802.1Q Trunking Between Catalyst Switches Running CatOS
Available Languages
Contents
Introduction
This document provides sample configurations on 802.1Q (dot1q) trunking between a Catalyst 5500 and 5000 switch, both running Catalyst OS (CatOS). Any Catalyst 4000, 5000, or 6000 family member running CatOS can be used in this scenario to obtain the same results.
Trunks carry the traffic of multiple VLANs over a single link, and allow you to extend VLANs across an entire network. Two ways in which Ethernet trunking can be implemented are:
-
InterSwitch Link (ISL) protocol - ISL is a Cisco-proprietary trunking encapsulation. For more information on ISL, refer to InterSwitch Link Frame Format.
-
802.1Q (IEEE standard) - 802.1Q is an industry-standard trunking encapsulation. For more information on 802.1Q, refer to Trunking Between Catalyst 4000, 5000, and 6000 Family Switches Using 802.1Q Encapsulation.
Before You Begin
Conventions
For more information on document conventions, see the Cisco Technical Tips Conventions.
Prerequisites
This document shows the configuration files from the CatOS switches, and the output from the related sample show commands. For details on how to configure a 802.1Q trunk between the Catalyst switches, refer to the following document:
Components Used
To create the examples in this document, the following switches were used in a lab environment with cleared configurations:
-
Catalyst 5500 switch running Catalyst OS 6.4(2) software
-
Catalyst 6500 switch running Catalyst OS 6.4(2) software
The configurations on all devices were cleared with the clear config all command to ensure they had a default configuration.
The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.
Background Theory
Note the following:
-
The Catalyst 4000 family switches (including Catalyst 2948G and Catalyst 2980G) only supports 802.1Q trunking, not ISL trunking. For more information, refer to System Requirements to Implement Trunking.
-
All Ethernet ports on the Catalyst 6000/6500 support 802.1Q and ISL encapsulation, with the exception of the 10-Gigabit Ethernet switching module, which does not support ISL.
-
Depending on the module, Catalyst 5000 trunk capable ports support only ISL encapsulation, or both ISL and 802.1Q. The best way to verify this is to issue the show port capabilities command. The trunking capacity is explicitly stated. For example:
cat5509> show port capabilities 2/1 Model WS-X5550 Port 2/1 Type 1000BaseSX Speed 1000 Duplex full Trunk encap type 802.1Q,ISL !-- This particular port supports both 802.1Q and ISL. Trunk mode on,off,desirable,auto,nonegotiate Channel no Broadcast suppression percentage(0-100) Flow control receive-(off,on,desired),send-(off,on,desired) Security no Dot1x yes Membership static Fast start yes QOS scheduling rx-(none),tx-(none) CoS rewrite no ToS rewrite no Rewrite no UDLD yes AuxiliaryVlan no SPAN source,destination cat5509> (enable)
For more information on system requirements for trunking, refer to System Requirements to Implement Trunking.
-
Make sure that the trunking modes match across the trunk link. If one side of the link is configured as an ISL trunk, the other side of the link should also be configured as ISL. Similarly, if one side of the link is configured as 802.1Q, the other side of the link should also be configured as 802.1Q.
-
In 802.1Q trunking, all VLAN packets are tagged on the trunk link, except the native VLAN. The native VLAN packets are sent untagged on the trunk link. Therefore, the native VLAN should be same on both switches configured for trunking. This way, we can deduce to which VLAN a frame belongs when we receive a frame with no tag. By default, VLAN 1 is the native VLAN on all switches.
-
In CatOS, the native VLAN can be changed by issuing the set vlan vlan-id mod/port command, where mod/port is the trunk port.
-
For more information refer to Trunking Between Catalyst 4000, 5000, and 6000 Family Switches Using 802.1Q Encapsulation.
Configure
In this section, you are presented with the information to configure the features described in this document.
Note: To find additional information on the commands used in this document, use the Command Lookup Tool (registered customers only) .
Network Diagram
This document uses the network setup shown in the diagram below.
Configurations
This document uses the configurations shown below.
Note: Comments between the outputs are added in blue italics.
