Catalyst 6500 Release 15.0SY Software Configuration Guide
Layer 2 LAN Port Configuration
Downloads: This chapterpdf (PDF - 329.0KB) The complete bookPDF (PDF - 18.46MB) | Feedback

LAN Ports for Layer 2 Switching

Table Of Contents

LAN Ports for Layer 2 Switching

Prerequisites for Layer 2 LAN Interfaces

Restrictions for Layer 2 LAN Interfaces

Information About Layer 2 Switching

Information about Layer 2 Ethernet Switching

Layer 2 Ethernet Switching Overview

Building the MAC Address Table

Information about VLAN Trunks

Layer 2 LAN Port Modes

Default Settings for Layer 2 LAN Interfaces

How to Configure LAN Interfaces for Layer 2 Switching

Configuring a LAN Port for Layer 2 Switching

Enabling Out-of-Band MAC Address Table Synchronization

Configuring MAC Address Table Notification

Configuring a Layer 2 Switching Port as a Trunk

Configuring the Layer 2 Switching Port as an 802.1Q Trunk

Configuring the Layer 2 Trunk to Use DTP

Configuring the Layer 2 Trunk Not to Use DTP

Configuring the Access VLAN

Configuring the 802.1Q Native VLAN

Configuring the List of VLANs Allowed on a Trunk

Configuring the List of Prune-Eligible VLANs

Completing Trunk Configuration

Verifying Layer 2 Trunk Configuration

Configuration and Verification Examples

Configuring a LAN Interface as a Layer 2 Access Port

Configuring a Custom IEEE 802.1Q EtherType Field Value


LAN Ports for Layer 2 Switching


Prerequisites for Layer 2 LAN Interfaces

Restrictions for Layer 2 LAN Interfaces

Information About Layer 2 Switching

Default Settings for Layer 2 LAN Interfaces

How to Configure LAN Interfaces for Layer 2 Switching


NoteFor complete syntax and usage information for the commands used in this chapter, see these publications:

http://www.cisco.com/en/US/products/ps11845/prod_command_reference_list.html

Cisco IOS Release 15.0SY supports only Ethernet interfaces. Cisco IOS Release 15.0SY does not support any WAN features or commands.

To configure Layer 3 interfaces, see Chapter 33 "Layer 3 Interfaces."



Tip For additional information about Cisco Catalyst 6500 Series Switches (including configuration examples and troubleshooting information), see the documents listed on this page:

http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html

Participate in the Technical Documentation Ideas forum


Prerequisites for Layer 2 LAN Interfaces

None.

Restrictions for Layer 2 LAN Interfaces

When connecting Cisco switches through an 802.1q trunk, make sure the native VLAN for an 802.1Q trunk is the same on both ends of the trunk link. If the native VLAN on one end of the trunk is different from the native VLAN on the other end, spanning tree loops might result.

Disabling spanning tree on the native VLAN of an 802.1Q trunk without disabling spanning tree on every VLAN in the network can cause spanning tree loops. We recommend that you leave spanning tree enabled on the native VLAN of an 802.1Q trunk. If this is not possible, disable spanning tree on every VLAN in the network. Make sure your network is free of physical loops before disabling spanning tree.

When you connect two Cisco switches through 802.1Q trunks, the switches exchange spanning tree BPDUs on each VLAN allowed on the trunks. The BPDUs on the native VLAN of the trunk are sent untagged to the reserved IEEE 802.1d spanning tree multicast MAC address (01-80-C2-00-00-00). The BPDUs on all other VLANs on the trunk are sent tagged to the reserved Cisco Shared Spanning Tree (SSTP) multicast MAC address (01-00-0c-cc-cc-cd).

Non-Cisco 802.1Q switches maintain only a single instance of spanning tree (the Mono Spanning Tree, or MST) that defines the spanning tree topology for all VLANs. When you connect a Cisco switch to a non-Cisco switch through an 802.1Q trunk, the MST of the non-Cisco switch and the native VLAN spanning tree of the Cisco switch combine to form a single spanning tree topology known as the Common Spanning Tree (CST).

