Guest

Virtual LANs/VLAN Trunking Protocol (VLANs/VTP)

802.1Q Trunking Between Catalyst Switches Running CatOS

Document ID: 8757

Updated: Nov 17, 2007

   Print

Introduction

This document provides sample configurations on 802.1Q (dot1q) trunking between a Catalyst 5500 and 5000 switch, both running Catalyst OS (CatOS). Any Catalyst 4000, 5000, or 6000 family member running CatOS can be used in this scenario to obtain the same results.

Trunks carry the traffic of multiple VLANs over a single link, and allow you to extend VLANs across an entire network. Two ways in which Ethernet trunking can be implemented are:

Before You Begin

Conventions

For more information on document conventions, see the Cisco Technical Tips Conventions.

Prerequisites

This document shows the configuration files from the CatOS switches, and the output from the related sample show commands. For details on how to configure a 802.1Q trunk between the Catalyst switches, refer to the following document:

Components Used

To create the examples in this document, the following switches were used in a lab environment with cleared configurations:

  • Catalyst 5500 switch running Catalyst OS 6.4(2) software

  • Catalyst 6500 switch running Catalyst OS 6.4(2) software

The configurations on all devices were cleared with the clear config all command to ensure they had a default configuration.

The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.

Background Theory

Note the following:

  • The Catalyst 4000 family switches (including Catalyst 2948G and Catalyst 2980G) only supports 802.1Q trunking, not ISL trunking. For more information, refer to System Requirements to Implement Trunking.

  • All Ethernet ports on the Catalyst 6000/6500 support 802.1Q and ISL encapsulation, with the exception of the 10-Gigabit Ethernet switching module, which does not support ISL.

  • Depending on the module, Catalyst 5000 trunk capable ports support only ISL encapsulation, or both ISL and 802.1Q. The best way to verify this is to issue the show port capabilities command. The trunking capacity is explicitly stated. For example:

cat5509> show port capabilities 2/1
Model                    WS-X5550
Port                     2/1
Type                     1000BaseSX
Speed                    1000
Duplex                   full
Trunk encap type         802.1Q,ISL

!-- This particular port supports both 802.1Q and ISL.

Trunk mode               on,off,desirable,auto,nonegotiate
Channel                  no
Broadcast suppression    percentage(0-100)
Flow control             receive-(off,on,desired),send-(off,on,desired)
Security                 no
Dot1x	                   yes
Membership               static
Fast start               yes
QOS scheduling           rx-(none),tx-(none)
CoS rewrite              no
ToS rewrite              no
Rewrite                  no
UDLD                     yes
AuxiliaryVlan            no
SPAN                     source,destination
cat5509> (enable)

For more information on system requirements for trunking, refer to System Requirements to Implement Trunking.

  • Make sure that the trunking modes match across the trunk link. If one side of the link is configured as an ISL trunk, the other side of the link should also be configured as ISL. Similarly, if one side of the link is configured as 802.1Q, the other side of the link should also be configured as 802.1Q.

  • In 802.1Q trunking, all VLAN packets are tagged on the trunk link, except the native VLAN. The native VLAN packets are sent untagged on the trunk link. Therefore, the native VLAN should be same on both switches configured for trunking. This way, we can deduce to which VLAN a frame belongs when we receive a frame with no tag. By default, VLAN 1 is the native VLAN on all switches.

    • In CatOS, the native VLAN can be changed by issuing the set vlan vlan-id mod/port command, where mod/port is the trunk port.

For more information refer to Trunking Between Catalyst 4000, 5000, and 6000 Family Switches Using 802.1Q Encapsulation.

Configure

In this section, you are presented with the information to configure the features described in this document.

Note: To find additional information on the commands used in this document, use the Command Lookup Tool (registered customers only) .

Network Diagram

This document uses the network setup shown in the diagram below.

70a.gif

Configurations

This document uses the configurations shown below.

Note: Comments between the outputs are added in blue italics.

Catalyst 5509
#version 6.4(2)
!
set option fddi-user-pri enabled
set password $2$q.J7$O5n.pwx7aEC6NHWJfXadx1
set enablepass $2$o.h/$bAxfjJ4XUA/RMUHqBr1YQ0
!
#errordetection
set errordetection portcounter enable
!
#system
set system name  cat5509
!
#frame distribution method
set port channel all distribution mac both
!
#vtp

!--- In this example, the VTP mode is set to be transparent.
!--- Depending on your network, set the VLAN Trunking Protocol (VTP) 
!--- mode accordingly.

set vtp mode transparent

!--- For details on VTP, refer to Configuring VTP on Catalyst Switches.

set vlan 1 name default type ethernet mtu 1500 said 100001 state active
set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active
set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp ieee
set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active stp ibm
set vlan 2
set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state acti
ve mode srb aremaxhop 7 stemaxhop 7 backupcrf off
!
#ip

!--- IP address used for management.

set interface sc0 1 10.10.10.2/255.255.255.0 10.10.10.255
 
!
#set boot command
set boot config-register 0x2102
set boot system flash slot0:cat5000-supg.6-4-2.bin
!
# default port status is enable
!
!
#module 1 empty
!
#module 2 : 2-port 1000BaseX Supervisor IIIG

!--- The dot1q trunking mode is set to on. Depending on your network
!--- and requirements, set the trunking mode accordingly.

set trunk 2/1  on dot1q 1-1005

!--- For details on different trunking modes, refer to
!--- Configuring VLAN Trunks on Fast Ethernet and Gigabit Ethernet Ports.