| Catalyst 5509 |
|---|
#version 6.4(2) ! set option fddi-user-pri enabled set password $2$q.J7$O5n.pwx7aEC6NHWJfXadx1 set enablepass $2$o.h/$bAxfjJ4XUA/RMUHqBr1YQ0 ! #errordetection set errordetection portcounter enable ! #system set system name cat5509 ! #frame distribution method set port channel all distribution mac both ! #vtp !--- In this example, the VTP mode is set to be transparent. !--- Depending on your network, set the VLAN Trunking Protocol (VTP) !--- mode accordingly. set vtp mode transparent !--- For details on VTP, refer to Configuring VTP on Catalyst Switches. set vlan 1 name default type ethernet mtu 1500 said 100001 state active set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp ieee set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active stp ibm set vlan 2 set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state acti ve mode srb aremaxhop 7 stemaxhop 7 backupcrf off ! #ip !--- IP address used for management. set interface sc0 1 10.10.10.2/255.255.255.0 10.10.10.255 ! #set boot command set boot config-register 0x2102 set boot system flash slot0:cat5000-supg.6-4-2.bin ! # default port status is enable ! ! #module 1 empty ! #module 2 : 2-port 1000BaseX Supervisor IIIG !--- The dot1q trunking mode is set to on. Depending on your network !--- and requirements, set the trunking mode accordingly. set trunk 2/1 on dot1q 1-1005 !--- For details on different trunking modes, refer to !--- Configuring VLAN Trunks on Fast Ethernet and Gigabit Ethernet Ports. ! #module 3 empty ! #module 4 empty #module 5 : 24-port 10/100BaseTX Ethernet !--- Ports 5/3-24 have been assigned to VLAN 2. set vlan 2 5/3-24 !--- Portfast has been enabled on the ports connected to the workstations. set spantree portfast 5/2-24 enable !--- For details on why to enable portfast,refer to !--- Using PortFast and Other Commands to Fix Workstation Startup Connectivity Delays. ! #module 6 empty ! !--- Output suppressed. end |
| Catalyst 6500 |
|---|
#Version 6.4(2) ! set option fddi-user-pri enabled set password $2$J75L$Ug4163kfeHTDcLJZ/L9es1 set enablepass $2$h/BN$i3S54iNvIXknFelh6gOve0 ! #errordetection set errordetection portcounter enable ! #system set system name cat6500 ! #frame distribution method set port channel all distribution Mac both ! #vtp !--- In this example, the VTP mode is set to be transparent. !--- Depending on your network, set the VTP mode accordingly. set vtp mode transparent !--- For details on VTP, refer to !--- Configuring VTP on Catalyst Switches. set vlan 1 name default type ethernet mtu 1500 said 100001 state active set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active !--- The lines below are wrapped around for display reasons. set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp IEEE set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active stp IBM set vlan 2 set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state active mode srb aremaxhop 7 stemaxhop 7 backupcrf off ! #ip !--- IP address used for management. set interface sc0 1 10.10.10.3/255.255.255.0 10.10.10.255 ! #set boot command set boot config-register 0x2102 set boot system flash slot0:cat6000-sup2.6-4-2.bin ! # default port status is enable ! ! #module 1 : 2-port 1000BaseX Supervisorset module name 1 ! #module 2 : 12-port 10/100BaseTX Ethernet ! #module 3 : 8-port 1000BaseX Ethernet set module name 3 !--- The dot1q trunking mode is set to on. Depending on your network !--- and requirements, set the trunking mode accordingly. set trunk 3/1 on dot1q 1-1005,1025-4094 !--- For details on different trunking modes, refer to !--- Configuring VLAN Trunks on Fast Ethernet and Gigabit Ethernet Ports. ! #module 4 : 48-port 10/100BaseTX Ethernet !--- Ports 4/3-24 have been assigned to VLAN 2. set vlan 2 4/3-48 !--- Portfast has been enabled on the ports connected to the workstations. set spantree portfast 4/2-48 enable !--- For details on why to enable portfast, refer to !--- Using PortFast and Other Commands to Fix Workstation Startup Connectivity Delays. ! #module 5 : 12-port 10BaseFL Ethernet end !--- Output suppressed. |
Verify
This section provides information you can use to confirm your configuration is working properly.
Certain show commands are supported by the Output Interpreter tool (registered customers only) , which allows you to view an analysis of show command output.
-
show port capabilities module/port
-
show port module/port
-
show trunk
-
show vtp domain
Sample show Command Output
Catalyst 5509 Switch
The following are some of the commands used to verify the trunking configurations:
show port capabilities module/port - This command is used to verify if the port is capable of trunking.
cat5509> (enable) show port capabilities 2/1 Model WS-X5550 Port 2/1 Type 1000BaseSX Speed 1000 Duplex full Trunk encap type 802.1Q,ISL !--- This particular port supports both 802.1Q and ISL Trunk mode on,off,desirable,auto,nonegotiate Channel no Broadcast suppression percentage(0-100) Flow control receive-(off,on,desired),send-(off,on,desired) Security no Dot1x yes Membership static Fast start yes QOS scheduling rx-(none),TX(1q4t) COs rewrite no ToS rewrite no Rewrite no UDLD yes AuxiliaryVlan no SPAN source,destination cat5509> (enable)
show port module/port - This command tells the status of a particular port, and whether or not it is trunking.
