*kid , your question was answered perfectly by Rob.* *first off what is the use of trunk . ?*
*Ans: to carry traffic of more than one vlan* . *can i say if trunk is up , everthing is fine ?* *no many factors may prevent proper decapsulation and rechability is broken* *can you give me example when even though trunk is up . end hosts are not talking ?* yes . "allowed vlan list " filtering traffiic and " native vlan mismatch " *ok can you expalin me how native vlan mismatch prevent end host talking to each other in same vlan ?* *look at config provied in above mail . * ** *router's native vlan is 20 . and switch native vlan is 30. so when router send packets to an ip in valn 20 . it sends them untagged , and i repeat it with diff words " in its native " form like the one received from PC . * ** *Swithch when it receives the packet believes it belongs to Vlan 30 , because here in switch* vlan 30 is Native . *what made switch believe it belongs to vlan 30 ?* *because it is assumed that when ever i received a frame with out any vlan tag it belongs to native vlan * *so it searches vlan 30 . This was a first packet . * ** *to build a packet router should know the mac address . so this paket is ARP packet . * ** *how can you say that ?* ** *arp cache was empty as this is first time they are talking * *ok i agree it was arp packet sourced from router to switch , but what happened to it ?* *for the switch its just a frame . and it made an assumption that it blongs to ITS NATIVE vlan that is vlan 30 .* *ok what happened next . ?* *arp is broadcast at layer 2 and unicast at layer 3 . so swithch now prepares for broadcasting the frame IN VLAN 30.* *that's fine but why it dint answered ?* *kid i leave this question to be ansered by you . if you have CCNA concepts fresh in your mind , you will understand above explantion and also be able to answer the question* . *OH that's why rechability is broken between the ip that belong to same vlan due to mismatch in Natve vlan ?* *absolutely !* *so NATIVE VLAN MISMATCH is bad ?* *exactly * On Sat, Dec 10, 2011 at 7:03 PM, CCIE KID <[email protected]> wrote: > Hi, > > Still my issue is not been resolved. > So what can be the conclusion man > > Can any expert can pitch in an answer for that > > > On Sat, Dec 10, 2011 at 8:28 PM, me you <[email protected]> wrote: > > > *CONCLUSION: We do NOT have full reachability despite the vlan > mismatch.* > > > > I would agree with you that your set up work, but I disagree with a > > general statement that Native Vlan mismatch does not matter between a > > router and switch. 1 2811, 3 subinterfaces and 1 3750 trunkport with 3 > > vlans. Neither of the native vlans have reachability. > > > > > > interface FastEthernet0/0 > > > > no ip address > > > > duplex auto > > > > speed auto > > > > ! > > > > interface FastEthernet0/0.10 > > > > encapsulation dot1Q 10 > > > > ip address 10.1.1.1 255.255.255.0 > > > > ! > > > > interface FastEthernet0/0.20 > > > > encapsulation dot1Q 20 native > > > > ip address 20.1.1.1 255.255.255.0 > > > > ! > > > > interface FastEthernet0/0.30 > > > > encapsulation dot1Q 30 > > > > ip address 30.1.1.1 255.255.255.0 > > > > > > > > 3750 > > > > interface GigabitEthernet1/0/1 > > > > switchport trunk encapsulation dot1q > > > > switchport trunk native vlan 30 > > > > switchport mode trunk > > > > end > > > > > > interface Vlan1 > > > > no ip address > > > > ! > > > > interface Vlan10 > > > > ip address 10.1.1.2 255.255.255.0 > > > > ! > > > > interface Vlan20 > > > > ip address 20.1.1.2 255.255.255.0 > > > > ! > > > > interface Vlan30 > > > > ip address 30.1.1.2 255.255.255.0 > > > > > > > > 3750(config)#do ping 10.1.1.1 > > > > > > Type escape sequence to abort. > > > > Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: > > > > !!!!! > > > > Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/9 ms > > > > 3750(config)#do ping 20.1.1.1 > > > > > > Type escape sequence