WLC TrunkPortA B1 1, 2, 3 -> will work if wlc has ip address of vlan 12 1, 2, 3 -> will work if wlc has ip address of vlan 23 1, 2, 3 -> will work if wlc has ip address of vlan 30 '1' , 2 , 3 -> will work provided wlc has ip address of vlan 1, else not0 1 , '2', 3 -> will work provided wlc has ip address of vlan 2, else not0 1 , 2 , '3' -> will work provided wlc has ip address of vlan 3, else not0 '1' , 2 , 3 -> will !work if wlc has ip address of vlan 2 or 30 1 , '2', 3 -> will !work if wlc has ip address of vlan 1 or 30 1 , 2 , '3' -> will !work if wlc has ip address of vlan 1 or 2
Types of ports
trunk (native keyword)
access (native keyword not reqd)
1= say, out of vlan X,Y and Z, if vlan Y has been marked as 'native', that means
if any untagged frame (a frame without a tag for a vlan) will arrive, the data of that frame will be sent to the vlan Y
2= if any untagged frame (a frame without a tag for a vlan) will arrive, the data of that frame will be sent to the access port
Please note that the concept of nativity is , port-specific.
We can have two ports native to their respective vlans, even though both ports could belong to the same switch!
Significance of Native VLAN When you use an IEEE 802.1Q trunk port, all frames are tagged except those on the VLAN configured as the "native VLAN" for the port. Frames on the native VLAN are always transmitted untagged and are normally received untagged. Therefore, when an AP is connected to the switchport, the native VLAN configured on the AP must match the native VLAN configured on the switchport.
Note: If there is a mismatch in the native VLANs, the frames are dropped.
This scenario is better explained with an example. If the native VLAN on the switchport is configured as VLAN 12 and on the AP, the native VLAN is configured as VLAN 1, then when the AP sends a frame on its native VLAN to the switch, the switch considers the frame as belonging to VLAN 12 since the frames from the native VLAN of the AP are untagged. This causes confusion in the network and results in connectivity problems. The same happens when the switchport forwards a frame from its native VLAN to the AP.
The configuration of native VLAN becomes even more important when you have a Repeater AP setup in your wireless network. You cannot configure multiple VLANs on the Repeater APs. Repeater APs support only the native VLAN. Therefore, the native VLAN configuration on the root AP, the switch port to which the AP is connected, and the Repeater AP, must be the same. Otherwise traffic through the switch does not pass to and from the Repeater AP.
An example for the scenario where the mismatch in the Repeater AP's native VLAN configuration can create problems is when there is a DHCP server behind the switch to which the root AP is connected. In this case the clients associated with the Repeater AP do not receive an IP address from the DHCP server because the frames (DHCP requests in our case) from the Repeater AP's native VLAN (which is not the same as root AP and the switch) are dropped.
Also, when you configure the switch port, ensure that all the VLANs that are configured on the APs are allowed on the switchport. For example, if VLANs 6, 7, and 8 exist on the AP (Wireless Network) the VLANs have to be allowed on the switchport. This can be done using this command in the switch:
Note: Allowing all VLANs on the AP can also become a problem in some cases, specifically if it is a large network. This can result in high CPU utilization on the APs. Prune the VLANs at the switch so that only the VLAN traffic that the AP is interested in passes through the AP to avoid high CPU.