Day 26. VLAN and Trunking Concepts and Configurations
CCNA 200-301 Exam Topics
Configure and verify VLANs (normal range) spanning multiple switches
Configure and verify interswitch connectivity
Key Points
Most large networks today implement virtual local-area networks (VLANs). Without VLANs, a switch considers every port to be in the same broadcast domain. With VLANs, switch ports can be grouped into different VLANs, essentially segmenting the broadcast domain. Today we review VLAN concepts, consider traffic types, discuss VLAN types, and review the concept of trunking, including Dynamic Trunking Protocol (DTP). Then we review the commands to configure and verify VLANs, trunking, and inter-VLAN routing.
VLAN Concepts
Although a switch comes out of the box with only one VLAN, normally a switch is configured to have two or more VLANs. With such a switch, you can create multiple broadcast domains by putting some interfaces into one VLAN and other interfaces into other VLANs.
Consider these reasons for using VLANs:
Grouping users by department instead of by physical location
Segmenting devices into smaller LANs to reduce processing overhead for all devices on the LAN
Reducing the workload of STP by limiting a VLAN to a single access switch
Enforcing better security by isolating sensitive data to separate VLANs
Separating IP voice traffic from data traffic
Assisting troubleshooting by reducing the size of the failure domain (that is, the number of devices that can cause a failure or that can be affected by one)
Benefits of using VLANs include the following:
Security: Sensitive data can be isolated to one VLAN, separated from the rest of the network.
Cost reduction: Reduced need for expensive network upgrades and more efficient use of existing bandwidth and uplinks lead to cost savings.
Higher performance: Dividing flat Layer 2 networks into multiple logical broadcast domains reduces unnecessary traffic on the network and boosts performance.
Broadcast storm mitigation: VLAN segmentation prevents broadcast storms from propagating throughout the entire network.
Ease of management and troubleshooting: A hierarchical addressing scheme groups network addresses contiguously. Because a hierarchical IP addressing scheme makes problematic components easier to locate, network management and troubleshooting are more efficient.
Traffic Types
The key to successful VLAN deployment is understanding the traffic patterns and the various traffic types in the organization. Table 26-1 lists the common types of network traffic to evaluate before placing devices and configuring VLANs.
Table 26-1 Traffic Types
Traffic Type |
Description |
Network management |
Many types of network management traffic can be present on the network. To make network troubleshooting easier, some designers assign a separate VLAN to carry certain types of network management traffic. |
IP telephony |
Two types of IP telephony traffic exist: signaling information between end devices and the data packets of the voice conversation. Designers often configure the data to and from the IP phones on a separate VLAN designated for voice traffic so that they can apply quality-of-service measures to give high priority to voice traffic. |
IP multicast |
Multicast traffic can produce a large amount of data streaming across the network. Switches must be configured to keep this traffic from flooding to devices that have not requested it, and routers must be configured to ensure that multicast traffic is forwarded to the network areas where it is requested. |
Normal data |
Normal data traffic is typical application traffic that is related to file and print services, email, Internet browsing, database access, and other shared network applications. |
Scavenger class |
Scavenger class includes all traffic with protocols or patterns that exceed their normal data flows. Applications assigned to this class have little or no contribution to the organizational objectives of the enterprise and are typically entertainment oriented. |
Types of VLANs
Some VLAN types are defined by the type of traffic they support; others are defined by the specific functions they perform. The principal VLAN types and their descriptions follow:
Data VLAN: Configured to carry only user-generated traffic, ensuring that voice and management traffic is separated from data traffic.
Default VLAN: All the ports on a switch are members of the default VLAN when the switch is reset to factory defaults. The default VLAN for Cisco switches is VLAN 1. VLAN 1 has all the features of any VLAN, except that you cannot rename it, and you cannot delete it. It is a security best practice to restrict VLAN 1 to serve as a conduit only for Layer 2 control traffic (for example, CDP) and support no other traffic.
Black hole VLAN: A security best practice is to define a black hole VLAN to be a dummy VLAN distinct from all other VLANs defined in the switched LAN. All unused switch ports are assigned to the black hole VLAN so that any unauthorized device connecting to an unused switch port is prevented from communicating beyond the switch to which it is connected.
Native VLAN: This VLAN type serves as a common identifier on opposing ends of a trunk link. A security best practice is to define a native VLAN to be a dummy VLAN distinct from all other VLANs defined in the switched LAN. The native VLAN is not used for any traffic in the switched network unless legacy bridging devices happen to be present in the network or a multiaccess interconnection exists between switches joined by a hub.
