VLAN Mismatch
I am have a 3750 and a switch port from a Cisco 877 plugged into each other and am getting the following error.
*Apr 12 03:03:36.322: %CDP-4-NATIVE_VLAN_MISMATC
Have done a show int switchport on each interface and they both have Trunking Native Mode VLAN: 1 set. What is causing this error?
Router#show int fa0 switchport
Name: Fa0
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Disabled
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: ALL
Trunking VLANs Active: 1
Protected: false
Priority for untagged frames: 0
Override vlan tag priority: FALSE
Voice VLAN: none
Appliance trust: none
Switch#show int fa1/0/1 switchport
Name: Fa1/0/1
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 10 (VLAN0010)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
*Apr 12 03:03:36.322: %CDP-4-NATIVE_VLAN_MISMATC
Have done a show int switchport on each interface and they both have Trunking Native Mode VLAN: 1 set. What is causing this error?
Router#show int fa0 switchport
Name: Fa0
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Disabled
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: ALL
Trunking VLANs Active: 1
Protected: false
Priority for untagged frames: 0
Override vlan tag priority: FALSE
Voice VLAN: none
Appliance trust: none
Switch#show int fa1/0/1 switchport
Name: Fa1/0/1
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 10 (VLAN0010)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
ASKER
Thanks Otto, makes sense. I inherited this configuration.
I have changed it over to trunking.
What confused me was that is was functioning as it was with seperate vlans configured on the 3750 and 877.
FA0 on the 877 was configured as an access port accessing vlan 1. FA1/0/1 on the 3750 was configured as an access port accessing vlan 10.
The 877 had a VLAN 1 interface with an IP address.
The 3750 had a bunch of hosts configured on VLAN 10 yet they were still able to cross this misconfigured link and access the VLAN1 (10.0.1.1) interface on the 877.
Can you just confirm for me if I have this right.
Host on VLAN 10 sends data to default gateway 10.0.1.1. VLANS are only tagged when entering a switch interface so when the packet reaches the 877 it is tagged as a member of VLAN 1 thus able to reach the vlan 1 interface. The return packet enters the 3750 and is tagged as a member of vlan 10 and thus able to reach all the hosts in vlan 10.
Even if thats how it works I can see how it is a bit of a mess so as noted before have switched it over to trunking.
I have changed it over to trunking.
What confused me was that is was functioning as it was with seperate vlans configured on the 3750 and 877.
FA0 on the 877 was configured as an access port accessing vlan 1. FA1/0/1 on the 3750 was configured as an access port accessing vlan 10.
The 877 had a VLAN 1 interface with an IP address.
The 3750 had a bunch of hosts configured on VLAN 10 yet they were still able to cross this misconfigured link and access the VLAN1 (10.0.1.1) interface on the 877.
Can you just confirm for me if I have this right.
Host on VLAN 10 sends data to default gateway 10.0.1.1. VLANS are only tagged when entering a switch interface so when the packet reaches the 877 it is tagged as a member of VLAN 1 thus able to reach the vlan 1 interface. The return packet enters the 3750 and is tagged as a member of vlan 10 and thus able to reach all the hosts in vlan 10.
Even if thats how it works I can see how it is a bit of a mess so as noted before have switched it over to trunking.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You have a VLAN mismatch between access ports. The router's port is a member of VLAN 1 and the switch's port is a member of VLAN 10.
Either change the router side to VLAN 10 or change the switch side to VLAN 1.
Or you could disable CDP which is how the devices are learning that their neighbor is in the wrong VLAN (but that fix doesn't make any sense at all). :-)
Either change the router side to VLAN 10 or change the switch side to VLAN 1.
Or you could disable CDP which is how the devices are learning that their neighbor is in the wrong VLAN (but that fix doesn't make any sense at all). :-)
ASKER
Otto N, much appreciated. Very good explanation.
I did change it to a trunk link which failed and it was very confusing but eventually figured out that the incoming packets were now tagged in VLAN 10 so switched the SVI over to vlan 10 and it all worked.
Thanks again.
I did change it to a trunk link which failed and it was very confusing but eventually figured out that the incoming packets were now tagged in VLAN 10 so switched the SVI over to vlan 10 and it all worked.
Thanks again.
To get rid of this error 1) configure the ports as a trunks (switchport mode trunk) or 2) change the access vlan on either the router to 10 or switch to 1 (switchport access vlan [1|10]).
Your LAN will be operational (you will be able to ping the router's vlan 1 interface from vlan10 on the switch) but CDP will continue to alert you to this mismatch.