cat5509> (enable) show port 2/1
Port Name Status Vlan Level Duplex Speed Type
----- ------------------ ---------- ---------- ------ ------ ----- ------------
2/1 connected trunk normal full 1000 1000BaseSX
Port Trap IfIndex
----- -------- -------
2/1 disabled 47
Port Broadcast-Limit Broadcast-Drop
-------- --------------- --------------
2/1 - 0
Port Send FlowControl Receive FlowControl RxPause TxPause Unsupported
admin oper admin oper opcodes
----- -------- -------- --------- --------- ---------- ---------- -----------
2/1 desired off off off 0 0 0
Port Align-Err FCS-Err Xmit-Err Rcv-Err UnderSize
----- ---------- ---------- ---------- ---------- ---------
2/1 0 0 0 2 0
Port Single-Col Multi-Coll Late-Coll Excess-Col Carri-Sen Runts Giants
----- ---------- ---------- ---------- ---------- --------- --------- ---------
2/1 0 0 0 0 0 0 -
!--- Output suppressed.
show trunk - This command is used to verify the trunking status and configuration.
cat5500> (enable) show trunk * - indicates vtp domain mismatch Port Mode Encapsulation Status Native vlan -------- ----------- ------------- ------------ ----------- 4/1 on dot1q trunking 1 Port Vlans allowed on trunk -------- --------------------------------------------------------------------- 4/1 1-1005 Port Vlans allowed and active in management domain -------- --------------------------------------------------------------------- 4/1 1-2 Port Vlans in spanning tree forwarding state and not pruned -------- --------------------------------------------------------------------- 4/1 1-2
show vtp domain - This command is used to check the VTP information.
cat5500> (enable) show vtp domain
Domain Name Domain Index VTP Version Local Mode Password
-------------------------------- ------------ ----------- ----------- ----------
1 2 Transparent -
Vlan-count Max-vlan-storage Config Revision Notifications
---------- ---------------- --------------- -------------
6 1023 0 disabled
Last Updater V2 Mode Pruning PruneEligible on Vlans
--------------- -------- -------- -------------------------
10.10.10.2 disabled disabled 2-1000
If you have the output of a show-tech support command from your Cisco device, you can use Output Interpreter (registered customers only) to display potential issues and fixes.
Catalyst 6500 Switch
Following are some of the commands used to verify the trunking configurations:
show port capabilities module/port - This command is used to verify if the port is capable of trunking.
cat6500> (enable) show port capabilities 3/1 Model WS-X6408A-GBIC Port 3/1 Type 1000BaseSX Speed 1000 Duplex full Trunk encap type 802.1Q,ISL Trunk mode on,off,desirable,auto,nonegotiate Channel yes Broadcast suppression percentage(0-100) Flow control receive-(off,on),send-(off,on) Security yes Dot1x yes Membership static,dynamic Fast start yes QOS scheduling rx-(1p1q4t),tx-(1p2q2t) CoS rewrite yes ToS rewrite DSCP UDLD yes Inline power no AuxiliaryVlan no SPAN source,destination COPS port group 3/1-4 Link debounce timer yes
show port module/port - This command tells the status of a particular port, and whether or not it is trunking.
cat6500> (enable) show port 3/1 Port Name Status Vlan Duplex Speed Type ----- -------------------- ---------- ---------- ------ ----- ------------ 3/1 connected trunk full 1000 1000BaseSX Port Security Violation Shutdown-Time Age-Time Max-Addr Trap IfIndex ----- -------- --------- ------------- -------- -------- -------- ------- 3/1 disabled shutdown 0 0 1 disabled 61 !--- Output suppressed.
show trunk - This command is used to verify the trunking status and configuration.
cat6500> (enable) show trunk
* - indicates vtp domain mismatch
Port Mode Encapsulation Status Native vlan
-------- ----------- ------------- ------------ -----------
3/1 on dot1q trunking 1
Port Vlans allowed on trunk
-------- ---------------------------------------------------------------------
3/1 1-1005,1025-4094
Port Vlans allowed and active in management domain
-------- ---------------------------------------------------------------------
3/1 1-2
Port Vlans in spanning tree forwarding state and not pruned
-------- ---------------------------------------------------------------------
3/1 1-2
show vtp domain - This command is used to check the VTP information.
cat5000> (enable) show vtp domain
Domain Name Domain Index VTP Version Local Mode Password
-------------------------------- ------------ ----------- ----------- ----------
1 2 Transparent -
Vlan-count Max-vlan-storage Config Revision Notifications
---------- ---------------- --------------- -------------
6 1023 0 disabled
Last Updater V2 Mode Pruning PruneEligible on Vlans
--------------- -------- -------- -------------------------
10.10.10.3 disabled disabled 2-1000
Troubleshoot
There is currently no specific troubleshooting information available for this configuration.
Related Information
- Trunking Between Catalyst 4000, 5000, and 6000 Family Switches Using 802.1q Encapsulation
- Configuring VLAN Trunks on Fast Ethernet and Gigabit Ethernet Ports
- Configuring VTP on Catalyst Switches
- Using PortFast and Other Commands to Fix Workstation Startup Connectivity Delays
- LAN Switching Technology Support
- Catalyst LAN and ATM Switches Product Support
- Technical Support - Cisco Systems
FeedbackContact Cisco
- Open a Support Case
- (Requires a Cisco Service Contract)