Guest

Virtual LANs/VLAN Trunking Protocol (VLANs/VTP)

Configuring ISL Trunking Between Catalyst Switches Running CatOS and Cisco IOS System Software

Document ID: 8759

Updated: Apr 25, 2006

   Print

Introduction

This document provides sample configurations for Inter-Switch Link (ISL) trunking between a Cisco Catalyst 5000 switch that runs Catalyst OS (CatOS) and a Catalyst 6500 switch that runs Cisco IOS® system software. You can use any of these switches in this scenario in order to obtain the same results:

  • Any Catalyst 4500/4000, 5500/5000, or 6500/6000 series switch that runs CatOS

  • Any Catalyst 4500/4000 or Catalyst 6500/6000 series switch that runs Cisco IOS system software

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

The information in this document is based on these software and hardware versions:

  • Catalyst 5000 switch that runs CatOS 6.1(1) software

  • Catalyst 6509 switch that runs Cisco IOS Software Release 12.1(4)E1

The information in this document was created from the devices in a specific lab environment. For details about the lab environment, see the Network Diagram section of this document. Ensure that you understand the potential impact of any configuration or command on your network before you use it. The configurations on all devices were cleared with the clear config all and write erase commands in order to ensure a default configuration.

Background Theory

Trunking is a way to carry traffic from several VLANs over a point-to-point link between two devices. Two ways in which you can implement Ethernet trunking are:

  • ISL (a Cisco proprietary protocol)

  • IEEE 802.1Q (an IEEE standard)

This document includes only the configuration files from the switches and the output from the related sample show commands. For details on how to configure an ISL trunk between Catalyst switches, refer to these documents:

Important Notes

  • The Catalyst 4500/4000 series switches (which include the Catalyst 2948G and Catalyst 2980G) that run CatOS only support 802.1Q trunking. These switches do not support ISL trunking.

  • The Catalyst 4000 switches with a Supervisor Engine II+ or later run Cisco IOS Software by default. These switches support both ISL and 802.1Q trunking modes on all interfaces except on blocking Gigabit ports on the WS-X4418-GB and S-X4412-2GB-T modules. In these cases, the switches support only 802.1Q trunking. Ports 3 through 18 are blocking Gigabit ports on the WS-X4418-GB module. Ports 1 through 12 are blocking Gigabit ports on the WS-X4412-2GB-T module. The term "blocking port" means that the port connection to the backplane is oversubscribed.

  • Any Ethernet port on a Catalyst 6500/6000 series switch supports 802.1Q and ISL encapsulation.

  • Based on the module, Catalyst 5000 trunk-capable ports support ISL encapsulation only or support both ISL and 802.1Q. The best way to determine the supported encapsulation types is to use the show port capabilities command. The command output explicitly states the trunking capacity, as this example shows:

    cat5000> show port capabilities 3
    Model                    WS-X5225R
    Port                     3/1
    Type                     10/100BaseTX
    Speed                    auto,10,100
    Duplex                   half,full
    Trunk encap type         802.1Q, ISL
    
    !--- This particular port supports both 802.1Q and ISL.
    
    Trunk mode               on,off,desirable,auto,nonegotiate
    Channel                  3/1-2,3/1-4
    Broadcast suppression    percentage(0-100)
    Flow control             receive-(off,on),send-(off,on)
    Security                 yes
    Membership               static,dynamic
    Fast start               yes
    QOS scheduling           rx-(none),tx-(none)
    CoS rewrite              yes
    ToS rewrite              IP-Precedence
    Rewrite                  no
    UDLD                     yes
    AuxiliaryVlan            1..1000,1025..4094,untagged,dot1p,none
    SPAN                     source,destination
  • Be sure that the trunking modes match across the trunk link. If you configure one side of the link as an ISL trunk, you must configure the other side of the link as ISL. Similarly, if you configure one side of the link as an 802.1Q, you must configure the other side of the link as 802.1Q.

Conventions

Refer to Cisco Technical Tips Conventions for more information on document conventions.

Configure

In this section, you are presented with the information to configure the features described in this document.

Note: Use the Command Lookup Tool (registered customers only) to find more information on the commands used in this document.

Network Diagram

This document uses this network setup:

66a.gif

Configurations

This document uses these configurations:

Note: This document displays comments and explanations in blue italics within the configurations.

Catalyst 5000 Switch
#version 6.1(1)
!
set option fddi-user-pri enabled
set password $2$h/BN$i3S54iNvIXknFelh6gOve0
set enablepass $2$DpAu$/mw1ZxL5I8ymR.yn85ovB/
!
#errordetection
set errordetection portcounter enable
!
#system
set system name  cat5000
!
#frame distribution method
set port channel all distribution mac both
!
#vtp

!--- In the example, the VLAN Trunk Protocol (VTP) mode is set to be transparent.
!--- Use your network as a basis to set the VTP mode.

set vtp mode transparent

!--- For details on VTP, refer to Configuring VTP.


set vlan 1 name default type ethernet mtu 1500 said 100001 state active
set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active
set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp ieee
set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active stp ibm
set vlan 2
set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state acti
ve mode srb aremaxhop 7 stemaxhop 7 backupcrf off
!
#ip