Management VLAN: The network administrator defines this VLAN as a means to access the management capabilities of a switch. By default, VLAN 1 is the management VLAN. It is a security best practice to define the management VLAN to be a VLAN distinct from all other VLANs defined in the switched LAN. You do this by configuring and activating a new VLAN interface.
Voice VLANs: A voice VLAN enables switch ports to carry IP voice traffic from an IP phone. The network administrator configures a voice VLAN and assigns it to access ports. Then when an IP phone is connected to the switch port, the switch sends CDP messages that instruct the attached IP phone to send voice traffic tagged with the voice VLAN ID.
Voice VLAN Example
Figure 26-1 shows an example of using one port on a switch to connect a user’s IP phone and PC. The switch port is configured to carry data traffic on VLAN 20 and voice traffic on VLAN 150. The Cisco IP Phone contains an integrated three-port 10/100 switch to provide the following dedicated connections:
Port 1 connects to the switch or other VoIP device.
Port 2 is an internal 10/100 interface that carries the IP Phone traffic.
Port 3 (access port) connects to a PC or other device.
Figure 26-1 Cisco IP Phone Switching Voice and Data Traffic
The traffic from PC5 attached to the IP Phone passes through the IP Phone untagged. The link between S2 and the IP Phone acts as a modified trunk to carry both the tagged voice traffic and the untagged data traffic.
Trunking VLANs
A VLAN trunk is an Ethernet point-to-point link between an Ethernet switch interface and an Ethernet interface on another networking device, such as a router or a switch, carrying the traffic of multiple VLANs over the singular link. A VLAN trunk enables you to extend the VLANs across an entire network. A VLAN trunk does not belong to a specific VLAN; instead, it serves as a conduit for VLANs between switches. Figure 26-2 shows a small switched network with a trunk link between S1 and S2 carrying multiple VLAN traffic.
Figure 26-2 Example of a VLAN Trunk
When a frame is placed on a trunk link, information about the VLAN it belongs to must be added to the frame. This is accomplished by using IEEE 802.1Q frame tagging. When a switch receives a frame on a port configured in access mode and destined for a remote device through a trunk link, the switch takes apart the frame and inserts a VLAN tag, recalculates the frame check sequence (FCS), and sends the tagged frame out the trunk port. Figure 26-3 shows the 802.1Q tag inserted in an Ethernet frame.
Figure 26-3 Fields of the 802.1Q Tag Inside an Ethernet Frame
The VLAN tag field consists of a 16-bit Type field called the EtherType field and a Tag control information field. The EtherType field is set to the hexadecimal value 0x8100. This value is called the tag protocol ID (TPID) value. With the EtherType field set to the TPID value, the switch receiving the frame knows to look for information in the Tag control information field. The Tag control information field contains the following:
3 bits of user priority: Provides expedited transmission of Layer 2 frames, such as voice traffic
1 bit of Canonical Format Identifier (CFI): Enables Token Ring frames to be easily carried across Ethernet links
12 bits of VLAN ID (VID): Provides VLAN identification numbers
Dynamic Trunking Protocol
Dynamic Trunking Protocol (DTP) is a Cisco-proprietary protocol that negotiates both the status of trunk ports and the trunk encapsulation of trunk ports. DTP manages trunk negotiation only if the port on the other switch is configured in a trunk mode that supports DTP. A switch port on a Cisco Catalyst switch supports a number of trunking modes. The trunking mode defines how the port negotiates using DTP to set up a trunk link with its peer port. The following is a brief description of each trunking mode:
If the switch is configured with the switchport mode trunk command, the switch port periodically sends DTP messages to the remote port, advertising that it is in an unconditional trunking state.
If the switch is configured with the switchport mode trunk dynamic auto command, the local switch port advertises to the remote switch port that it is able to trunk but does not request to go to the trunking state. After a DTP negotiation, the local port ends up in the trunking state only if the remote port trunk mode has been configured so that the status is on or desirable. If both ports on the switches are set to auto, they do not negotiate to be in a trunking state. They negotiate to be in the access mode state.
If the switch is configured with the switchport mode dynamic desirable command, the local switch port advertises to the remote switch port that it is able to trunk and asks the remote switch port to go to the trunking state. If the local port detects that the remote port has been configured as on, desirable, or auto mode, the local port ends up in the trunking state. If the remote switch port is in the nonegotiate mode, the local switch port remains as a nontrunking port.