Because Cisco switches transmit BPDUs to the SSTP multicast MAC address on VLANs other than the native VLAN of the trunk, non-Cisco switches do not recognize these frames as BPDUs and flood them on all ports in the corresponding VLAN. Other Cisco switches connected to the non-Cisco 802.1q cloud receive these flooded BPDUs. This allows Cisco switches to maintain a per-VLAN spanning tree topology across a cloud of non-Cisco 802.1Q switches. The non-Cisco 802.1Q cloud separating the Cisco switches is treated as a single broadcast segment between all switches connected to the non-Cisco 802.1q cloud through 802.1q trunks.

Make certain that the native VLAN is the same on all of the 802.1q trunks connecting the Cisco switches to the non-Cisco 802.1q cloud.

If you are connecting multiple Cisco switches to a non-Cisco 802.1q cloud, all of the connections must be through 802.1q trunks. You cannot connect Cisco switches to a non-Cisco 802.1q cloud through access ports. Doing so causes the switch to place the access port into the spanning tree "port inconsistent" state and no traffic will pass through the port.

Information About Layer 2 Switching

Information about Layer 2 Ethernet Switching

Information about VLAN Trunks

Layer 2 LAN Port Modes

Information about Layer 2 Ethernet Switching

Layer 2 Ethernet Switching Overview

Building the MAC Address Table

Layer 2 Ethernet Switching Overview

Layer 2 Ethernet ports on Cisco switches support simultaneous, parallel connections between Layer 2 Ethernet segments. Switched connections between Ethernet segments last only for the duration of the packet. New connections can be made between different segments for the next packet.

Layer 2 LAN switching (hardware-supported bridging) avoids congestion by assigning each connected device to its own collision domain. Because each LAN port connects to a separate Ethernet collision domain, attached devices in a properly configured switched environment achieve full access to network bandwidth.

Building the MAC Address Table

Overview of the MAC Address Table

Synchronization and Sharing of the Address Table

Notification of Address Table Changes

Overview of the MAC Address Table

When stations connected to different LAN ports need to communicate, the switch forwards frames from one LAN port to the other at wire speed to ensure that each session receives full bandwidth.

To switch frames between LAN ports efficiently, the switch maintains a MAC address table. When a frame enters the switch, it associates the MAC address of the sending network device with the LAN port on which it was received.

The MAC address table is built by using the source MAC address of the frames received. When the switch receives a frame for a destination MAC address not listed in its MAC address table, it floods the frame to all LAN ports of the same VLAN except the port that received the frame. When the destination station replies, the switch adds its relevant source MAC address and port ID to the MAC address table. The switch then forwards subsequent frames to a single LAN port without flooding to all LAN ports.

The MAC address table can store at least 128,000 address entries without flooding any entries. The switch uses an aging mechanism, configured by the mac address-table aging-time command, so if an address remains inactive for a specified number of seconds, it is removed from the address table.

Synchronization and Sharing of the Address Table

With distributed switching, each DFC-equipped switching module learns MAC addresses, maintains an address table, and ages table entries. MAC address table synchronization over the Ethernet Out of Band Channel (EOBC) synchronizes address tables among the PFC and all DFCs, eliminating the need for flooding by a DFC for an address that is active on another module. MAC synchronization is enabled by default.

Notification of Address Table Changes

You can configure the switch to maintain a history of dynamic additions and removals of address table entries associated with a particular LAN port. The change history can be sent as an SNMP trap notification or it can be read manually from the SNMP MIB.

Information about VLAN Trunks


Note For information about VLANs, see Chapter 24 "Virtual Local Area Networks (VLANs)."


A trunk is a point-to-point link between the switch and another networking device. Trunks carry the traffic of multiple VLANs over a single link and allow you to extend VLANs across an entire network.

802.1Q, an industry-standard trunking encapsulation, is available on all Ethernet ports.

You can configure a trunk on a single Ethernet port or on an EtherChannel. For more information about EtherChannel, see Chapter 21 "EtherChannels."

Ethernet trunk ports support several trunking modes (see Table 19-1).

The Dynamic Trunking Protocol (DTP) manages trunk autonegotiation on LAN ports.

To autonegotiate trunking, the LAN ports must be in the same VTP domain. Use the trunk or nonegotiate keywords to force LAN ports in different domains to trunk. For more information on VTP domains, see Chapter 23 "VLAN Trunking Protocol (VTP)."

