I accidentally trunked an access port.

Posted on 2014-10-17
Last Modified: 2014-10-21
I was configuring an AP and trunked interface 46 instead of interface 45 on a cisco switch.

I received a call from the building across the street saying there network went down.
What happens if you trunk an access port?

Was changed to
interface FastEthernet0/46
 description ap-lobby
 switchport access vlan 999
 switchport trunk encapsulation dot1q - ******Command I added on accident ****
 switchport mode trunk - **** Command I added on accident ****
 speed 100
 duplex full

When I removed the two commands above their IP Phone and Desktops seem to be back online but for some reason two users are still not getting a DHCP address and nervous I screwed something up badly. VLAN 999 I believe connection between several buildings in the city , a Metro Ethernet connection I think.  New to company so learning the topology of our network.
Question by:Tim OBrien
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 12

Expert Comment

ID: 40387907
well depending on your switch and OS you can sometimes rollback a cisco config....

so you changed to way traffic is tagged

Author Comment

by:Tim OBrien
ID: 40387913
I have an understanding of access and trunk ports.  What I don't understand is the effect it would have on the Network if I made this change. As the Interface I changed was connected to the switch at the other building and curious if it could have somehow filtered to other building as well. I believe the effect was only between the two building but not 100% sure. I am confused as to why there are still some desktops which I can't back online for some reason.

I do have the backup configs but not ready to apply then as the change I made might not have been severe enough, this is why I posted this question to get an understand of what my change may have done, could it have been severe?
LVL 12

Accepted Solution

Faruk Onder Yerli earned 167 total points
ID: 40388813
Hi Tim;

Your problem looks like 3 different option and none of them are related with switch.

One them, VLAN999 has more than one DHCP server that they can receiving IP from another server.  

Second of them  it takes IP address from another server in old trunk configuration and there is IP confilct between both computer.

Third of them looks ARP problem. both computer needs to clean arp table.

To solve first problem you have to listen Vlan999 packets, rest of them can be solved itself after reboot machine,
LVL 12

Assisted Solution

DarinTCH earned 167 total points
ID: 40389273
and yes a config change can replicate throughout a network
sometimes we have no idea why...
it will end up being a loop somewhere usually
but since it is just DHCP....
you could always try simple things like forcing a renew...
and flushing things like cache...DNS and even ARP
not sure if i think its the ARP.....
but it would not hurt to flush it
is there still connectivity - can  you ping or see these devices?
are they getting an APIPA address 169- self assigned?
have you tried static addresses?
LVL 14

Assisted Solution

Otto_N earned 166 total points
ID: 40394147
To explain what happened - When you configured the port for trunking, you changed the untagged vlan (which used to be VLAN999 in your environment) to VLAN 1 (the default untagged VLAN for 802.1Q trunking).  Effectively you connected the external LAN (of the building across the street, and perhaps further along as well) to your local VLAN 1 (just as if you've issued a "switchport access vlan 1" on the port).

This will explain why their network went down, and if PC's rebooted during this time, they might have picked up their configs via a DHCP server for VLAN 1 - A simple reboot on their side (or renewal of their DHCP address) should fix the problem.

You can rest assured that no config change you did will change settings in the other network.  Once you remove the incorrect config, the network should be restored completely, and any host issues should be resolved, at worst, by a reboot.

Featured Post

Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today -

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever wondered why you had to use DHCP options (dhcp opt 60, 66 or 67) in order to use PXE? Well, you don't!
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question