!
#module 3 empty
!
#module 4 empty 

#module 5 : 24-port 10/100BaseTX Ethernet

!--- Ports 5/3-24 have been assigned to VLAN 2.

set vlan 2    5/3-24

!--- Portfast has been enabled on the ports connected to the workstations.

set spantree portfast 5/2-24 enable

!--- For details on why to enable portfast,refer to 
!--- Using PortFast and Other Commands to Fix Workstation Startup Connectivity Delays.

!
#module 6 empty
!

!--- Output suppressed.

end

Catalyst 6500
#Version 6.4(2)
!
set option fddi-user-pri enabled
set password $2$J75L$Ug4163kfeHTDcLJZ/L9es1
set enablepass $2$h/BN$i3S54iNvIXknFelh6gOve0
!
#errordetection
set errordetection portcounter enable
!
#system
set system name  cat6500
!
#frame distribution method
set port channel all distribution Mac both
!
#vtp

!--- In this example, the VTP mode is set to be transparent.
!--- Depending on your network, set the VTP mode accordingly.

set vtp mode transparent

!--- For details on VTP, refer to 
!--- Configuring VTP on Catalyst Switches.

set vlan 1 name default type ethernet mtu 1500 said 100001 state active
set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active

!--- The lines below are wrapped around for display reasons.
 
set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state   active stp IEEE
set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state 
  active stp IBM
set vlan 2
set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state 
  active mode srb aremaxhop 7 stemaxhop 7 backupcrf off
!
#ip

!--- IP address used for management.

set interface sc0 1 10.10.10.3/255.255.255.0 10.10.10.255
 
!
#set boot command
set boot config-register 0x2102
set boot system flash slot0:cat6000-sup2.6-4-2.bin
!
# default port status is enable
!
!
#module 1 : 2-port 1000BaseX Supervisorset module name    1
!
#module 2 : 12-port 10/100BaseTX Ethernet
!
#module 3 : 8-port 1000BaseX Ethernet

set module name    3

!--- The dot1q trunking mode is set to on. Depending on your network 
!--- and requirements, set the trunking mode accordingly.

set trunk 3/1  on dot1q 1-1005,1025-4094

!--- For details on different trunking modes, refer to 
!--- Configuring VLAN Trunks on Fast Ethernet and Gigabit Ethernet Ports.

!
#module 4 : 48-port 10/100BaseTX Ethernet

!--- Ports 4/3-24 have been assigned to VLAN 2.

set vlan 2    4/3-48

!--- Portfast has been enabled on the ports connected to the workstations.

set spantree portfast 4/2-48 enable 

!--- For details on why to enable portfast, refer to 
!--- Using PortFast and Other Commands to Fix Workstation Startup Connectivity Delays.

!
#module 5 : 12-port 10BaseFL Ethernet
end

!--- Output suppressed.

Verify

This section provides information you can use to confirm your configuration is working properly.

Certain show commands are supported by the Output Interpreter tool (registered customers only) , which allows you to view an analysis of show command output.

  • show port capabilities module/port

  • show port module/port

  • show trunk

  • show vtp domain

Sample show Command Output

Catalyst 5509 Switch

The following are some of the commands used to verify the trunking configurations:

show port capabilities module/port - This command is used to verify if the port is capable of trunking.

cat5509> (enable)  show port capabilities 2/1
Model                    WS-X5550
Port                     2/1
Type                     1000BaseSX
Speed                    1000
Duplex                   full
Trunk encap type         802.1Q,ISL

!--- This particular port supports both 802.1Q and ISL

Trunk mode               on,off,desirable,auto,nonegotiate
Channel                  no
Broadcast suppression    percentage(0-100)
Flow control             receive-(off,on,desired),send-(off,on,desired)
Security                 no
Dot1x                    yes
Membership               static
Fast start               yes
QOS scheduling           rx-(none),TX(1q4t)
COs rewrite              no
ToS rewrite              no
Rewrite                  no
UDLD                     yes
AuxiliaryVlan            no
SPAN                     source,destination
cat5509> (enable)

show port module/port - This command tells the status of a particular port, and whether or not it is trunking.

cat5509> (enable) show port 2/1
Port  Name               Status     Vlan       Level  Duplex Speed Type
----- ------------------ ---------- ---------- ------ ------ ----- ------------
2/1                     connected  trunk      normal   full  1000 1000BaseSX