Layer 2 LAN Port Modes

Table 19-1 Layer 2 LAN Port Modes 

Mode
Function

switchport mode access

Puts the LAN port into permanent nontrunking mode and negotiates to convert the link into a nontrunk link. The LAN port becomes a nontrunk port even if the neighboring LAN port does not agree to the change.

switchport mode dynamic desirable

Makes the LAN port actively attempt to convert the link to a trunk link. The LAN port becomes a trunk port if the neighboring LAN port is set to trunk, desirable, or auto mode. This is the default mode for all LAN ports.

switchport mode dynamic auto

Makes the LAN port willing to convert the link to a trunk link. The LAN port becomes a trunk port if the neighboring LAN port is set to trunk or desirable mode.

switchport mode trunk

Puts the LAN port into permanent trunking mode and negotiates to convert the link into a trunk link. The LAN port becomes a trunk port even if the neighboring port does not agree to the change.

switchport nonegotiate

Puts the LAN port into permanent trunking mode but prevents the port from generating DTP frames. You must configure the neighboring port manually as a trunk port to establish a trunk link.



Note DTP is a point-to-point protocol. However, some internetworking devices might forward DTP frames improperly. To avoid this problem, ensure that LAN ports connected to devices that do not support DTP are configured with the access keyword if you do not intend to trunk across those links. To enable trunking to a device that does not support DTP, use the nonegotiate keyword to cause the LAN port to become a trunk but not generate DTP frames.


Default Settings for Layer 2 LAN Interfaces

Feature
Default

Interface mode:

 

Before entering the switchport command

Layer 3 (unconfigured)

After entering the switchport command

switchport mode dynamic desirable

Allowed VLAN range

VLANs 1 to 4094, except reserved VLANs (see Table 24-1)

VLAN range eligible for pruning

VLANs 2 to 1001

Default access VLAN

VLAN 1

Native VLAN (for 802.1Q trunks)

VLAN 1

Spanning Tree Protocol (STP)

Enabled for all VLANs

STP port priority

128

STP port cost

100 for 10-Mbps Ethernet LAN ports

19 for 10/100-Mbps Fast Ethernet LAN ports

19 for 100-Mbps Fast Ethernet LAN ports

4 for 1,000-Mbps Gigabit Ethernet LAN ports

2 for 10,000-Mbps 10-Gigabit Ethernet LAN ports


How to Configure LAN Interfaces for Layer 2 Switching

Configuring a LAN Port for Layer 2 Switching

Enabling Out-of-Band MAC Address Table Synchronization

Configuring MAC Address Table Notification

Configuring a Layer 2 Switching Port as a Trunk

Configuring a LAN Interface as a Layer 2 Access Port

Configuring a Custom IEEE 802.1Q EtherType Field Value


Note Use the default interface {fastethernet | gigabitethernet | tengigabitethernet} slot/port command to revert an interface to its default configuration.


Configuring a LAN Port for Layer 2 Switching

To configure a LAN port for Layer 2 switching, perform this task:

 
Command
Purpose

Step 1 

Router(config)# interface type slot/port

Selects the LAN port to configure.

Step 2 

Router(config-if)# shutdown

(Optional) Shuts down the interface to prevent traffic flow until configuration is complete.

Step 3 

Router(config-if)# switchport

Configures the LAN port for Layer 2 switching.

Note You must enter the switchport command once without any keywords to configure the LAN port as a Layer 2 port before you can enter additional switchport commands with keywords.

Step 4 

Router(config-if)# no shutdown

Activates the interface. (Required only if you shut down the interface.)

Step 5 

Router(config-if)# end

Exits configuration mode.

After you enter the switchport command, the default mode is switchport mode dynamic desirable. If the neighboring port supports trunking and is configured to allow trunking, the link becomes a Layer 2 trunk when you enter the switchport command.


Note When using the switchport command, if a port configured for Layer 3 is now configured for Layer 2, the configuration for Layer 3 is retained in the memory but not in the running configuration and is applied to the port whenever the port switches back to Layer 3. Also, if a port configured for Layer 2 is now configured for Layer 3, the configuration for Layer 2 is retained in the memory but not in the running configuration and is applied to the port whenever the port switches back to Layer 2. To restore the default configuration of the port in the memory and in the running configuration, use the default interface command. To avoid potential issues while changing the role of a port using the switchport command, shut down the interface before applying the switchport command.


