Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Switch < > Switch trunk

Concept question.  In theory, if you have a daisy chained switch with a trunk inbetween where one end has allowed vlans specificed, the other end does not. WIll the VLAN traffic pass without fail?  Is that essentially allowing all VLANS both ways?

IE:

SwitchA:

interface GigabitEthernet2/0/2

switchport trunk encapsulation dot1q
switchport trunk native vlan 910
switchport mode trunk
switchport nonegotiate

SwitchB:

interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 910
switchport trunk allowed vlan 55,66,99,145
switchport mode trunk
switchport nonegotiate

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: Switch < > Switch trunk

dpatten78 wrote:

Concept question.  In theory, if you have a daisy chained switch with a trunk inbetween where one end has allowed vlans specificed, the other end does not. WIll the VLAN traffic pass without fail?  Is that essentially allowing all VLANS both ways?

IE:

SwitchA:

interface GigabitEthernet2/0/2

switchport trunk encapsulation dot1q
switchport trunk native vlan 910
switchport mode trunk
switchport nonegotiate

SwitchB:

interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 910
switchport trunk allowed vlan 55,66,99,145
switchport mode trunk
switchport nonegotiate


No it is not allowing all vlans both ways.

From switch A it is allowing all vlans.

From switch B it only allowing the vlans you have listed.

As the listed vlans are a subset of all vlans then traffic should pass correctly.

Jon

3 REPLIES
Hall of Fame Super Blue

Re: Switch < > Switch trunk

dpatten78 wrote:

Concept question.  In theory, if you have a daisy chained switch with a trunk inbetween where one end has allowed vlans specificed, the other end does not. WIll the VLAN traffic pass without fail?  Is that essentially allowing all VLANS both ways?

IE:

SwitchA:

interface GigabitEthernet2/0/2

switchport trunk encapsulation dot1q
switchport trunk native vlan 910
switchport mode trunk
switchport nonegotiate

SwitchB:

interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 910
switchport trunk allowed vlan 55,66,99,145
switchport mode trunk
switchport nonegotiate


No it is not allowing all vlans both ways.

From switch A it is allowing all vlans.

From switch B it only allowing the vlans you have listed.

As the listed vlans are a subset of all vlans then traffic should pass correctly.

Jon

New Member

Re: Switch < > Switch trunk

Thanks again Jon.

Makes sense now.

Re: Switch < > Switch trunk

If the interface configuration you have listed is for the switchports connecting A & B together, this will be the behavior:

Traffic from all vlans enabled on switch A will be allowed and sent down the trunk to switch B because you have no limitation on the allowed vlans. However, the traffic will be dropped on the ingress for switch B for all vlans except for the allowed vlans, 55,66,99,145. This includes any traffic on the native 910 vlan which will also be dropped because it is not allowed. In addition, the only traffic which switch B will send to switch A will be on vlans 55,66,99,145 which are all allowed on switch A and therefor traffic will be allowed to pass on these, but no other vlans.

In almost all cases, it makes sense to have the port configurations match on both sides for a trunk port.

399
Views
10
Helpful
3
Replies
CreatePlease to create content