to abort. > > > > Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds: > > > > ..... > > > > Success rate is 0 percent (0/5) > > > > 3750(config)#do ping 30.1.1.1 > > > > > > Type escape sequence to abort. > > > > Sending 5, 100-byte ICMP Echos to 30.1.1.1, timeout is 2 seconds: > > > > ..... > > > > Success rate is 0 percent (0/5) > > > > > > Deb ip icmp on *Dec 10 14:36:59.527: ICMP: echo reply sent, src 10.1.1.1, > > dst 10.1.1.2 > > > > *Dec 10 14:36:59.527: ICMP: echo reply sent, src 10.1.1.1, dst 10.1.1.2 > > > > *Dec 10 14:36:59.531: ICMP: echo reply sent, src 10.1.1.1, dst 10.1.1.2 > > > > *Dec 10 14:36:59.531: ICMP: echo reply sent, src 10.1.1.1, dst 10.1.1.2 > > > > *Dec 10 14:36:59.535: ICMP: echo reply sent, src 10.1.1.1, dst 10.1.1.2 > > > > --More-- > > > > *Dec 10 14:37:04.179: ICMP: echo reply sent, src 20.1.1.1, dst 30.1.1.2 > > > > --More-- > > > > *Dec 10 14:37:06.183: ICMP: echo reply sent, src 20.1.1.1, dst 30.1.1.2 > > > > --More-- > > > > *Dec 10 14:37:08.187: ICMP: echo reply sent, src 20.1.1.1, dst 30.1.1.2 > > > > --More-- > > > > *Dec 10 14:37:10.195: ICMP: echo reply sent, src 20.1.1.1, dst 30.1.1.2 > > > > --More-- > > > > *Dec 10 14:37:12.199: ICMP: echo reply sent, src 20.1.1.1, dst 30.1.1.2 > > > > > > To say vlan mismatch between a router and a switch does not matter is > > misleading or wrong. We could say if "this is that way" then "that is > this > > way" "that and this will work":) > > > > > > Rob > > > > > > > > On Sat, Dec 10, 2011 at 5:39 PM, CCIE KID <[email protected]> wrote: > > > >> Hi Oyebande, > >> > >> Thank u mate. U confirmed my understanding. So from router to switch it > >> doesnt matter to match the native vlan on both sides. > >> Unlike Switch to Switch to form trunk port ,native vlans should match to > >> form trunk link > >> to pass data traffic on that link. > >> > >> Thanks all for their confirmation > >> > >> > >> > >> On Sat, Dec 10, 2011 at 5:19 PM, Oluwagbenga Oyebande < > >> [email protected]> wrote: > >> > >>> > >>> *CONCLUSION: We have full reachability despite the vlan mismatch.* > >>> * > >>> * > >>> * > >>> Three routers and one switch. > >>> > >>> > >>> * > >>> * > >>> R2811(Fa0/0.1)-------------TRUNK-LINK-----------------------Cat3550 > >>> (Fa0/1) > >>> * > >>> * > >>> native vlan 20 > >>> native vlan 10 > >>> > >>> > >>> R3825 > >>> (Gi0/0.1) > >>> ------------- > >>> TRUNK-LINK > >>> ----------------------- > >>> Cat3550 (Gi0/2) > >>> native vlan 30 > >>> > >>> native vlan 10 > >>> > >>> *R2811-forvlan10(Fa0/0)--* > >>> ACCESS-LINK > >>> *-----* > >>> Cat3550 (Fa0/4) > >>> * > >>> * > >>> > >>> explicitly configured in vlan 10 as access port > >>> > >>> I included the third link to clear all doubts about expected behaviour > >>> of vlan 10 connected devices. > >>> > >>> > >>> * > >>> *Catalyst 3550 Swicth Spec* > >>> > >>> Cat3550(config)#do sh vers | i Model num|RELEA > >>> Cisco IOS Software, C3550 Software (C3550-IPSERVICESK9-M), Version > >>> 12.2(44)SE3, RELEASE SOFTWARE (fc2) > >>> Model number: WS-C3550-24-SMI > >>> * > >>> * > >>> *2811 Router Spec* > >>> > >>> Router(config)#do sh ver | i image > >>> System image file is "flash:c2800nm-adventerprisek9-mz.124-24.T2.bin" > >>> * > >>> * > >>> *3825 Router Spec* > >>> * > >>> * > >>> R3825(config-subif)#do sh ver | i Software > >>> Cisco IOS Software, 3800 Software (C3825-ADVENTERPRISEK9-M), Version > >>> 12.4(24)T2, RELEASE SOFTWARE (fc2) > >>> > >>> *2811 (for vlan 10 ) Router Spec * > >>> * > >>> * > >>> R2811-forvlan10(config)#do sh ver | i Software > >>> Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version > >>> 12.4(24)T2, RELEASE SOFTWARE (fc2) > >>> > >>> > >>> *CDP *(so we have Fas 0/1 connected to 2811and we have Gig 0/2 > >>> connected to 3825 and Fa0/4 Connected to R2811-forvlan10) > >>> > >>> Cat3550(config-if)#do sh cdp nei | i R2811|R3825|ID > >>> Device ID Local Intrfce Holdtme Capability Platform > Port > >>> ID > >>> R2811-forvlan10 Fas 0/4 123 R S I 2811 Fas > >>> 0/0 > >>> R2811 Fas 0/1 139 R S I 2811 Fas > >>> 0/0 > >>> R3825 Gig 0/2 129 R S I 3825 Gig > >>> 0/0 > >>> > >>> > >>> *INTERFACE CONFIG* > >>> * > >>> * > >>> Cat3550(config-if)#do sh run int *fa0/1* > >>> interface FastEthernet0/1 > >>> description *TRUNK to R2811* > >>> switchport trunk encapsulation dot1q > >>> switchport trunk native vlan 10 > >>> switchport mode trunk > >>> end > >>> > >>> Cat3550(config-if)#do sh run int fa0/4 > >>> interface FastEthernet0/4 > >>> description *ACCESS LINK TO R2811-forvlan10* > >>> switchport access vlan 10 > >>> switchport mode access > >>> end > >>> > >>> Cat3550(config-if)#do sh run int gi0/2 > >>> interface GigabitEthernet0/2 > >>> description *TRUNK to R3825* > >>> switchport trunk encapsulation dot1q > >>> switchport trunk native vlan 10 > >>> switchport mode trunk > >>> end > >>> > >>> Cat3550(config-if)#do sh run int vlan 10 > >>> interface Vlan10 > >>> ip address 10.1.1.2 255.255.255.0 > >>> end > >>> > >>> Cat3550(config-if)#do sh int status > >>> Port Name Status Vlan Duplex Speed Type > >>> Fa0/1 TRUNK to R2811 connected trunk a-full a-100 > >>> 10/100BaseTX > >>> Fa0/4 ACCESS LINK TO R28 connected 10 a-full a-100 > >>> 10/100Base > >>> Gi0/2 TRUNK to R3825 connected trunk a-full a-1000 > >>> 1000BaseSX > >>> > >>> *VLANS* > >>> * > >>> * > >>> VLAN Name Status Ports > >>> ---- -------------------------------- --------- > >>> ------------------------------- > >>> 1 default active Fa0/2, Fa0/3, Fa0/5, > >>> Fa0/6 > >>> Fa0/7, Fa0/8, Fa0/9, > >>> Fa0/10 > >>> Fa0/11, Fa0/12, Fa0/13, > >>> Fa0/14 > >>> Fa0/15, Fa0/16, Fa0/17, > >>> Fa0/18 > >>> Gi0/1 > >>> 10 VLAN0010 active Fa0/4 > >>> 20 VLAN0020 active > >>> 30 VLAN0030 active > >>> > >>> > >>> R2811(config-subif)#do sh run int fa0/0.1 > >>> interface FastEthernet0/0.1 > >>> description "MISMATCHED NATIVE VLAN 20/10" > >>> encapsulation dot1Q 20 native > >>> ip address 10.1.1.1 255.255.255.0 > >>> end > >>> > >>> R3825(config-subif)#do sh run int gi0/0.1 > >>> interface GigabitEthernet0/0.1 > >>> description "MISMATCHED NATIVE VLAN 30/10" > >>> encapsulation dot1Q 30 native > >>> ip address 10.1.1.3 255.255.255.0 > >>> end > >>> > >>> R2811-forvlan10(config-if)#do sh run int fa0/0 > >>> interface FastEthernet0/0 > >>> description "THIS ONE IS AN ACCESS LINK WHICH WE WILL PUT IN VLAN 10 > ON > >>> THE SWITCH" > >>> ip address 10.1.1.4 255.255.255.0 > >>> duplex auto > >>> speed auto > >>> end > >>> > >>> > >>> > >>> Cat3550(config-if)#do ping 10.1.1.255 > >>> Type escape sequence to abort. > >>> Sending 5, 100-byte ICMP Echos to 10.1.1.255, timeout is 2 seconds: > >>> Reply to request 0 from 10.1.1.3, 1 ms > >>> Reply to request 0 from 10.1.1.1, 1 ms > >>> Reply to request 0 from 10.1.1.4, 1 ms > >>> > >>> R2811(config-subif)#do ping 10.1.1.255 > >>> Type escape sequence to abort. > >>> Sending 5, 100-byte ICMP Echos to 10.1.1.255, timeout is 2 seconds: > >>> Reply to request 0 from 10.1.1.3, 1 ms > >>> Reply to request 0 from 10.1.1.2, 1 ms > >>> Reply to request 0 from 10.1.1.4, 1 ms > >>> > >>> > >>> R3825(config-subif)#do ping 10.1.1.255 > >>> Type escape sequence to abort. > >>> Sending 5, 100-byte ICMP Echos to 10.1.1.255, timeout is 2 seconds: > >>> Reply to request 0 from 10.1.1.2, 4 ms > >>> Reply to request 0 from 10.1.1.1, 4 ms > >>> Reply to request 1 from 10.1.1.2, 1 ms > >>> Reply to request 1 from 10.1.1.1, 1 ms > >>> Reply to request 1 from 10.1.1.4, 1 ms > >>> > >>> R2811-forvlan10(config-if)#do ping 10.1.1.255 > >>> > >>> Type escape sequence to abort. > >>> Sending 5, 100-byte ICMP Echos to 10.1.1.255, timeout is 2 seconds: > >>> > >>> Reply to request 0 from 10.1.1.3, 4 ms > >>> Reply to request 0 from 10.1.1.1, 4 ms > >>> Reply to request 0 from 10.1.1.2, 4 ms > >>> > >>> > >>> *CONCLUSION: So we have full reachability despite the vlan mismatch.