag for native vlan 1 !!!
Or I never saw that thing or it's new on cat2960.
If cisco switches always tag the native vlan by default, do you mean that the tag is negotiated between switch and router on the other end, and if the router does not tag the vlan 1 so the switch disable vlan 1 tagging.
If the router tags vlan 1 on the switch it's the default behaviour.
But in this case the ROUTER does NOT negotiate tagging with cat2960 switch ?
Is it right ?
I don't know that cisco implementation is not like IEEE standard.
I know that ISL is cisco proprietary trunking but not 802.1q.
Could you explain me better or give me a reference doc ?