Enabling Out-of-Band MAC Address Table Synchronization

To enable the out-of-band MAC address table synchronization feature, perform this task:

Command
Purpose

Router(config)# mac address-table synchronize [activity-time seconds]

Enables out-of-band synchronization of MAC address tables among DFC-equipped switching modules.

activity-time seconds—(Optional) Specifies the activity timer interval.

When configuring out-of-band MAC address table synchronization, note the following information:

By default, out-of-band MAC address table synchronization is disabled.

Out-of-band MAC address table synchronization is enabled automatically if a WS-6708-10G switching module is installed in the switch.

The activity timer interval can be configured as 160, 320, and 640 seconds. The default is 160 seconds.

This example shows how to enable out-of-band MAC address table synchronization:

Router# configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# mac address-table synchronize activity-time 320 

Configuring MAC Address Table Notification


NoteComplete the steps in the "Configuring a LAN Port for Layer 2 Switching" section before performing the tasks in this section.

To send SNMP trap notifications using this feature, you must also enable the global MAC trap flag, using the snmp-server enable mac-notification change command.


To configure the MAC address table notification feature, perform this task:

 
Command
Purpose

Step 1 

Router(config)# mac address-table notification change [interval value]

Enables sending notification of dynamic changes to MAC address table.

(Optional) Sets the minimum change-sending interval in seconds.

Note The no form of the command reverts to the default without sending any change information.

Step 2 

Router(config)# mac address-table notification change [history size]

Enables sending notification of dynamic changes to MAC address table.

(Optional) Sets the number of entries in the history buffer.

Note The no form of the command reverts to the default without sending any change information.

Step 3 

Router(config)# interface type slot/port

Selects the LAN port to configure.

Step 4 

Router(config-if)# snmp trap mac-notification change [added | removed]

For MAC addresses that are associated with this LAN port, enable SNMP trap notification when MAC addresses are added to or removed from the address table.

(Optional) To notify only when a MAC address is added to the table, use the added option. To notify only when a MAC address is removed, use the removed option.

Step 5 

Router(config-if)# end

Exits interface configuration mode.

When configuring the notification parameters, note the following information:

The interval value parameter can be configured from 0 seconds (immediate) to 2,147,483,647 seconds. The default is 1 second.

The history size parameter can be configured from 0 entries to 500 entries. The default is 1 entry.

This example shows how to configure the SNMP notification of dynamic additions to the MAC address table of addresses on the Gigabit Ethernet ports 5/7 and 5/8. Notifications of changes will be sent no more frequently than 5 seconds, and up to 25 changes can be stored and sent in that interval:

Router# configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# mac address-table notification change interval 5 
Router(config)# mac address-table notification change history 25 
Router(config)# interface gigabitethernet 5/7 
Router(config-if)# snmp trap mac-notification change added
Router(config-if)# end 
Router(config)# interface gigabitethernet 5/8 
Router(config-if)# snmp trap mac-notification change added
Router(config-if)# end 
Router# exit

Configuring a Layer 2 Switching Port as a Trunk

Configuring the Layer 2 Switching Port as an 802.1Q Trunk

Configuring the Layer 2 Trunk to Use DTP

Configuring the Layer 2 Trunk Not to Use DTP

Configuring the Access VLAN

Configuring the 802.1Q Native VLAN

Configuring the List of VLANs Allowed on a Trunk

Configuring the List of Prune-Eligible VLANs

Completing Trunk Configuration

Verifying Layer 2 Trunk Configuration

Configuration and Verification Examples

Configuring the Layer 2 Switching Port as an 802.1Q Trunk


NoteComplete the steps in the "Configuring a LAN Port for Layer 2 Switching" section before performing the tasks in this section.

When you enter the switchport command with no other keywords (Step 3 in the previous section), the default mode is switchport mode dynamic desirable.


To configure the Layer 2 switching port as an 802.1Q trunk, perform this task:

Command
Purpose

Router(config-if)# switchport trunk encapsulation dot1q

(Optional) Configures the encapsulation as 802.1Q.


To support the switchport mode trunk command, you must configure the encapsulation as 802.1Q.


Note Complete the steps in the "Completing Trunk Configuration" section after performing the tasks in this section.