* > >>> > >>> > >>> Olugbenga Oyebande > >>> > >>> > >>> > >>> > >>>> On Fri, Dec 9, 2011 at 7:38 PM, Oluwagbenga Oyebande < > >>>> [email protected]> wrote: > >>>> > >>>>> Hi CCIE Kid > >>>>> > >>>>> I agree with Narottam. I would like to add something to Q2 > >>>>> > >>>>> > >>>>> Answ to Q1. The trunk will form as you have already seen. > >>>>> > >>>>> Answ to Q2. If by user traffic you mean IP traffic, then the answer > >>>>> depends on the IP configuration of your switch's *VLAN 10 SVI. *If > >>>>> you have 10.1.1.0/24 subnet configured on the switch's SVI then IP > >>>>> traffic should pass in spite of native vlan mismatch. If you have > another > >>>>> subnet (or no ip address) configured on it then IP traffic will not > pass. > >>>>> * > >>>>> * > >>>>> > >>>>> > >>>>> On Fri, Dec 9, 2011 at 7:45 AM, Narottam Prajapati < > >>>>> [email protected]> wrote: > >>>>> > >>>>>> HI > >>>>>> > >>>>>> Native VLAN numbering mismatch will not affect to trunk forming > >>>>>> process. Trunk will form between both devics. > >>>>>> > >>>>>> Regarding Traffic forwarding traffic will forward without any > tagigng > >>>>>> due > >>>>>> to default behaviour of dot1q encapsulation. > >>>>>> > >>>>>> When router try to forward traffic to switch frames forwards up to > >>>>>> switch > >>>>>> and switch 2 assume that this traffic is for native VLAN traffic > >>>>>> because > >>>>>> frames are untaged. > >>>>>> > >>>>>> Hi Group > >>>>>> > >>>>>> make me correct if any thing is wrong. > >>>>>> > >>>>>> Regards, > >>>>>> Narottam Prajapati > >>>>>> > >>>>>> On Fri, Dec 9, 2011 at 11:25 AM, Shaughn Smith < > [email protected]> > >>>>>> wrote: > >>>>>> > >>>>>> > Your question was answered. A few times. > >>>>>> > > >>>>>> > CCIE # 23962 (SP) > >>>>>> > > >>>>>> > Sent from my iPhone 4 > >>>>>> > > >>>>>> > On 09 Dec 2011, at 7:40 AM, CCIE KID <[email protected]> wrote: > >>>>>> > > >>>>>> > > Hi all, > >>>>>> > > > >>>>>> > > Still my question has not been answered. What will happen if a > >>>>>> router > >>>>>> > > connected to a switch is placed in two different native Vlans. U > >>>>>> guys are > >>>>>> > > all talking about connecting two switches and incorporating two > >>>>>> different > >>>>>> > > native vlans. > >>>>>> > > > >>>>>> > > My scenario is simple. R1-----------------------Sw1 > >>>>>> > > > >>>>>> > > I m using two different native vlans from R1 to Sw1 . Whether > >>>>>> trunk will > >>>>>> > > form.? Or if the trunk forms, whether user traffic will be able > >>>>>> to pass > >>>>>> > > through or not. > >>>>>> > > > >>>>>> > > Please reply to my questions > >>>>>> > > > >>>>>> > > Thank You > >>>>>> > > > >>>>>> > > On Fri, Dec 9, 2011 at 4:23 AM, George J. Sanchez < > >>>>>> [email protected] > >>>>>> > >wrote: > >>>>>> > > > >>>>>> > >> I've seen plenty of customers networks with native vlan > >>>>>> mismatches, > >>>>>> > >> traffic will pass. With that being said, newer code may fix > >>>>>> different > >>>>>> > >> "features" that previous codes had issues with. > >>>>>> > >> > >>>>>> > >> Regards, > >>>>>> > >> Joe Sanchez > >>>>>> > >> > >>>>>> > >> On Dec 8, 2011, at 1:28 PM, Narbik Kocharians < > [email protected] > >>>>>> > > >>>>>> > wrote: > >>>>>> > >> > >>>>>> > >>> This is what i was referring to: > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> R1 s F0/0 is connected to SW1 s port F0/1 > >>>>>> > >>> > >>>>>> > >>> R2 s F0/1 is connected to SW2 s port F0/2 > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> SW1 s F0/19 is connected to SW2 s F0/19 > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> *SW1#sh run int f0/19 | B inter* > >>>>>> > >>> > >>>>>> > >>> interface FastEthernet0/19 > >>>>>> > >>> > >>>>>> > >>> switchport trunk encapsulation dot1q > >>>>>> > >>> > >>>>>> > >>> switchport trunk native vlan 10 > >>>>>> > >>> > >>>>>> > >>> switchport mode trunk > >>>>>> > >>> > >>>>>> > >>> end > >>>>>> > >>> > >>>>>> > >>> * > >>>>>> > >>> * > >>>>>> > >>> > >>>>>> > >>> *SW2#sh