11 Replies Latest reply: Jan 26, 2011 5:34 AM by Shir ZAMAN RSS

    VLAN Trunking Configuration

    Steven Williams

      I know alot of these seem like stupid questions, but I am trying to figure out right from wrong.

       

      The books shows Vlan Trunk Configuration like so:

       

      Switch(config)# interface (port)

      Switch(config)# switchport

      Switch(config)# switchport trunk encapsulation (isl, dot1q, negotiate)

      Switch(config)# switchport trunk native vlan (vlan-id)

      Switch(config)# switchport trunk allowed vlan (vlan-list, all, etc..)

      Switch(config)# switchport mode (trunk, etc...)

       

      That seems longer than the way I configure trunk ports. Obviously this must be being done on a switch that supports isl, like a 3550. So that I get, but why do you need to configure the native vlan? Isnt the native vlan 1? Shouldnt it know that?

       

      Also why must the "switchport" command be done first? I always just run "switchport mode trunk" on my 2950's. It only supports 802.1q, of course, but I do not define the other lines.

        • 1. Re: VLAN Trunking Configuration
          Michael Law

          Hollywood, I feel your pain on this. When I first started studying for the BCMSN (SWITCH) exam, I had to learn how to do basic setup on 3550/3560 just like your example and it confused me. I'm not sure why (or if your HAVE to) type switchport first. But, I can say that the encapsulation type is needed on the layer 3 switches and not on the 2950s you probably used for the CCNA. This is because the 2950 switches don't support ISL, only 802.1Q. Therefore, you can type that command on a 2950, but since it's the default encapsulation type, it won't appear on the show running-config output. It would appear that the 3550 requires the specification prior to officially placing the switchport into permanent trunking mode.

           

          It is wise to always specify the native vlan. You may not always be working with Cisco devices that support CDP to report you have a native VLAN mismatch. I agree that it's pointless when both switches default to vlan 1, you would need to configure it. I don't remember having to specify it every time though. Same goes with the "... vlan allow" command.

           

          There are probably some more experienced people who can reveal why a layer 3 device needs more specifics in configuring a switchport.

           

          Mike

          • 2. Re: VLAN Trunking Configuration
            tnewshott

            Let me try to answer these in order.....

             

             

            Switch(config)# switchport

            This would be used on Layer 3 switches to specify it as a switchport as opposed to a routed port.

             

            Switch(config)# switchport trunk encapsulation (isl, dot1q, negotiate)

            Used on switches that support more than just dot1q.  Required before you can setup any other trunk settings.

             

            Switch(config)# switchport trunk native vlan (vlan-id)

            Often times you may want to change the native VLAN if you are not running statically defined trunks. When running dynamic trunks you need to specify a VLAN that it will default back to when it reverts to access mode.

             

            Switch(config)# switchport trunk allowed vlan (vlan-list, all, etc..)

            Not required unless you are pruning the VLAN traffic.  I recommend pruning whenever possible - no reason to use the bandwidth otherwise. Also trims down STP time on the VLANs that get massive pruned.

             

            Switch(config)# switchport mode (trunk, etc...)

            Can set it to static trunk, dynamic trunk, etc.

            • 3. Re: VLAN Trunking Configuration
              Michael Law

              Oh that's right!! I forgot that switchport command sets it into layer 2 because if you issue the "no switchport" command, you are configuring a routed port. Dusting off the spider webs...

               

              Thanks,

               

              Mike

              • 4. Re: VLAN Trunking Configuration
                Steven Williams

                Makes sense, but what if in a rare situation the layer 3 device has been enabled to route. ie. No "ip routing" command has been set.

                • 5. Re: VLAN Trunking Configuration
                  Michael Law

                  The it will simply not forward information between or from SVIs and routed ports to any destination. The switchport commands can remain but any inter-vlan traffic will cease.

                  • 6. Re: VLAN Trunking Configuration
                    Steven Williams

                    Yup I understand that, but would the single line switchport command be needed then?

                    • 7. Re: VLAN Trunking Configuration
                      Michael Law

                      The single line 'switchport' command is simply telling the switch that this port will be layer 2. That means it can exist as a trunk or access port just like a traditional switch. The 'no switchport' command is exclusive to layer 3+ devices and will make the port routed. Routed means that you can now add an IP address and it will add a network into the IP routing table. Therefore, the routed  port no longer belongs to any VLAN because it has an IP address. Also no STP operations will exist on it anymore.

                       

                      Mike

                      • 8. Re: VLAN Trunking Configuration
                        Steven Williams

                        Ok I am sorry, but maybe I am not asking the right questions. The command "ip routing" buts a 3550 into a layer 3 mode essentially correct? So if I have not enabled routing with that command, the default functionality of the switch should be layer 2 correct? So if the switch is in layer 2 mode, I should have to enter the single line command of "switchport". What is the default function of a port on a 3550 layer 3 or layer 2? The only reason I would need to enter the single line command of "switchport" is if the port is functioning at layer 3. Then if I wanted that port to go back to working like a layer 3 port I would enter "no switchport". I hope this clears up the way i am thinking and why I am confused.

                        • 9. Re: VLAN Trunking Configuration
                          Michael Law

                          Not a problem.

                           

                          Think about the 'ip routing' and 'switchport' as two seperate entities in the layer 3 switch. The layer 3 switch by default, has all ports placed in layer 2 mode and 1 VLAN setup (which is also the native vlan). This is the traditional mode of a layer 2 switch also. I do believe the layer 3 switch also has IP routing turned on by default but if no SVIs or routed ports have been enabled, the IP routing process sits idle. If certain models don't have it turned on by default, then one can easily flip on IP routing with the 'ip routing' command.

                           

                          If the layer 3 switch is left to its defaults, and you issue a 'show ip route' command you will see no entries in the IP routing table. This is similar to a router that has no interfaces enabled or configured. The layer 3 switch has two ways that IP addresses can be configured. The first way is to enable an IP address on the interface directly. This is achieved with the 'no switchport' command followed by the 'ip address x.x.x.x' command. This way is directly similar to a routed port on a router. The second way is to set an IP address to a virtual port called a 'switched virtual interface'. You dealt with SVIs in the CCNA when you created a management vlan interface on a layer 2 switch. Layer 2 switches are only capable of 1 SVI. Layer 3 switches are capable of many SVIs. Once SVIs and routed ports have been enabled and configured, you will start to see networks populate the IP routing table.

                           

                          When IP routing is turned on, the layer 3 switch can forward information between SVIs and routed ports just like a router. When it is not turned on, data will never leave its VLAN or be routed.

                           

                          If you wish for a port to be in layer 2 mode, 'switchport' needs to be enabled.

                          If you wish for a port to be in layer 3 mode, 'switchport needs to be disabled.

                           

                          I hope that clears some things up. If you doesn't, keep asking.

                           

                          Mike

                          • 10. Re: VLAN Trunking Configuration
                            Michael Law

                            Here is a definitive answer for layer 3 switches: https://learningnetwork.cisco.com/thread/15264?tstart=0

                             

                            Mike

                            • 11. Re: VLAN Trunking Configuration
                              Shir ZAMAN

                              On 2950 use "switchport mode trunk"

                               

                              And then verify it by "show interface fastethernet x/x switchport. This way you will see your Interface is trunked and used 802.1q encapsulation by default.