Question regarding Switchport mode trunk

Hello Guys,

Do we need to configure Switchport mode trunk on both interfaces which connects the 2 switches?

and what is the effect on switchport trunk native vlan and switchport trunk encapsulation dot1q?

Thanks and Regards,
Ramit

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

MrXpert

You can configure switchport mode trunk on both interfaces no problem. This will give you a trunk and the status will be set to "on" when you type "show int trunk"
You can also do switchport mode trunk and have the other end as desirable or auto. Desirable means that the port desires to be a trunk and it will actively look to form a trunk with the remote end provided it is trunk, desirable or auto. If both ends are auto then a trunk will not form. I would recommend using "switchport mode trunk" on both ends of the trunk line and also using "switchport nonegotiate" because this will prevent DTP frames from being sent which is unncessary when they are both unconditionally trunking.

Depending on your switch model number you may also want to set the switchport trunk encapsulation type to ISL or 802.1Q. It must match on both sides of the trunk link 2950 switches are by default only 802.1Q so you won't have the option to change it to anything else.

By typing "switchport trunk native vlan {vlan id}"you are telling the switchport to use that as its vlan number instead of the default one. It should match between the switches otherwise you get a native vlan mismatch error. The native VLAN is understood by DOT1Q but not ISL. Native VLANS are useful if you have hubs in your switched network and you want to use the native vlan so that the hub understands it. A good method to practice this is to use packet tracer and stick a hub with the native vlan set to default 1 and something else. Then also run dhcp and see it allocate IPs to hosts connected to the hub.

halaakajan

Thanks for the reply sir. The model of the switch is 2960-S. So normally we have to use native vlan 1? as that is the default vlan id.

The problem actually i am facing is that i cant ping or telnet into the switch from a different location. I think it is because i dont have a trunk. Ill post the config here.

Sep 5, 2012 2:43 PM (in response to stubinski)Re: Can't Telnet / Ping into the Switch
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname
!
boot-start-marker
boot-end-marker
!
enable secret 5 //
!
!
!
no aaa new-model
clock timezone UTC -7
clock summer-time UTC recurring
switch 1 provision ws-c2960s-48lps-l
!
!
!
!
crypto pki trustpoint TP-self-signed-2647618432
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2647618432
revocation-check none
rsakeypair TP-self-signed-2647618432
!
!
crypto pki certificate chain TP-self-signed-2647618432
certificate self-signed 01
3082023F 308201A8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32363437 36313834 3332301E 170D3933 30333031 30303033
31315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 36343736
31383433 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100AF5E 72C7714A 539523AC AF285F69 2807171F 712053B6 6C52D2D3 45299B71
D565B2E6 88E0BA7A 4A6038A2 4D5A8DD5 9F643DA4 30BE8207 6320B04A 43A4C334
9A5B78FD 9CC72502 512FF73C 28F59B27 22216009 FFBDCFD9 CD87116E B419CEA7
BE90261F 79AE1025 4631A0FC 58A93582 B9F4442E 778EE8A1 07CC58E0 E8D1B56A
96250203 010001A3 67306530 0F060355 1D130101 FF040530 030101FF 30120603
551D1104 0B300982 07537769 7463682E 301F0603 551D2304 18301680 143E281C
5E7DB579 4C54B668 332E6EAA D4EB1B2A 26301D06 03551D0E 04160414 3E281C5E
7DB5794C 54B66833 2E6EAAD4 EB1B2A26 300D0609 2A864886 F70D0101 04050003
818100A2 37D8AD51 1F942D2A DBE67652 DF4909EC 5ED1B747 9D4A6875 3FB1D075
BE6BE55E 0C9F241B C04A36FC 77936F3D 391F28B5 4032CD76 5FEA05FB 79D750DF
25775223 62C0DB95 894D97AD 2BC614F7 1DF9FE8D E5A12DED A62FE8AE 472E56D8
831AF443 4DF2D8C7 129D6164 2DECF455 2CDA3913 59CE1E3D 4318561D 098DC537 2059D7
quit
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0
no ip address
!
interface GigabitEthernet1/0/1
switchport access vlan 200
switchport mode access
switchport voice vlan 300
spanning-tree portfast
!
.............
!
interface GigabitEthernet1/0/47
switchport access vlan 200
switchport mode access
switchport voice vlan 300
spanning-tree portfast
!
interface GigabitEthernet1/0/48
!
interface GigabitEthernet1/0/49
!
interface GigabitEthernet1/0/50
!
interface GigabitEthernet1/0/51
!
interface GigabitEthernet1/0/52
!
interface Vlan1
ip address 10.210.196.2 255.255.255.192
!
ip default-gateway 10.210.196.1
ip http server
ip http secure-server
!
line con 0
password
login
line vty 0 4
password
login
line vty 5 15
password
login

!

lantech

What does the "show interface trunk show" you?

Whether you have to configure trunking depends on the switch. Not all switches default to auto desirable. So before you can trunk you might have to set up the trunking on the switch.

Ch@rl!3m0ng

Also maybe try to set the port and duplex speeds to the same. I know I have had issues where the trunk would not connect due to one of the ports been set to auto auto and the other set to 1000 full. For some reason this caused the ports to flap. Resolved it by setting them both to 1000 Full.

johnifanx98

halaakajan wrote: »

Thanks for the reply sir. The model of the switch is 2960-S. So normally we have to use native vlan 1? as that is the default vlan id.

The problem actually i am facing is that i cant ping or telnet into the switch from a different location. I think it is because i dont have a trunk. Ill post the config here.

It looks like you have not configured non-default VLAN, then the issue could be routing. If so, it should have nothing to do with trunk mode. Try ping from the same subnet, and let us know how it goes. If it works, then check the routing table of your router, "sh ip route"

vishaw1986

Hey Halaa ,

Yes in this case you need a trunk between the two switches because here you using more than one VLAN . And your SVI in VLAN 1 and you are using access mode for VLAN 200 .

YOU can also do one on thing instead of making VLAN 1 as SVI make VLAN 200 as SVI , then you can ping your switch from diff location in above case . Best way is make trunk Link .

Also Native VLAN , are nothing but only the packet in native VLAN moveas untaged packet .

lantech

halaakajan wrote: »

Thanks for the reply sir. The model of the switch is 2960-S.

The default mode of the ports for this particular switch is something you should look up.

MickQ

lantech wrote: »

The default mode of the ports for this particular switch is something you should look up.

The new default seems to be auto, not desirable.

Native vlan is an untagged vlan that's sent along 802.1q trunks. ISL doesn't have native vlans.

It would probably help if you put in a password, also. I don't see any reference to TACACS, local, or other authentication.