Native Vlan Mismatch

waru · May 2008

Hi

I am seeing the following error on a catalyst 3750:

%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet1/0/12 (85), with ldn-the-s01 GigabitEthernet1/0/15 (99

.

Both ports are access ports only so why would they have a native vlan mismatch?

Here are configs for each port:

interface GigabitEthernet1/0/12
description lde0a015 ccm-sub (eth port 1)
switchport access vlan 85
service-policy input LDN-THM-LAN-IN
spanning-tree portfast
spanning-tree bpduguard enable

interface GigabitEthernet1/0/15
switchport access vlan 998
switchport mode access
service-policy input LDN-THM-LAN-IN
spanning-tree portfast
spanning-tree bpduguard enable

Cheers
Waru

EdTheLad · May 2008

An access port only has one vlan,as far as spanning-tree is concerned this is the native vlan of the port.So you have a mismatch between 85 and 998.

waru · May 2008

Well I realise there is a mismatch as thats what the error says!! What I dont understand is why these two ports are reporting a mismatch error between each other when they are only access ports in differnet vlans. I dont see this error for any other ports.

ixg123 · May 2008

Obviously I can't tell why it should only happen in one place but the mismatch is detected by comparing the exchanged CDP packets. If you're not using CDP on the other ports then that could be the reason ...

waru · May 2008

both ports are on the same switch and CDP is enabled for the entire switch.

EdTheLad · May 2008

Are the ports connected via layer 2? via a hub or non cisco switch?

APA · May 2008

Those two ports can't be connected together as BPDUGuard should have err-disabled one of them...... More info on the topology would be great.... Also what is connected to each of these ports.....

Sounds to me like whatever is on the other end of 1/0/12 is trying to negotiate a trunk with the port as it techincally isn't in access mode.... It only has an access vlan associated with it....... The trunking mode is still set to dynamic desirable.... Whatever is trying to negotiate the trunk has a diff native vlan......

Remember both sides of an 802.1q trunk need matching native vlans..... otherwise the trunk will not be established....

hope this helps....

P.S

use 'show interface gi 1/0/12 switchport' and 'show interface gi 1/0/15 switchport'

EdTheLad · May 2008

If port g1/0/12 is an access port with vlan 85 and bpduguard is enabled, it is looking at blocking bpdus arriving with vlan tag 85, since bpdus are arriving with vlan tag 998 these will not be blocked and the port will not be err-disabled.
This error message received indicated an error between the ports,with is the keyword here:
%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet1/0/12 (85), with ldn-the-s01 GigabitEthernet1/0/15 (99

[/b]

APA · May 2008

From my understanding enabling bpduguard prevents a switchport from receving any BPDU's........

If the switchport with bpduguard enabled senses any bpdu's it will err-disable the port.... no matter what tag...... As what happens when you plug a switch with a trunk port (Native VLAN 1) into a access port with vlan 70??? The port is still errdisabled it's not kept live as that defeats the purpose of BPDUGuard........

I'm going to have to lab this up to see exactly what the problem is........

As I noticed that 'with' keyword before as well....... Just find it odd......

Native Vlan Mismatch

Comments