run int f0/19 | B inter* > >>>>>> > >>> > >>>>>> > >>> interface FastEthernet0/19 > >>>>>> > >>> > >>>>>> > >>> switchport trunk encapsulation dot1q > >>>>>> > >>> > >>>>>> > >>> switchport mode trunk > >>>>>> > >>> > >>>>>> > >>> end > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> *NOTE: The trunk is UP* > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> *SW1#Show int trunk* > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> Port Mode Encapsulation Status Native > >>>>>> vlan > >>>>>> > >>> > >>>>>> > >>> Fa0/19 on 802.1q trunking 10 > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> Port Vlans allowed on trunk > >>>>>> > >>> > >>>>>> > >>> Fa0/19 1-4094 > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> Port Vlans allowed and active in management domain > >>>>>> > >>> > >>>>>> > >>> Fa0/19 1,10,80 > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> Port Vlans in spanning tree forwarding state and not > >>>>>> pruned > >>>>>> > >>> > >>>>>> > >>> Fa0/19 1,10,80 > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> *SW2#sh spanning-tree blockedports * > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> Name Blocked Interfaces List > >>>>>> > >>> > >>>>>> > >>> -------------------- ------------------------------------ > >>>>>> > >>> > >>>>>> > >>> VLAN0001 Fa0/19 > >>>>>> > >>> > >>>>>> > >>> VLAN0010 Fa0/19 > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> Number of blocked ports (segments) in the system : 2 > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> *All Traffic is blocked for the two Vlans.* > >>>>>> > >>> > >>>>>> > >>> *And sure you can get around it, and one way to do this is to > >>>>>> filter > >>>>>> > >> BPDUs > >>>>>> > >>> that carry the VLANs as you mentioned:* > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> SW1(config)#int f0/19 > >>>>>> > >>> > >>>>>> > >>> SW1(config-if)#spanning-tree bpdufilter en > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> *SW1#sh spannin blockedports * > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> Name Blocked Interfaces List > >>>>>> > >>> > >>>>>> > >>> -------------------- ------------------------------------ > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> Number of blocked ports (segments) in the system : 0 > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> *And I am sure there are other ways. But remember this is the > >>>>>> default > >>>>>> > >>> behavior BUT not on all IOSes, on some IOSes, it will complain > >>>>>> that > >>>>>> > there > >>>>>> > >>> is a Native VLAN mismatch, but it will NOT block the VLANs > >>>>>> configured > >>>>>> > as > >>>>>> > >>> Native* > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> On Thu, Dec 8, 2011 at 10:35 AM, Narbik Kocharians < > >>>>>> [email protected] > >>>>>> > >>> wrote: > >>>>>> > >>> > >>>>>> > >>>> Yes, you are correct, you can get around it, i was referring > >>>>>> to the > >>>>>> > >>>> default behavior. > >>>>>> > >>>> > >>>>>> > >>>> > >>>>>> > >>>> On Thu, Dec 8, 2011 at 9:23 AM, Paul Cocker < > >>>>>> [email protected]> > >>>>>> > >> wrote: > >>>>>> > >>>> > >>>>>> > >>>>> Spanning-tree... > >>>>>> > >>>>> > >>>>>> > >>>>> I'm guessing the vlan is in the bpdu. > >>>>>> > >>>>> > >>>>>> > >>>>> with this config... > >>>>>> > >>>>> > >>>>>> > >>>>> SW1 > >>>>>> > >>>>> interface FastEthernet0/13 > >>>>>> > >>>>> switchport trunk encapsulation dot1q > >>>>>> > >>>>> switchport trunk native vlan 10 > >>>>>> > >>>>> switchport mode trunk > >>>>>> > >>>>> switchport nonegotiate > >>>>>> > >>>>> > >>>>>> > >>>>> SW2 > >>>>>> > >>>>> interface FastEthernet0/13 > >>>>>> > >>>>> switchport access vlan 20 > >>>>>> > >>>>> switchport trunk encapsulation dot1q > >>>>>> > >>>>> switchport trunk native vlan 20 > >>>>>> > >>>>> switchport mode trunk > >>>>>> > >>>>> switchport nonegotiate > >>>>>> > >>>>> no cdp enable > >>>>>> > >>>>> > >>>>>> > >>>>> > >>>>>> > >>>>> you get this... > >>>>>> > >>>>> > >>>>>> > >>>>> *Mar 1 00:18:26.994: %SPANTREE-2-RECV_PVID_ERR: Received > >>>>>> BPDU with > >>>>>> > >>>>> inconsistent peer vlan id 10 on FastEthernet0/13 VLAN20. > >>>>>> > >>>>> *Mar 1 00:18:26.994: %SPANTREE-2-BLOCK_PVID_LOCAL: Blocking > >>>>>> > >>>>> FastEthernet0/13 on VLAN0020. Inconsistent local vlan. > >>>>>> > >>>>> > >>>>>> > >>>>> You can disable spanning tree, or use bpdufilter to get > >>>>>> around it. > >>>>>> > >>>>> > >>>>>> > >>>>> > >>>>>> > >>>>> On 08/12/2011 16:58, Carlos G Mendioroz wrote: > >>>>>> > >>>>> > >>>>>> > >>>>>> What mechanism is responsible for such blocking ? > >>>>>> > >>>>>> > >>>>>> > >>>>>> -Carlos > >>>>>> > >>>>>> > >>>>>> > >>>>>> Narbik Kocharians @ 08/12/2011 13:34 -0300 dixit: > >>>>>> > >>>>>> > >>>>>> > >>>>>>> Between any two switch if the Native VLAN is mismatched > the > >>>>>> trunk > >>>>>> > >> will > >>>>>> > >>>>>>> come up but you won't be able to pass any traffic through > >>>>>> it, and > >>>>>> > you > >>>>>> > >>> can > >>>>>> > >>>>>>> see that with a "Show spanning block". > >>>>>> > >>>>>>> On Thu, Dec 8, 2011 at 4:31 AM, David Bass > >>>>>> > >>> <[email protected]<mailto: > >>>>>> > >>>>>>> [email protected]**>> wrote: > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> We are talking about CCIE lab, so best practice and > >>>>>> "working" > >>>>>> > >> status > >>>>>> > >>>>>>> all go out the window :). In his scenario he's talking > >>>>>> about > >>>>>> > >> router > >>>>>> > >>>>>>> to switch trunk, so no VTP or STP (if you do this switch > >>>>>> to switch > >>>>>> > >>>>>>> you'll definitely have issues though, so very good to > >>>>>> know)...CDP > >>>>>> > >>>>>>> will definitely bark non-stop though which is very > >>>>>> irritating. > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> On Dec 8, 2011, at 6:08 AM, Carlos G Mendioroz wrote: > >>>>>> > >>>>>>> > >>>>>> > >>>>>>>> May be depending on the equipment, the trunk will "form" > >>>>>> just > >>>>>> > fine, > >>>>>> > >>>>>>>> if VLAN hopping is not considered to be a problem :) > >>>>>> > >>>>>>>> CDP may barf. If VLAN 1 is involved, other griefs will > pop. > >>>>>> > >>>>>>>> > >>>>>> > >>>>>>>> Different problems: > >>>>>> > >>>>>>>> -framing: no problem, but "native VLAN" frames do not > >>>>>> signal > >>>>>> > >>>>>>> which VLAN > >>>>>> > >>>>>>>> they belong to, so if they do not match, frames will hop > >>>>>> from one > >>>>>> > >>>>>>> VLAN > >>>>>> > >>>>>>>> to the other. > >>>>>> > >>>>>>>> > >>>>>> > >>>>>>>> -signalling (DTP): AFAIK, VLANs are not part of the info > >>>>>> > >>>>>>> interchanged, so the trunk will form even if native is > not > >>>>>> the > >>>>>> > >> same. > >>>>>> > >>>>>>>> > >>>>>> > >>>>>>>> -control: (CDP/VTP/STP/...): well, you may have a problem > >>>>>> here. > >>>>>> > >>>>>>>> In particular, CDP/VTP go on VLAN 1, so if this is one of > >>>>>> the > >>>>>> > VLANs > >>>>>> > >>>>>>>> involved in the crossing, it won't work. > >>>>>> > >>>>>>>> > >>>>>> > >>>>>>>> -Others ? > >>>>>> > >>>>>>>> > >>>>>> > >>>>>>>> -Carlos > >>>>>> > >>>>>>>> > >>>>>> > >>>>>>>> > >>>>>> > >>>>>>>> David Bass @ 08/12/2011 08:25 -0300 dixit: > >>>>>> > >>>>>>>>> The trunk will come up fine, but you won't have IP > >>>>>> connectivity > >>>>>> > >>>>>>> between the 2 devices on the VLANs/subnets you are > >>>>>> expecting > >>>>>> > >> because > >>>>>> > >>>>>>> the 2 native VLANs are being bridged. Do some research > on > >>>>>> how > >>>>>> > >> dot1q > >>>>>> > >>>>>>> trunks work and you should be able to figure it out. On > >>>>>> Dec 7, > >>>>>> > >> 2011, > >>>>>> > >>>>>>> at 11:40 PM, CCIE KID <[email protected] > >>>>>> > >>>>>>> <mailto:[email protected]>> wrote: > >>>>>> > >>>>>>>>>> Hi fellas, > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>>>>> I tested a scenario where the Native vlan differs from > >>>>>> the > >>>>>> > >>>>>>> router port to > >>>>>> > >>>>>>>>>> the switch port. I understood that if the NAtive vlan > >>>>>> > >>>>>>> mismatches on a trunk > >>>>>> > >>>>>>>>>> port , then appropriate trunking wont be formed. > >>>>>> > >>>>>>>>>> But when i connect my router to a switch and in the > >>>>>> router > >>>>>> > >>>>>>> subinterface . I > >>>>>> > >>>>>>>>>> am having a native vlan of 20 and in the switch port it > >>>>>> is > >>>>>> > >>>>>>> having a native > >>>>>> > >>>>>>>>>> vlan of 10 , but still the trunk is forming perfectly > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>>>>> Can someone correct me > >>>>>> > >>>>>>>>>> fa0/1.1 fa0/1 > >>>>>> > >>>>>>>>>> > >>>>>> Router1-----------------------**------------------------Switch 1 > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>>>>> Router 1 > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>>>>> inter fa 0/1.1 > >>>>>> > >>>>>>>>>> encap dot1q 20 native > >>>>>> > >>>>>>>>>> ip add 10.1.1.1 255.255.255.0 > >>>>>> > >>>>>>>>>> no sh > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>>>>> Switch 1 > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>>>>> int fa 0/1 > >>>>>> > >>>>>>>>>> enc dot1q 10 native > >>>>>> > >>>>>>>>>> swi trunk enc dot > >>>>>> > >>>>>>>>>> swi mo trunk > >>>>>> > >>>>>>>>>> no sh > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>>>>> But s > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>>>>> -- > >>>>>> > >>>>>>>>>> With Warmest Regards, > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>>>>> CCIE KID > >>>>>> > >>>>>>>>>> CCIE#29992 (Security) > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>>>>> Blogs and organic groups at http://www.ccie.net > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>>>>> > >>>>>> > >>>>>>> > >>>>>> ______________________________**______________________________** > >>>>>> > >>>>>>> ___________ > >>>>>> > >>>>>>>>>> Subscription information may be found at: > >>>>>> > >>>>>>> > >>>>>> > >>> http://www.groupstudy.com/**list/CCIELab.html< > >>>>>> > >> http://www.groupstudy.com/list/ > >>>>>> > >>> CCIELab.html> > >>>>>> > >>>>>>>>> Blogs and organic groups at http://www.ccie.net > >>>>>> > >>>>>>>>> > >>>>>> > >>>>>>> > >>>>>> ______________________________**______________________________** > >>>>>> > >>>>>>> ___________ > >>>>>> > >>>>>>>>> Subscription information may be found at: > >>>>>> > >>>>>>> > >>>>>> > >>> http://www.groupstudy.com/**list/CCIELab.html< > >>>>>> > >> http://www.groupstudy.com/list/ > >>>>>> > >>> CCIELab.html> > >>>>>> > >>>>>>>> > >>>>>> > >>>>>>>> -- > >>>>>> > >>>>>>>> Carlos G Mendioroz <[email protected] <mailto: > >>>>>> [email protected]>> > >>>>>> > >>>>>>> LW7 EQI Argentina > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> Blogs and organic groups at http://www.ccie.net > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> > >>>>>> ______________________________**______________________________** > >>>>>> > >>>>>>> ___________ > >>>>>> > >>>>>>> Subscription information may be found at: > >>>>>> > >>>>>>> > >>>>>> > >>> http://www.groupstudy.com/**list/CCIELab.html< > >>>>>> > >> http://www.groupstudy.com/list/ > >>>>>> > >>> CCIELab.html> > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> > >>>>>> > >>>>>>> -- > >>>>>> > >>>>>>> *Narbik Kocharians > >>>>>> > >>>>>>> *CCSI#30832, CCIE# 12410 (R&S, SP, Security) > >>>>>> > >>>>>>> *www.MicronicsTraining.com* > >>>>>> > >>> <http://www.micronicstraining.