If the switch is configured with the switchport nonegotiate command, the local port is considered to be in an unconditional trunking state. Use this feature when you need to configure a trunk with a switch from another switch vendor.
Table 26-2 summarizes the results of DTP negotiations based on the different DTP configuration commands on local and remote ports.
Table 26-2 Trunk Negotiation Results Between a Local Port and a Remote Port
|
Dynamic Auto |
Dynamic |
Trunk |
Access |
Dynamic Auto |
Access |
Trunk |
Trunk |
Access |
Dynamic Desirable |
Trunk |
Trunk |
Trunk |
Access |
Trunk |
Trunk |
Trunk |
Trunk |
Not recommended |
Access |
Access |
Access |
Not recommended |
Access |
VLAN Configuration and Verification
Refer to the topology in Figure 26-4 as you review the commands in this section for configuring, verifying, and troubleshooting VLAN and trunking. The packet tracer activity later in the day uses this same topology.
Figure 26-4 Day 26 Sample Topology
The default configuration of a Cisco switch is to put all interfaces in VLAN 1. You can verify this with the show vlan brief command, as demonstrated for S2 in Example 26-1.
Example 26-1 Default VLAN Configuration
S2# show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
S2#
A VLAN is created in one of two ways: either in global configuration mode or directly under the interface. The advantage to configuring in global configuration mode is that you can then assign a name with the name vlan-name command. The advantage to configuring the VLAN in interface configuration mode is that you assign the VLAN to the interface and create the VLAN with just one command. However, to name the VLAN, you still have to go back to the global configuration method. Example 26-2 shows the creation of VLANs 10 and 20 using these two methods. VLAN 20 is then named, and the remaining VLANs are created in global configuration mode.
Example 26-2 Creating VLANs
S2# config t Enter configuration commands, one per line. End with CNTL/Z. S2(config)# vlan 10 S2(config-vlan)# name Faculty/Staff S2(config-vlan)# interface fa0/18 S2(config-if)# switchport access vlan 20 % Access VLAN does not exist. Creating vlan 20 S2(config-if)# vlan 20 S2(config-vlan)# name Students S2(config-vlan)# vlan 30 S2(config-vlan)# name Guest(Default) S2(config-vlan)# vlan 99 S2(config-vlan)# name Management&Native S2(config-vlan)# end %SYS-5-CONFIG_I: Configured from console by console S2#
Notice in Example 26-3 that all the VLANs are created, but only VLAN 20 is assigned to an interface.
Example 26-3 Verifying VLAN Creation
S2# show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig1/1
Gig1/2
10 Faculty/Staff active
20 Students active Fa0/18
30 Guest(Default) active
99 Management&Native active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
S2#
To assign the remaining interfaces to the VLANs specified in Figure 26-4, either you can configure one interface at a time or you can use the range command to configure all the interfaces that belong to a VLAN with one command, as shown in Example 26-4.
Example 26-4 Assigning VLANs to Interfaces
S2# config t Enter configuration commands, one per line. End with CNTL/Z. S2(config)# interface range fa 0/11 - 17 S2(config-if-range)# switchport access vlan 10 S2(config-if-range)# interface range fa 0/18 - 24 S2(config-if-range)# switchport access vlan 20 S2(config-if-range)# interface range fa 0/6 - 10 S2(config-if-range)# switchport access vlan 30 S2(config-if-range)# end %SYS-5-CONFIG_I: Configured from console by console S2#
The show vlan brief command in Example 26-5 verifies that all interfaces specified in Figure 26-4 have been assigned to the appropriate VLAN. Notice that unassigned interfaces still belong to the default VLAN 1.
Example 26-5 Verifying VLAN Assignments to Interfaces
S2# show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Gig0/1, Gig0/2
10 Faculty/Staff active Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17
20 Students active Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24
30 Guest(Default) active Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10
99 Management&Native active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
S2#
You can also verify a specific interface’s VLAN assignment with the show interfaces type number switchport command, as shown for FastEthernet 0/11 in Example 26-6.
Example 26-6 Verifying an Interface’s VLAN Assignment
S2# show interfaces fastethernet 0/11 switchport Name: Fa0/11 Switchport: Enabled Administrative Mode: dynamic auto Operational Mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 10 (Faculty/Staff) Trunking Native Mode VLAN: 1 (default) Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk private VLANs: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false Appliance trust: none S2#
For the sample topology shown in Figure 26-4, you would configure the VLANs on S1 and S3 as well, but only S3 needs VLANs assigned to interfaces.