!--- This is the IP address that is used for management.

set interface sc0 1 10.10.10.2/255.255.255.0 10.10.10.255
 
!
#set boot command
set boot config-register 0x10f
set boot system flash bootflash:cat5000-sup3.6-1-1.bin
!
#mls
set mls nde disable
!
# default port status is enable
!
!
#module 1 : 0-port Supervisor III
!
#module 2 empty
!
#module 3 : 9-port Gigabit Ethernet
!
#module 4 : 24-port 10/100BaseTX Ethernet
!
#module 5 : 24-port 10/100BaseTX Ethernet

!--- Ports 5/13–24 have been assigned to VLAN 2.

set vlan 2 5/13-24


!--- The ISL trunking mode is set to "on".
!--- Use your network and requirements as a basis to set the trunking mode.

set trunk 5/1 on isl 1-1005

!--- For details on different trunking modes, refer to 
!--- Configuring VLAN Trunks on Fast Ethernet and Gigabit Ethernet Ports.


!--- PortFast has been enabled on the ports that are connected to the workstations.

set spantree portfast 5/2-24 enable

!--- For details on why to enable PortFast, refer to
!--- Using PortFast and Other Commands to Fix Workstation Startup Connectivity Delays.

end

Catalyst 6500 Switch
Current configuration : 4207 bytes
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname cat6000
!
boot buffersize 126968
boot bootldr bootflash:c6msfc-boot-mz.121-4.E1.bin
no logging console

!--- The example uses the privileged mode password.

enable password mysecret
!
redundancy
 main-cpu
  auto-sync standard
ip subnet-zero
no ip domain-lookup
!
ip cef
cns event-service server
!
!
!
interface gigabitethernet1/1
 no ip address
 shutdown
!
interface gigabitethernet1/2
 no ip address
 shutdown
!
interface fastethernet9/1
 no ip address


!--- Issue the switchport command once, without any keywords, 
!--- in order to configure the interface as a Layer 2 (L2) port for the Catalyst 6500.
!--- For details, refer to Configuring Layer 2 Ethernet Interfaces (Catalyst 6500).
!--- On a Catalyst 4000 switch that runs Cisco IOS Software, all ports are 
!--- L2 ports by default. If there is no change to the default configuration, 
!--- you do not need to issue the switchport command.
!--- For details, refer to Configuring Layer 2 Ethernet Interfaces (Catalyst 4000).

 switchport

!--- Configure trunk encapsulation as ISL.

 switchport trunk encapsulation isl


!--- Enable trunking on the interface.

 switchport mode trunk
!

!--- Interfaces Fast Ethernet 9/2 through 9/24 are configured to be in access mode.
!--- For details, refer to the "Layer 2 Interface Modes" section of
!--- Configuring Layer 2 Ethernet Interfaces.

interface fastethernet9/2
 no ip address
 switchport
 switchport mode access
!
interface fastethernet9/3
 no ip address
 switchport
 switchport mode access
!

!--- Output suppressed.

!
interface fastethernet9/11
 no ip address
 switchport
 switchport mode access
!
interface fastethernet9/12
 no ip address
 switchport
 switchport mode access
!

!--- Interfaces Fast Ethernet 9/13 through 9/24 are placed in VLAN 2.

interface fastethernet9/13
 no ip address
 switchport
 switchport access vlan 2
 switchport mode access
!
interface fastethernet9/14
 no ip address
 switchport
 switchport access vlan 2
 switchport mode access
!

!--- Output suppressed.

!
interface fastethernet9/23
 no ip address
 switchport
 switchport access vlan 2
 switchport mode access
!
interface fastethernet9/24
 no ip address
 switchport
 switchport access vlan 2
 switchport mode access
!
interface fastethernet9/25
 no ip address
 shutdown
!

!--- Output suppressed.

!
interface fastethernet9/48
 no ip address
 shutdown
!
interface vlan1

!--- This is the IP address that is used for management.

 ip address 10.10.10.3 255.255.255.0
!
!
ip classless
no ip http server
!
!
!
line con 0
 transport input none
line vty 0 4

!--- This example uses the Telnet password.

 password mysecret
login
!
end

Note: If you assign an interface to a VLAN that does not exist, the interface shuts down until you create the VLAN in the VLAN database. For details, refer to the Creating or Modifying an Ethernet VLAN section of Configuring VLANs.

Verify

show Commands

Use this section to confirm that your configuration works properly.

The Output Interpreter Tool (registered customers only) (OIT) supports certain show commands. Use the OIT to view an analysis of show command output.

