VLAN setup

Basic VLANs info. Cisco series 1900 routers support up to 16 VLANs.

Create

#vlan vlan_id

Deleting a VLAN

#no vlan vlan_id

Show all VLANs summary and port assignment

r1-basic#sh vlan-switch

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi0/1/0, Gi0/1/1, Gi0/1/2
                                                Gi0/1/3
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        1002   1003
1002 fddi  101002     1500  -      -      -        -    -        1      1003
1003 tr    101003     1500  1005   0      -        -    srb      1      1002
1004 fdnet 101004     1500  -      -      1        ibm  -        0      0
1005 trnet 101005     1500  -      -      1        ibm  -        0      0

Verify trunk interfaces

r1-basic#show interfaces trunk

Access port configuration

interface GigabitEthernet1/0/2
description Access Port to Cisco Access Point
switchport access vlan 10
no ip address
end

interface range

interface range gi 0/1/0 - 3

Trunk port configuration

For 802.1Q trunking, one VLAN is not tagged. This VLAN is called native VLAN. The native VLAN is used for untagged traffic when the port is in 802.1Q trunking mode. While configuring 802.1Q trunking, it is very important to keep in mind that the native VLAN must be configured the same on each side of the trunk link. It is a common mistake not to match the native VLANs while configuring 802.1Q trunking between the router and the switch.

In this example 802.1Q encapsulation is used

interface GigabitEthernet1/0/1
description Trunk Port to Cisco WLC
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport trunk allowed vlan add 10,20,99
switchport mode trunk
switchport nonegotiate
no shutdown

The following list shows options for the switchport mode command.

trunk - configures the port into permanent 802.1Q trunk mode and negotiates with the connected device to convert the link to trunk mode.

access - disables port trunk mode and negotiates with the connected device to convert the link to nontrunk.

nonegotiate - the port is a trunk and does not do DTP negotiation with the other side of the link.

dynamic desirable - triggers the port to negotiate the link from nontrunk to trunk mode. The port negotiates to a trunk port if the connected device is in trunk state, desirable state, or auto state. Otherwise, the port becomes a nontrunk port.

dynamic auto - enables a port to become a trunk only if the connected device has the state set to trunk or desirable. Otherwise, the port becomes a nontrunk port.

Verifying a Trunk

******* (requires live capture) ************

Switch#show interfaces GigabitEthernet1/0/1 switchport

Switch#show interfaces GigabitEthernet1/0/1 trunk

DTP (Dynamic Trunking Protocol)

DTP is used to automatically form a trunk between switches. Default DTP setting is dependent on the IOS software version and platform used.

The operation of DPT can be verified by issuing show dtp interface. Output below shows that Trunk Operational Status (TOS) is set to trunk, Trunk Administrative Status (TAS) is desirable, and Trunk Negotiation Status (TNS) is also set to trunk. Trunk Operational Type (TOT), Trunk Adminstrative Type (TAT), and Trunk Negotiation Type (TNT) show 802.1q encapsulation. Output below is from Cisco 1941 IOS Version 15.2(4)M4 with EHWIC-4ESG-P Ether-switch card that does not support DTP. Therefore the output you can see 'NONEGOTIATE' and timers with zero.

Switch#show dtp interface Gi0/1/0
DTP Interface Information:
  TOS/TAS/TNS:                           TRUNK/NONEGOTIATE/TRUNK
  TOT/TAT/TNT:                           802.1Q/802.1Q/802.1Q
  Neighbor address 1:                    000000000000
  Neighbor address 2:                    000000000000
  Hello timer expiration ms/state:       0/STOPPED
  Access timer expiration ms/state:      0/STOPPED
  Negotiation timer expiration ms/state: 0/STOPPED
  Multidrop timer expiration ms/state:   0/STOPPED
  FSM state:                             S6:TRUNK
  # times multi & trunk:                 0
  Enabled:                               1
  In STP:                                0

trunk - automatically enables trunking regardless of the state of the neighboring switch and regardless of any DTP requests that are sent from the neighboring switch.

access - trunking is not allowed on this port regardless of the state of the neighboring switch interface and regardless of any DTP requests that are sent from the neighboring switch.

nonegotiate - prevents the interface from generating DTP frames. This command can be used only when the interface switch port mode is access or trunk. You must manually configure the neighboring interface as a trunk interface to establish a trunk link.

dynamic desirable - communicates to the neighboring switch via DTP that the interface is attempting to become a trunk if the neighboring switch interface is able to become a trunk.

dynamic auto - creates the trunk based on the DTP request from the neighboring switch.

Nonegotiate mode operation

The switchport nonegotiate interface command stops DTP negotiation packets sending and engaging in trunk election. This command is valid only when the interface switch port mode is access or trunk. This command returns an error if you attempt to execute it in dynamic (auto or desirable) mode. When in nonegotiate configuration, the port trunks only if the other end of the link is specifically set to trunk. The switchport nonegotiate command does not form a trunk link with ports in either dynamic desirable or dynamic auto mode.