Trunking Configuration and Verification
Following security best practices, we are configuring a different VLAN for the management and default VLAN. In a production network, you would want to use a different one for each: one for the management VLAN and one for the native VLAN. For expediency here, we are using VLAN 99 for both.
We first define a new management interface for VLAN 99, as in Example 26-7.
Example 26-7 Defining a New Management Interface
S1# config t Enter configuration commands, one per line. End with CNTL/Z. S1(config)# interface vlan 99 %LINK-5-CHANGED: Interface Vlan99, changed state to up S1(config-if)# ip address 172.17.99.31 255.255.255.0 S1(config-if)# end %SYS-5-CONFIG_I: Configured from console by console S1#
Then we repeat the configuration on S2 and S3. The IP address is used to test connectivity to the switch, as is the IP address the network administrator uses for remote access (Telnet, SSH, SDM, HTTP, and so on).
Depending on the switch model and Cisco IOS version, DTP might have already established trunking between two switches that are directly connected. For example, the default trunk configuration for 2950 switches is dynamic desirable. Therefore, a 2950 initiates trunk negotiations. For our purposes, assume that the switches are all 2960s. The 2960 default trunk configuration is dynamic auto, and in this configuration, the interface does not initiate trunk negotiations.
In Example 26-8, the first five interfaces on S1 are configured for trunking. Also notice that the native VLAN is changed to VLAN 99.
Example 26-8 Trunk Configuration and Native VLAN Assignment
S1# config t Enter configuration commands, one per line. End with CNTL/Z. S1(config)# interface range g0/1 - 2 S1(config-if-range)# switchport mode trunk S1(config-if-range)# switchport trunk native vlan 99 S1(config-if-range)# end %SYS-5-CONFIG_I: Configured from console by console S1# %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet0/1 (99), with S2 FastEthernet0/1 (1). %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet0/3 (99), with S3 FastEthernet0/3 (1).
If you wait for the next round of CDP messages, you should get the error message shown in Example 26-8. Although the trunk is working between S1 and S2 and between S1 and S3, the switches do not agree on the native VLAN. Repeat the trunking commands on S2 and S3 to correct the native VLAN mismatch.
To verify that trunking is operational, use the commands in Example 26-9.
Example 26-9 Verifying Trunk Configuration
S1# show interfaces trunk Port Mode Encapsulation Status Native vlan Gig0/1 on 802.1q trunking 99 Gig0/2 on 802.1q trunking 99 Port Vlans allowed on trunk Gig0/1 1-1005 Gig0/2 1-1005 Port Vlans allowed and active in management domain Gig0/1 1,10,20,30,99 Gig0/2 1,10,20,30,99 Port Vlans in spanning tree forwarding state and not pruned Gig0/1 1,10,20,30,99 Gig0/2 1,10,20,30,99 S1# show interface g0/1 switchport Name: Gig0/1 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 99 (Management&Native) Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk private VLANs: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false Appliance trust: none S1#
Remember that hosts on the same VLAN must be configured with an IP address and subnet mask on the same subnet. The ultimate test of your configuration, then, is to verify that end devices on the same VLAN can now ping each other. If they can’t, use the verification commands to systematically track down the problem with your configuration.
VLAN Troubleshooting
If connectivity issues arise between VLANs and you have already resolved potential IP addressing issues, you can use the flowchart in Figure 26-5 to methodically track down any issues related to VLAN configuration errors.
Figure 26-5 VLAN Troubleshooting Flowchart
The flowchart in Figure 26-5 works in this way:
Step 1. Use the show vlan command to check whether the port belongs to the expected VLAN. If the port is assigned to the wrong VLAN, use the switchport access vlan command to correct the VLAN membership. Use the show mac address-table command to check which addresses were learned on a particular port of the switch and see the VLAN to which that port is assigned.
Step 2. If the VLAN to which the port is assigned is deleted, the port becomes inactive. Use the show vlan or show interfaces switchport command to discover issues with deleted VLANs. If the port is inactive, it is not functional until the missing VLAN is created using the vlan vlan_id command.
Table 26-3 summarizes these commands, which can be particularly helpful in troubleshooting VLAN issues.
