Go Premium for a chance to win a PS4. Enter to Win


I accidentally trunked an access port.

Posted on 2014-10-17
Medium Priority
Last Modified: 2014-10-21
I was configuring an AP and trunked interface 46 instead of interface 45 on a cisco switch.

I received a call from the building across the street saying there network went down.
What happens if you trunk an access port?

Was changed to
interface FastEthernet0/46
 description ap-lobby
 switchport access vlan 999
 switchport trunk encapsulation dot1q - ******Command I added on accident ****
 switchport mode trunk - **** Command I added on accident ****
 speed 100
 duplex full

When I removed the two commands above their IP Phone and Desktops seem to be back online but for some reason two users are still not getting a DHCP address and nervous I screwed something up badly. VLAN 999 I believe connection between several buildings in the city , a Metro Ethernet connection I think.  New to company so learning the topology of our network.
Question by:Tim OBrien
LVL 12

Expert Comment

ID: 40387907
well depending on your switch and OS you can sometimes rollback a cisco config....

so you changed to way traffic is tagged


Author Comment

by:Tim OBrien
ID: 40387913
I have an understanding of access and trunk ports.  What I don't understand is the effect it would have on the Network if I made this change. As the Interface I changed was connected to the switch at the other building and curious if it could have somehow filtered to other building as well. I believe the effect was only between the two building but not 100% sure. I am confused as to why there are still some desktops which I can't back online for some reason.

I do have the backup configs but not ready to apply then as the change I made might not have been severe enough, this is why I posted this question to get an understand of what my change may have done, could it have been severe?
LVL 12

Accepted Solution

Faruk Onder Yerli earned 668 total points
ID: 40388813
Hi Tim;

Your problem looks like 3 different option and none of them are related with switch.

One them, VLAN999 has more than one DHCP server that they can receiving IP from another server.  

Second of them  it takes IP address from another server in old trunk configuration and there is IP confilct between both computer.

Third of them looks ARP problem. both computer needs to clean arp table.

To solve first problem you have to listen Vlan999 packets, rest of them can be solved itself after reboot machine,
LVL 12

Assisted Solution

DarinTCH earned 668 total points
ID: 40389273
and yes a config change can replicate throughout a network
sometimes we have no idea why...
it will end up being a loop somewhere usually
but since it is just DHCP....
you could always try simple things like forcing a renew...
and flushing things like cache...DNS and even ARP
not sure if i think its the ARP.....
but it would not hurt to flush it
is there still connectivity - can  you ping or see these devices?
are they getting an APIPA address 169- self assigned?
have you tried static addresses?
LVL 14

Assisted Solution

Otto_N earned 664 total points
ID: 40394147
To explain what happened - When you configured the port for trunking, you changed the untagged vlan (which used to be VLAN999 in your environment) to VLAN 1 (the default untagged VLAN for 802.1Q trunking).  Effectively you connected the external LAN (of the building across the street, and perhaps further along as well) to your local VLAN 1 (just as if you've issued a "switchport access vlan 1" on the port).

This will explain why their network went down, and if PC's rebooted during this time, they might have picked up their configs via a DHCP server for VLAN 1 - A simple reboot on their side (or renewal of their DHCP address) should fix the problem.

You can rest assured that no config change you did will change settings in the other network.  Once you remove the incorrect config, the network should be restored completely, and any host issues should be resolved, at worst, by a reboot.

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question