Configuring the Layer 2 Trunk to Use DTP


Note Complete the steps in the "Configuring a LAN Port for Layer 2 Switching" section before performing the tasks in this section.


To configure the Layer 2 trunk to use DTP, perform this task:

Command
Purpose

Router(config-if)# switchport mode dynamic {auto | desirable}

(Optional) Configures the trunk to use DTP.

Note The no form of the command reverts to the default trunk trunking mode (switchport mode dynamic desirable).


When configuring the Layer 2 trunk to use DTP, note the following information:

Required only if the interface is a Layer 2 access port or to specify the trunking mode.

See Table 19-1 for information about trunking modes.


Note Complete the steps in the "Completing Trunk Configuration" section after performing the tasks in this section.


Configuring the Layer 2 Trunk Not to Use DTP


Note Complete the steps in the "Configuring a LAN Port for Layer 2 Switching" section before performing the tasks in this section.


To configure the Layer 2 trunk not to use DTP, perform this task:

 
Command
Purpose

Step 1 

Router(config-if)# switchport mode trunk

(Optional) Configures the port to trunk unconditionally.

Step 2 

Router(config-if)# switchport nonegotiate

(Optional) Configures the trunk not to use DTP.

Note The no form of the command enables DTP on the port.


When configuring the Layer 2 trunk not to use DTP, note the following information:

Before entering the switchport mode trunk command, you must configure the encapsulation (see the "Configuring the Layer 2 Switching Port as an 802.1Q Trunk" section).

To support the switchport nonegotiate command, you must enter the switchport mode trunk command.

Enter the switchport mode dynamic trunk command. See Table 19-1 for information about trunking modes.

Before entering the switchport nonegotiate command, you must configure the encapsulation (see the "Configuring the Layer 2 Switching Port as an 802.1Q Trunk" section) and configure the port to trunk unconditionally with the switchport mode trunk command (see the "Configuring the Layer 2 Trunk to Use DTP" section).


Note Complete the steps in the "Completing Trunk Configuration" section after performing the tasks in this section.


Configuring the Access VLAN


Note Complete the steps in the "Configuring a LAN Port for Layer 2 Switching" section before performing the tasks in this section.


To configure the access VLAN, perform this task:

Command
Purpose

Router(config-if)# switchport access vlan vlan_ID

(Optional) Configures the access VLAN, which is used if the interface stops trunking. The vlan_ID value can be 1 through 4094, except reserved VLANs (see Table 24-1).

Note

If VLAN locking is enabled, enter the VLAN name instead of the VLAN number. For more information, see the "VLAN Locking" section.

The no form of the command reverts to the default VLAN (VLAN 1).


Note Complete the steps in the "Completing Trunk Configuration" section after performing the tasks in this section.


Configuring the 802.1Q Native VLAN


Note Complete the steps in the "Configuring a LAN Port for Layer 2 Switching" section before performing the tasks in this section.


To configure the 802.1Q native VLAN, perform this task:

Command
Purpose

Router(config-if)# switchport trunk native vlan vlan_ID

(Optional) Configures the 802.1Q native VLAN.

Note If VLAN locking is enabled, enter the VLAN name instead of the VLAN number. For more information, see the "VLAN Locking" section.


When configuring the native VLAN, note the following information:

The vlan_ID value can be 1 through 4094, except reserved VLANs (see Table 24-1).

The access VLAN is not automatically used as the native VLAN.


Note Complete the steps in the "Completing Trunk Configuration" section after performing the tasks in this section.


Configuring the List of VLANs Allowed on a Trunk


Note Complete the steps in the "Configuring a LAN Port for Layer 2 Switching" section before performing the tasks in this section.


To configure the list of VLANs allowed on a trunk, perform this task:

Command
Purpose

Router(config-if)# switchport trunk allowed vlan [add | except | none | remove] vlan [,vlan[,vlan[,...]]

(Optional) Configures the list of VLANs allowed on the trunk.

Note

If VLAN locking is enabled, enter VLAN names instead of VLAN numbers. For more information, see the "VLAN Locking" section.

The no form of the command reverts to the default value (all VLANs allowed).


When configuring the list of VLANs allowed on a trunk, note the following information:

The vlan parameter is either a single VLAN number from 1 through 4094, or a range of VLANs described by two VLAN numbers, the lesser one first, separated by a dash. Do not enter any spaces between comma-separated vlan parameters or in dash-specified ranges.