Table 26-3 VLAN Troubleshooting Commands
EXEC Command |
Description |
|
Lists each VLAN and all interfaces assigned to that VLAN (but does not include operational trunks) |
|
Lists both access and trunk ports in the VLAN |
|
Identifies the interface’s access VLAN and voice VLAN, the configured and operational mode (access or trunk), and the state of the port (up or down) |
|
Lists MAC table entries, including the associated VLAN |
|
Summarizes the status listing for all interfaces (connected, notconnect, err-disabled), the VLAN, duplex, speed, and type of port |
Disabled VLANs
VLANs can be manually disabled. You can verify that VLANs are active by using the show vlan command. As Example 26-10 shows, VLANs can be in one of two states: either active or act/lshut. The second of these states means that the VLAN is shut down.
Example 26-10 Enabling and Disabling VLANs on a Switch
S1# show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gi0/1
10 VLAN0010 act/lshutFa0/13
20 VLAN0020 active
30 VLAN0030 act/lshut
40 VLAN0040 active
S1# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
S1(config)# no shutdown vlan 10
S1(config)# vlan 30
S1(config-vlan)# no shutdown
S1(config-vlan)#
The highlighted commands in Example 26-10 show the two configuration methods you can use to enable a VLAN that had been shut down.
Trunking Troubleshooting
To summarize issues with VLANs and trunking, you need to check for four potential issues, in this order:
Step 1. Identify all access interfaces and their assigned access VLANs and reassign them into the correct VLANs, as needed.
Step 2. Determine whether the VLANs exist and are active on each switch. If needed, configure and activate the VLANs to resolve problems.
Step 3. Check the allowed VLAN lists on the switches on both ends of the trunk and ensure that the lists of allowed VLANs are the same.
Step 4. Ensure that, for any links that should use trunking, one switch does not think it is trunking, while the other switch does not think it is trunking.
The previous section reviewed steps 1 and 2. Next, we review steps 3 and 4.
Check Both Ends of a Trunk
For the CCNA exam, you should be ready to notice a couple oddities that happen with some unfortunate configuration choices on trunks.
It is possible to configure a different allowed VLAN list on the opposite ends of a VLAN trunk. As Figure 26-6 shows, when the VLAN lists do not match, the trunk cannot pass traffic for that VLAN.
Figure 26-6 Mismatched VLAN-Allowed Lists on a Trunk
You can isolate this problem only by comparing the allowed lists on both ends of the trunk. Example 26-9 displays the output of the show interfaces trunk command on S2.
To compare the allowed VLANs on each switch, you need to look at the second of three lists of VLANs listed by the show interfaces trunk command. See the output in Example 26-11.
Example 26-11 Verifying the Allowed VLANs on S2
S2# show interfaces trunk Port Mode Encapsulation Status Native vlan Gi0/2 desirable 802.1q trunking 1 Port Vlans allowed on trunk Gi0/2 1-4094 Port Vlans allowed and active in management domain Gi0/2 1-9 Port Vlans in spanning tree forwarding state and not pruned Gi0/2 1-9
To add VLAN 10 to S2’s trunk, enter the following commands:
S2(config)# interface g0/2 S2(config-if)# switchport trunk allowed vlan add 10
The keyword add provides the capability to add one or more VLANs to the trunk without having to specify again all the existing VLANs that are already allowed.
Check Trunking Operational States
Trunks can be misconfigured. In some cases, both switches conclude that their interfaces do not trunk. In other cases, one switch believes that its interface is correctly trunking, while the other switch does not.
The most common incorrect configuration—which results in both switches not trunking—is a configuration that uses the switchport mode dynamic auto command on both switches on the link. The keyword auto does not mean that trunking happens automatically. Instead, both switches passively wait on the other device on the link to begin negotiations.
With this particular incorrect configuration, the show interfaces switchport command on both switches confirms both the administrative state (auto) and the fact that both switches operate as static access ports. Example 26-12 highlights those parts of the output for S2.
Example 26-12 Verifying the Trunking State for a Specific Interface
SW2# show interfaces gigabit0/2 switchport Name: Gi0/2 Switchport: Enabled Administrative Mode: dynamic auto Operational Mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native ! lines omitted for brevity
Always check the trunk’s operational state on both sides of the trunk. The best commands for checking trunking-related facts are show interfaces trunk and show interfaces switchport.
Study Resources
For today’s exam topics, refer to the following resources for more study.
Resource |
Module or Chapter |
Cisco Network Academy: CCNA 2 |
3 |
CCNA 200-301 Official Cert Guide, Volume 1 |
8 |
Portable Command Guide |
9 |
|
10 |