Solved

vlan trunking

Posted on 2013-12-20
3
566 Views
Last Modified: 2013-12-20
Hello,
I understand vlans and trunking. What I don't understand is the "access mode vlan" and "trunking native mode vlan" on a trunking port and why the difference and what it means.

I know that all traffic for a certain vlan is only for switchports designated for that vlan. But what is the native vlan and what traffic does it carry?

What does this mean below also:

Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 10 (VLAN0010)

Thanks.
0
Comment
Question by:tolinrome
  • 2
3 Comments
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 250 total points
ID: 39732263
--> Negotiation of Trunking: On

Means that this port is not forced as a trunk.  It will negotiate with the device connected to that port to see if it should run as in trunk or access mode.

--> Access Mode VLAN: 1 (default)

Use VLAN 1 if this port is running in access mode.  So if negotiation as a trunk fails, this port will be in access mode.

--> Trunking Native Mode VLAN: 10 (VLAN0010)

If this port is running in trunk mode, the native VLAN is VLAN 10.
0
 
LVL 11

Accepted Solution

by:
Miftaul earned 250 total points
ID: 39732288
But what is the native vlan and what traffic does it carry?

Native VLAN carries control traffic, say the keepalives like dtp, cdp to keep the trunks on.

Negotiation of Trunking: On
It means one end of the link is negotiating dtp packets with the other end to form trunk. if the other end is set to auto or trunk, the trunk forms. For security purposes, we usually disable this feature by using "switchport nonegotiate"

Access Mode VLAN: 1 (default)
If the trunk is not forming, this link will default to access port VLAN1

Trunking Native Mode VLAN: 10 (VLAN0010)
Native VLAN carries control traffic, here the Native VLAN is set to VLAN10
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39732521
On a trunk you can have tagged or untagged frames.  Any frame that is untagged is assumed to be on the native VLAN.  So if your native VLAN is VLAN 10, any untagged traffic is assumed to be on VLAN 10.

Some switches have started allowing you to tag the native VLAN traffic.  This is so somebody cant craft frames that are  802.1Q double-tagged which could/would allow them to travers VLAN's.  One reference:

http://www.networkworld.com/community/node/38732
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now