**com/< > >>>>>> http://www.micronicstraining.com/ > >>>>>> > > > >>>>>> > >>>>>>>> > >>>>>> > >>>>>>> Sr. Technical Instructor > >>>>>> > >>>>>>> YES! We take Cisco Learning Credits! > >>>>>> > >>>>>>> Training & Remote Racks available > >>>>>> > >>>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>> > >>>>>> > >>>>> Blogs and organic groups at http://www.ccie.net > >>>>>> > >>>>> > >>>>>> > >>>>> > >>>>>> ______________________________**______________________________** > >>>>>> > >>>>> ___________ > >>>>>> > >>>>> Subscription information may be found at: > >>>>>> > http://www.groupstudy.com/** > >>>>>> > >>>>> list/CCIELab.html < > >>>>>> http://www.groupstudy.com/list/CCIELab.html> > >>>>>> > >>>>> > >>>>>> > >>>>> > >>>>>> > >>>>> > >>>>>> > >>>>> > >>>>>> > >>>>> > >>>>>> > >>>>> > >>>>>> > >>>>> > >>>>>> > >>>>> > >>>>>> > >>>> > >>>>>> > >>>> > >>>>>> > >>>> -- > >>>>>> > >>>> *Narbik Kocharians > >>>>>> > >>>> * > >>>>>> > >>>> CCSI#30832, CCIE# 12410 (R&S, SP, Security) > >>>>>> > >>>> *www.MicronicsTraining.com* < > http://www.micronicstraining.com/ > >>>>>> > > >>>>>> > >>>> Sr. Technical Instructor > >>>>>> > >>>> YES! We take Cisco Learning Credits! > >>>>>> > >>>> Training & Remote Racks available > >>>>>> > >>>> > >>>>>> > >>>> > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> -- > >>>>>> > >>> *Narbik Kocharians > >>>>>> > >>> *CCSI#30832, CCIE# 12410 (R&S, SP, Security) > >>>>>> > >>> *www.MicronicsTraining.com* < > http://www.micronicstraining.com/> > >>>>>> > >>> Sr. Technical Instructor > >>>>>> > >>> YES! We take Cisco Learning Credits! > >>>>>> > >>> Training & Remote Racks available > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > >>> Blogs and organic groups at http://www.ccie.net > >>>>>> > >>> > >>>>>> > >>> > >>>>>> > _______________________________________________________________________ > >>>>>> > >>> Subscription information may be found at: > >>>>>> > >>> http://www.groupstudy.com/list/CCIELab.html > >>>>>> > >> > >>>>>> > >> > >>>>>> > >> Blogs and organic groups at http://www.ccie.net > >>>>>> > >> > >>>>>> > >> > >>>>>> > _______________________________________________________________________ > >>>>>> > >> Subscription information may be found at: > >>>>>> > >> http://www.groupstudy.com/list/CCIELab.html > >>>>>> > >> > >>>>>> > >> > >>>>>> > >> > >>>>>> > >> > >>>>>> > >> > >>>>>> > >> > >>>>>> > >> > >>>>>> > >> > >>>>>> > > > >>>>>> > > > >>>>>> > > -- > >>>>>> > > With Warmest Regards, > >>>>>> > > > >>>>>> > > CCIE KID > >>>>>> > > CCIE#29992 (Security) > >>>>>> > > > >>>>>> > > > >>>>>> > > Blogs and organic groups at http://www.ccie.net > >>>>>> > > > >>>>>> > > > >>>>>> > _______________________________________________________________________ > >>>>>> > > Subscription information may be found at: > >>>>>> > > http://www.groupstudy.com/list/CCIELab.html > >>>>>> > > >>>>>> > > >>>>>> > Blogs and organic groups at http://www.ccie.net > >>>>>> > > >>>>>> > > >>>>>> > _______________________________________________________________________ > >>>>>> > Subscription information may be found at: > >>>>>> > http://www.groupstudy.com/list/CCIELab.html > >>>>>> > >>>>>> > >>>>>> Blogs and organic groups at http://www.ccie.net > >>>>>> > >>>>>> > >>>>>> > _______________________________________________________________________ > >>>>>> Subscription information may be found at: > >>>>>> http://www.groupstudy.com/list/CCIELab.html > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>> > >>>>> > >>>>> -- > >>>>> -- > >>>>> Olugbenga Oyebande > >>>>> MD, DAIT > >>>>> 234-803-302-5287 > >>>>> http://www.dait-ng.com > >>>>> Cisco Unified Network, VPN > >>>>> DAIT Enterprise Network Servers > >>>>> Broadband Internet Deployment & ISP Consultancy > >>>>> > >>>>> > >>>> > >>> > >>> > >>> -- > >>> -- > >>> Olugbenga Oyebande > >>> MD, DAIT > >>> 234-803-302-5287 > >>> http://www.dait-ng.com > >>> Cisco Unified Network, VPN > >>> DAIT Enterprise Network Servers > >>> Broadband Internet Deployment & ISP Consultancy > >>> > >>> > >> > >> > >> -- > >> With Warmest Regards, > >> > >> CCIE KID > >> CCIE#29992 (Security) > >> > >> > >> > > > > > -- > With Warmest Regards, > > CCIE KID > CCIE#29992 (Security) > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > http://onlinestudylist.com/mailman/listinfo/ccie_rs > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