Catalyst 5000 or Catalyst 6000 Switches That Run CatOS

  • show port capabilities module/port —Use this command to check if the port is capable of trunking.

    cat5000> (enable) show port capabilities 5/1
    Model                    WS-X5234
    Port                     5/1
    Type                     10/100BaseTX
    Speed                    auto,10,100
    Duplex                   half,full
    Trunk encap type         802.1Q,ISL
    Trunk mode               on,off,desirable,auto,nonegotiate
    Channel                  5/1-2,5/1-4
    Broadcast suppression    percentage(0-100)
    Flow control             receive-(off,on),send-(off,on)
    Security                 yes
    Membership               static,dynamic
    Fast start               yes
    QOS scheduling           rx-(none),TX(1q4t)
    COs rewrite              yes
    ToS rewrite              IP-Precedence
    Rewrite                  yes
    UDLD                     yes
    AuxiliaryVlan            1..1000,1025..4094,untagged,dot1p,none
    SPAN                     source,destination
  • show port module/port —This command shows the status of a particular port and whether it is trunking.

    cat5000> (enable) show port 5/1
    Port  Name               Status     Vlan       Level  Duplex Speed Type
    ----- ------------------ ---------- ---------- ------ ------ ----- ------------
     5/1                     connected  trunk      normal a-full a-100 10/100BaseTX
    
    Port  AuxiliaryVlan AuxVlan-Status
    ----- ------------- --------------
     5/1  none          none          
    
    
    Port  Security Violation Shutdown-Time Age-Time Max-Addr Trap     IfIndex
    ----- -------- --------- ------------- -------- -------- -------- -------
     5/1  disabled  shutdown             0        0        1 disabled      66
    
    Port  Num-Addr Secure-Src-Addr   Age-Left Last-Src-Addr     Shutdown/Time-Left
    ----- -------- ----------------- -------- ----------------- ------------------
     5/1         0                 -        -                 -        -         -
    
    !--- Output suppressed.
    
    
  • show trunk module/port —Use this command to verify the trunking status and configuration.

    cat5000> (enable) show trunk
    * - indicates vtp domain mismatch
    Port      Mode         Encapsulation  Status        Native vlan
    --------  -----------  -------------  ------------  -----------
     5/1      on           isl            trunking      1
     
    Port      Vlans allowed on trunk
    --------  ---------------------------------------------------------------------
     5/1      1-1005
     
    Port      Vlans allowed and active in management domain
    --------  ---------------------------------------------------------------------
     5/1      1-2
     
    Port      Vlans in spanning tree forwarding state and not pruned
    --------  ---------------------------------------------------------------------
     5/1      1-2
    
  • show vtp domain—Use this command to check the VTP information.

    cat5000> (enable) show vtp domain
    Domain Name                      Domain Index VTP Version Local Mode  Password
    -------------------------------- ------------ ----------- ----------- ----------
                                     1            2           Transparent -
    
    Vlan-count Max-vlan-storage Config Revision Notifications
    ---------- ---------------- --------------- -------------
    6          1023             0               disabled
    
    Last Updater    V2 Mode  Pruning  PruneEligible on Vlans
    --------------- -------- -------- -------------------------
    10.10.10.2      disabled disabled 2-1000

Catalyst 6500/6000 Switches or Catalyst 4500/4000 Switches That Run Cisco IOS Software

  • show interfaces interface_type module/port trunk—This command tells you if the port is trunking.

    cat6000#show interfaces fastethernet 9/1 trunk
     
    Port      Mode         Encapsulation  Status        Native vlan
    Fa9/1     on           isl            trunking      1
     
    Port      Vlans allowed on trunk
    Fa9/1     1-1005
     
    Port      Vlans allowed and active in management domain
    Fa9/1     1-2,1002-1005
     
    Port      Vlans in spanning tree forwarding state and not pruned
    Fa9/1     1-2,1002-1005
  • show vlan —This command provides information about the VLANs and the ports that belong to a particular VLAN.

    cat6000#show vlan
     
    VLAN Name                             Status    Ports
    ---- -------------------------------- --------- -------------------------------
    1    default                          active    Fa9/2, Fa9/3, Fa9/4, Fa9/5
                                                    Fa9/6, Fa9/7, Fa9/8, Fa9/9
                                                    Fa9/10, Fa9/11, Fa9/12
    2    VLAN0002                         active    Fa9/13, Fa9/14, Fa9/15, Fa9/16
                                                    Fa9/17, Fa9/18, Fa9/19, Fa9/20
                                                    Fa9/21, Fa9/22, Fa9/23, Fa9/24
    1002 fddi-default                     active
    1003 token-ring-default               active
    1004 fddinet-default                  active
    1005 trnet-default                    active
    
    !--- Output suppressed.
    
    

Note: Only those ports that are configured as L2 nontrunk ports are displayed. For details, refer to the Configuring Ethernet Interfaces for Layer 2 Switching section of Configuring Layer 2 Ethernet Interfaces.

Troubleshoot

Use this section to troubleshoot your configuration.

Switch Does Not Accept a Change of Native VLAN on a Trunk Port Because Port Is a Non-802.1Q Port

This issue occurs because the trunk port does not support 802.1Q encapsulation. A native VLAN requires 802.1Q support on a port. If the port does not have the 802.1Q support, the switch does not allow a change of the native VLAN.

802.1Q support for trunking is a hardware-dependent factor. Issue the show port capabilities command in order to check for 802.1Q support. The encapsulation option in the output of the show port capabilities command states the 802.1Q support for trunking.

Related Information

Updated: Apr 25, 2006
Document ID: 8759