If VLAN locking is enabled, enter VLAN names instead of VLAN numbers. When entering a range of VLAN names, you must leave spaces between the VLAN names and the dash.

All VLANs are allowed by default.

You can remove VLAN 1. If you remove VLAN 1 from a trunk, the trunk interface continues to send and receive management traffic, for example, Cisco Discovery Protocol (CDP), VLAN Trunking Protocol (VTP), Port Aggregation Protocol (PAgP), and DTP in VLAN 1.


Note Complete the steps in the "Completing Trunk Configuration" section after performing the tasks in this section.


Configuring the List of Prune-Eligible VLANs


Note Complete the steps in the "Configuring a LAN Port for Layer 2 Switching" section before performing the tasks in this section.


To configure the list of prune-eligible VLANs on the Layer 2 trunk, perform this task:

Command
Purpose

Router(config-if)# switchport trunk pruning vlan {none |{{add | except | remove} vlan[,vlan[,vlan[,...]]}}

(Optional) Configures the list of prune-eligible VLANs on the trunk (see the "VTP Pruning" section).

Note The no form of the command reverts to the default value (all VLANs prune-eligible).


When configuring the list of prune-eligible VLANs on a trunk, note the following information:

The vlan parameter is either a single VLAN number from 1 through 4094, except reserved VLANs (see Table 24-1), or a range of VLANs described by two VLAN numbers, the lesser one first, separated by a dash. Do not enter any spaces between comma-separated vlan parameters or in dash-specified ranges.

The default list of VLANs allowed to be pruned contains all VLANs.

Network devices in VTP transparent mode do not send VTP Join messages. On trunk connections to network devices in VTP transparent mode, configure the VLANs used by the transparent-mode network devices or that need to be carried across the transparent-mode network devices as pruning ineligible.


Note Complete the steps in the "Completing Trunk Configuration" section after performing the tasks in this section.


Completing Trunk Configuration

To complete Layer 2 trunk configuration, perform this task:

 
Command
Purpose

Step 1 

Router(config-if)# no shutdown

Activates the interface. (Required only if you shut down the interface.)

Step 2 

Router(config-if)# end

Exits configuration mode.

Verifying Layer 2 Trunk Configuration

To verify Layer 2 trunk configuration, perform this task:

 
Command
Purpose

Step 1 

Router# show running-config interface type slot/port

Displays the running configuration of the interface.

Step 2 

Router# show interfaces [type slot/port] switchport

Displays the switch port configuration of the interface.

Step 3 

Router# show interfaces [type slot/port] trunk

Displays the trunk configuration of the interface.

Configuration and Verification Examples

This example shows how to configure the Gigabit Ethernet port 5/8 as an 802.1Q trunk. This example assumes that the neighbor port is configured to support 802.1Q trunking:

Router# configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# interface gigabitethernet 5/8 
Router(config-if)# shutdown 
Router(config-if)# switchport 
Router(config-if)# switchport mode dynamic desirable 
Router(config-if)# switchport trunk encapsulation dot1q 
Router(config-if)# no shutdown 
Router(config-if)# end 
Router# exit 
 
   

This example shows how to verify the configuration:

Router# show running-config interface gigabitethernet 5/8 
Building configuration...
Current configuration:
!
interface GigabitEthernet5/8
 no ip address
 switchport
 switchport trunk encapsulation dot1q
end
 
   
Router# show interfaces gigabitethernet 5/8 switchport 
Name: Gi5/8
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Enabled
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: ALL
 
   
Router# show interfaces gigabitethernet 5/8 trunk 
 
   
Port      Mode         Encapsulation  Status        Native vlan
Gi5/8     desirable    n-802.1q       trunking      1
 
   
Port      Vlans allowed on trunk
Gi5/8 1-1005
 
   
Port      Vlans allowed and active in management domain
Gi5/8 1-6,10,20,50,100,152,200,300,303-305,349-351,400,500,521,524,570,801-8
02,850,917,999,1002-1005
 
   
Port      Vlans in spanning tree forwarding state and not pruned
Gi5/8 1-6,10,20,50,100,152,200,300,303-305,349-351,400,500,521,524,570,801-8
02,850,917,999,1002-1005
 
   
Router# 

Configuring a LAN Interface as a Layer 2 Access Port


Note If you assign a LAN port to a VLAN that does not exist, the port is shut down until you create the VLAN in the VLAN database (see the "Creating or Modifying an Ethernet VLAN" section).


