Solved

Native vlan mismatch

Posted on 2011-09-07
16
1,859 Views
Last Modified: 2012-05-12
I did not know that you could get native vlan mismatch if the port is set to "switchport mode access"?

I do not have access to the neighbor switch so I don't know the configuration of the remote port gi0/1.


%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet1/10 (5), with Switch GigabitEthernet0/1 (1).


#sh run int gi1/10

switchport access vlan 5
 switchport mode access
 spanning-tree portfast

#sh int gi1/10 switchport
Name: Gi1/10
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 5 (VLAN005)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

0
Comment
Question by:Dragon0x40
  • 5
  • 4
  • 3
  • +2
16 Comments
 
LVL 33

Expert Comment

by:MikeKane
Comment Utility
2 thoughts on something I've not seen before:  

#1 Possibly,  the remote switch is set for switchport access on another vlan.

Is the Native Vlan supposed to be Vlan 5?  
If you tried to set the port into native 5 trunk mode:
  no sw mo acc
  sw mo tr
  sw tr en dot1q
  sw tr na vlan 5
  sw tr allow vlan 5

With that do you see the same results?  

0
 
LVL 33

Expert Comment

by:MikeKane
Comment Utility
It would really help to see the other switch config....
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Well, you need to get the native vlans to match. Since you don't have access to the other switch, do you know what it's native vlan is? Change your switch to the native of the other.
0
 

Author Comment

by:Dragon0x40
Comment Utility
This is the error in the log:

%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet1/10 (5), with Switch GigabitEthernet0/1 (1).

Is it saying the the local gi1/10 is native vlan 5 and the remote gi0/1 is native vlan 1?

If so then by looking at gi1/10 it shows the native vlan is already 1 which should match up with the remote switch?
0
 
LVL 26

Accepted Solution

by:
Soulja earned 167 total points
Comment Utility
Yeah, it says the Trunking native vlan is 1, not access. The fact that it is an access port means that it's untagged for vlan 5. The other switch like Mike stated may be an access mode port in vlan 1, or a trunk with native vlan as 1.
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
A way you can find out if the other side is a trunk is set your interface to switchport mode dynamic auto. If you interface becomes a trunk then you know that the other side is a trunk with a native vlan of 1.
0
 

Author Comment

by:Dragon0x40
Comment Utility
Maybe the best thing to do is find out what the config on the other switch is and go from there.
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Lol, yes it is. Especially if this is production.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 17

Expert Comment

by:rochey2009
Comment Utility
To see the native VLAN of the neighboring device, issue:

sh cdp ne gi1/10 detail


-------------------------
Device ID:XXXXX
Entry address(es):
  IP address: x.x.x.x
Platform: cisco WS-C2950G-48-EI,  Capabilities: Switch IGMP
Interface: GigabitEthernet0/2,  Port ID (outgoing port): GigabitEthernet0/1
Holdtime : 143 sec

Version :
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA8a, RELEASE SOFTWARE
 (fc1)
Copyright (c) 1986-2006 by cisco Systems, Inc.
Compiled Fri 28-Jul-06 15:16 by weiliu

advertisement version: 2
Protocol Hello:  OUI=0x00000C, Protocol ID=0x0112; payload len=27, value=0000000
0FFFFFFFF010221FF00000000000000195599B840FF0000
VTP Management Domain: ''
Native VLAN: 1
Duplex: full
0
 
LVL 17

Expert Comment

by:rochey2009
Comment Utility
If you want to temporarily disable the messages to stop them filling up your switch logs, until you can do something about the neighboring device, you can disable CDP on the gi1/10 interface.
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Nice catch rockey, forgot all about cdp. ;-)
0
 
LVL 33

Expert Comment

by:MikeKane
Comment Utility
----> sh cdp ne gi1/10 detail

Awesome....  
0
 

Author Comment

by:Dragon0x40
Comment Utility
CDP may be part of the problem.

The switch connected to gi1/10 has no ip address assigned and apparently has cdp turned off.

sh cdp ne gi1/10 detail does not return anything.

Neither does "sh cdp neighbor" or "sh cdp ne gi1/10"

I was just surprised that a port configured as an access port could generate an error for a native vlan mismatch. Access ports don't tage frames so why would an access port care about native vlan or even what vlan the other switch is in?

An access port with the "switchport mode access" command should work with any type of ethernet port connected to it? layer 3, layer 2, access or trunk?
0
 
LVL 17

Assisted Solution

by:rochey2009
rochey2009 earned 167 total points
Comment Utility
This is the error in the log:

%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet1/10 (5), with Switch GigabitEthernet0/1 (1).

Is it saying the the local gi1/10 is native vlan 5 and the remote gi0/1 is native vlan 1?

If so then by looking at gi1/10 it shows the native vlan is already 1 which should match up with the remote switch?

Because the local switchport gi1/10 is set to switchport mode access, switchport access vlan 5, it's native VLAN is 5. If  gi1/10 was set to trunking it would have a native VLAN of 1.

The neighboring switch has a native VLAN of 1 on port gi0/1.
0
 

Author Comment

by:Dragon0x40
Comment Utility
If you search for "native vlan mismatch trunk to access" there are several discussions on this error.

It seems cdp v2 reports the error when two access ports are connected and the vlan membership does not match.

One person said that this error is there because you might create switching loops if vlans are not matched.

I can understand that because if you allow ports to be in fwd mode when the vlans don't match and you connect two switches together multiple times with access ports that aren't in the same vlan then how could spanning-tree prevent loops?

Spanning-tree is per vlan so if the access ports are not in the same vlan then per vlan spanning-tree will not work?
0
 
LVL 28

Assisted Solution

by:mikebernhardt
mikebernhardt earned 166 total points
Comment Utility
Normally you don't connect 2 switches together in access mode on different vlans. Access mode is usually used for connecting a host to a switch, and 2 switches are usually connected on the same vlan.

CDP is telling you that there is a vlan mismatch. There is no direct performance problem other than the endless logging of the discrepancy but it's not a good practice in general. Just turn off CDP on the port if you need to leave it that way for some reason.

Spanning tree still functions properly, as it knows nothing about VLANs. When you're crossing vlans like that you do have a greater chance of potential loops which is what spanning tree protocol is designed to stop. The switches will still run spanning tree if they are seeing BPDUs from each other and will block ports where needed.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Suggested Solutions

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now