Port   Trap      IfIndex
-----  --------  -------
 2/1   disabled  47          


Port     Broadcast-Limit Broadcast-Drop
-------- --------------- --------------
 2/1                   -              0

Port  Send FlowControl  Receive FlowControl   RxPause    TxPause    Unsupported
      admin    oper     admin     oper                              opcodes
----- -------- -------- --------- ---------   ---------- ---------- -----------
 2/1  desired  off      off       off         0          0          0

Port  Align-Err  FCS-Err    Xmit-Err   Rcv-Err    UnderSize
----- ---------- ---------- ---------- ---------- ---------
 2/1           0          0          0          2         0

Port  Single-Col Multi-Coll Late-Coll  Excess-Col Carri-Sen Runts     Giants
----- ---------- ---------- ---------- ---------- --------- --------- ---------
 2/1           0          0          0          0         0         0         -

!--- Output suppressed.

show trunk - This command is used to verify the trunking status and configuration.

cat5500> (enable) show trunk
* - indicates vtp domain mismatch
Port      Mode         Encapsulation  Status        Native vlan
--------  -----------  -------------  ------------  -----------
 4/1      on           dot1q          trunking      1
 
Port      Vlans allowed on trunk
--------  ---------------------------------------------------------------------
 4/1      1-1005
 
Port      Vlans allowed and active in management domain
--------  ---------------------------------------------------------------------
 4/1      1-2
 
Port      Vlans in spanning tree forwarding state and not pruned
--------  ---------------------------------------------------------------------
 4/1      1-2

show vtp domain - This command is used to check the VTP information.

cat5500> (enable) show vtp domain
Domain Name                      Domain Index VTP Version Local Mode  Password
-------------------------------- ------------ ----------- ----------- ----------
                                 1            2           Transparent -

Vlan-count Max-vlan-storage Config Revision Notifications
---------- ---------------- --------------- -------------
6          1023             0               disabled

Last Updater    V2 Mode  Pruning  PruneEligible on Vlans
--------------- -------- -------- -------------------------
10.10.10.2      disabled disabled 2-1000

If you have the output of a show-tech support command from your Cisco device, you can use Output Interpreter (registered customers only) to display potential issues and fixes.

Catalyst 6500 Switch

Following are some of the commands used to verify the trunking configurations:

show port capabilities module/port - This command is used to verify if the port is capable of trunking.

cat6500> (enable) show port capabilities 3/1
Model                    WS-X6408A-GBIC
Port                     3/1
Type                     1000BaseSX
Speed                    1000
Duplex                   full
Trunk encap type         802.1Q,ISL
Trunk mode               on,off,desirable,auto,nonegotiate
Channel                  yes
Broadcast suppression    percentage(0-100)
Flow control             receive-(off,on),send-(off,on)
Security                 yes
Dot1x                    yes
Membership               static,dynamic
Fast start               yes
QOS scheduling           rx-(1p1q4t),tx-(1p2q2t)
CoS rewrite              yes
ToS rewrite              DSCP
UDLD                     yes
Inline power             no
AuxiliaryVlan            no
SPAN                     source,destination
COPS port group          3/1-4
Link debounce timer      yes

show port module/port - This command tells the status of a particular port, and whether or not it is trunking.

cat6500> (enable) show port 3/1
Port  Name                 Status     Vlan       Duplex Speed Type
----- -------------------- ---------- ---------- ------ ----- ------------
 3/1                       connected  trunk        full  1000 1000BaseSX

Port  Security Violation Shutdown-Time Age-Time Max-Addr  Trap    IfIndex
----- -------- --------- ------------- -------- -------- -------- -------
3/1   disabled shutdown     0             0       1      disabled   61
   

!--- Output suppressed.

show trunk - This command is used to verify the trunking status and configuration.

cat6500> (enable) show trunk
* - indicates vtp domain mismatch
Port      Mode         Encapsulation  Status        Native vlan
--------  -----------  -------------  ------------  -----------
 3/1      on           dot1q          trunking      1

Port Vlans allowed on trunk
     -------- ---------------------------------------------------------------------
     3/1 1-1005,1025-4094

Port Vlans allowed and active in management domain
     -------- ---------------------------------------------------------------------
     3/1 1-2

Port Vlans in spanning tree forwarding state and not pruned
     -------- ---------------------------------------------------------------------
     3/1 1-2

show vtp domain - This command is used to check the VTP information.

cat5000> (enable) show vtp domain
Domain Name                      Domain Index VTP Version Local Mode  Password
-------------------------------- ------------ ----------- ----------- ----------
                                 1            2           Transparent -

Vlan-count Max-vlan-storage Config Revision Notifications
---------- ---------------- --------------- -------------
6          1023             0               disabled

Last Updater    V2 Mode  Pruning  PruneEligible on Vlans
--------------- -------- -------- -------------------------
10.10.10.3      disabled disabled 2-1000

Troubleshoot

There is currently no specific troubleshooting information available for this configuration.

Related Information

Updated: Nov 17, 2007
Document ID: 8757