To configure a LAN port as a Layer 2 access port, perform this task:

 
Command
Purpose

Step 1 

Router(config)# interface type slot/port

Selects the LAN port to configure.

Step 2 

Router(config-if)# shutdown

(Optional) Shuts down the interface to prevent traffic flow until configuration is complete.

Step 3 

Router(config-if)# switchport

Configures the LAN port for Layer 2 switching.

Note You must enter the switchport command once without any keywords to configure the LAN port as a Layer 2 port before you can enter additional switchport commands with keywords.

Step 4 

Router(config-if)# switchport mode access

Configures the LAN port as a Layer 2 access port.

Step 5 

Router(config-if)# switchport access vlan vlan_ID

Places the LAN port in a VLAN. The vlan_ID value can be 1 through 4094, except reserved VLANs (see Table 24-1).

Note If VLAN locking is enabled, enter the VLAN name instead of the VLAN number. For more information, see the "VLAN Locking" section.

Step 6 

Router(config-if)# no shutdown

Activates the interface. (Required only if you shut down the interface.)

Step 7 

Router(config-if)# end

Exits configuration mode.

This example shows how to configure the Gigabit Ethernet port 5/6 as an access port in VLAN 200:

Router# configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# interface gigabitethernet 5/6 
Router(config-if)# shutdown 
Router(config-if)# switchport 
Router(config-if)# switchport mode access 
Router(config-if)# switchport access vlan 200 
Router(config-if)# no shutdown 
Router(config-if)# end 
Router# exit 
 
   

This example shows how to verify the configuration:

Router# show running-config interface gigabitethernet 5/6 
Building configuration...
!
Current configuration:
interface GigabitEthernet5/6
 no ip address
 switchport access vlan 200
 switchport mode access
end
 
   
Router# show interfaces gigabitethernet 5/6 switchport 
Name: Gi5/6
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Enabled
Access Mode VLAN: 200 (VLAN0200)
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: ALL
 
   
Router# 

Configuring a Custom IEEE 802.1Q EtherType Field Value

You can configure a custom EtherType field value on a port to support network devices that do not use the standard 0x8100 EtherType field value on 802.1Q-tagged or 802.1p-tagged frames.

To configure a custom value for the EtherType field, perform this task:

Command
Purpose

Router(config-if)# switchport dot1q ethertype value

Configures the 802.1Q EtherType field value for the port.


When configuring a custom EtherType field value, note the following information:

To use a custom EtherType field value, all network devices in the traffic path across the network must support the custom EtherType field value.

You can configure a custom EtherType field value on trunk ports, access ports, and tunnel ports.

You can configure a custom EtherType field value on the member ports of an EtherChannel.

You cannot configure a custom EtherType field value on a port-channel interface.

Each port supports only one EtherType field value. A port that is configured with a custom EtherType field value does not recognize frames that have any other EtherType field value as tagged frames. For example, a trunk port that is configured with a custom EtherType field value does not recognize the standard 0x8100 EtherType field value on 802.1Q-tagged frames and cannot put the frames into the VLAN to which they belong.


Caution A port that is configured with a custom EtherType field value considers frames that have any other EtherType field value to be untagged frames. A trunk port with a custom EtherType field value places frames with any other EtherType field value into the native VLAN. An access port or tunnel port with a custom EtherType field value places frames that are tagged with any other EtherType field value into the access VLAN. If you misconfigure a custom EtherType field value, frames might be placed into the wrong VLAN.

See the Release Notes for Cisco IOS Release 15.0SY for a list of the modules that support custom IEEE 802.1Q EtherType field values:

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/15.0SY/release_notes.html

This example shows how to configure the EtherType field value to 0x1234:

Router (config-if)# switchport dot1q ethertype 1234
Router (config-if)#

Tip For additional information about Cisco Catalyst 6500 Series Switches (including configuration examples and troubleshooting information), see the documents listed on this page:

http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html

Participate in the Technical Documentation Ideas forum