When you configure switchport access vlan 20 on an interface:
- This will make the interface become a layer 2 switchport or non-routeable port.
- There is no 802.1q/ISL tagging involvement in this port as the traffic will be received and sent as untagged.
- Because there is no tagging involved, the port has no clue what VLAN this frame should be. Therefore, any packets passing this port is assumed to belong to the VLAN assigned to this port. In this case vlan 20.
- If you add the configuration with
switchport mode accessthis will make the interface turned to nontrunking permanently and also negotiates or telling the other end of the link to be a nontrunk link. This interface will permanently become nontrunk interface regardless the other end is trunk or nontrunk link. With this in mind, if one port is configured withswitchport mode accessand other end port happens to be configured withswitchport mode dynamic autoorswitchport mode dynamic desirable
sw3#sh run int f0/19 Building configuration... Current configuration : 58 bytes ! interface FastEthernet0/19 switchport mode access end sw3#sh int f0/19 status Port Name Status Vlan Duplex Speed Type Fa0/19 connected 1 a-full a-100 10/100BaseTX sw3#sh spann VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address a8b1.d45b.3b80 Cost 19 Port 21 (FastEthernet0/19) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address aca0.1644.b180 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Fa0/19 Root FWD 19 128.21 P2p sw3#sh int f0/19 sw Name: Fa0/19 Switchport: Enabled Administrative Mode: static access Operational Mode: static access Administrative Trunking Encapsulation: negotiate Operational Trunking Encapsulation: native Negotiation of Trunking: Off Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Administrative Native VLAN tagging: enabled Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk Native VLAN tagging: enabled Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk associations: none Administrative private-vlan trunk mappings: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false Unknown unicast blocked: disabled Unknown multicast blocked: disabled Appliance trust: none sw4#sh run int f0/19 Building configuration... Current configuration : 34 bytes ! interface FastEthernet0/19 end sw4#sh int f0/19 status Port Name Status Vlan Duplex Speed Type Fa0/19 connected 1 a-full a-100 10/100BaseTX sw4#sh spann VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address a8b1.d45b.3b80 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address a8b1.d45b.3b80 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Fa0/19 Desg FWD 19 128.21 P2p sw4#sh int f0/19 sw sw4#sh int f0/19 switchport Name: Fa0/19 Switchport: Enabled Administrative Mode: dynamic auto Operational Mode: static access Administrative Trunking Encapsulation: negotiate Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Administrative Native VLAN tagging: enabled Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk Native VLAN tagging: enabled Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk associations: none Administrative private-vlan trunk mappings: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false Unknown unicast blocked: disabled Unknown multicast blocked: disabled Appliance trust: none - You can actually peer this with a trunk port as configured below
! SW3 interface FastEthernet0/19 switchport access vlan 20 switchport mode access spanning-tree portfast spanning-tree bpdufilter enable int vlan 10 ip addr 10.10.10.3 255.255.255.0 exit ! SW4 interface FastEthernet0/19 switchport trunk encapsulation dot1q switchport trunk native vlan 20 switchport mode trunk switchport nonegotiate spanning-tree portfast trunk int vlan 10 ip addr 10.10.10.4 255.255.255.0 exit sw4#ping 10.10.10.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms
Since
switchport access vlan 20will send and receive frame without tagging it and neither the other end (the trunk port), this peering will successfully send and receive frame and assume that it is belong to vlan 20.
Hi,
I only see switchport access vlan 20 in the beginning and at the end of the post. Everywhere else (in the configs) it’s switchport access vlan 10. Is it a typo?
Thanks Gabriel! The vlan should be 20 and this is fixed.