ISL and 802.1Q Trunking Between Catalyst Layer 2 Fixed Configuration Switches and CatOS Switches Configuration Example

Introduction

This document provides sample configurations for InterSwitch Link Protocol (ISL) and IEEE 802.1Q trunking between a Cisco Catalyst 5500 and a Catalyst 3500XL switch. The document displays the results of each command as you issue the command. You can use any of these switches in the scenarios in this document to obtain the same results:

• Catalyst 4500/4000 and 6500/6000 series switches that run Catalyst OS (CatOS)

• Other members of the Catalyst 5500/5000 series

• Any of the Catalyst Layer 2 fixed configuration switches

  The Catalyst Layer 2 fixed configuration switches include the 2900/3500XL, 2940, 2950/2955 and 2970.

Before you proceed further with this document, refer to VLAN Trunking Protocols Support .

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

To create the examples in this document, these switches were used in a lab environment with cleared configurations:

• Catalyst 3524XL switch that runs Cisco IOS® Software Release 12.0(5)WC7

• Catalyst 5500 switch that runs CatOS 6.4(2) software

The configurations in this document were implemented in an isolated lab environment. Ensure that you understand the potential impact of any configuration or command on your network. The configurations on all devices were cleared with the clear config all command on the Catalyst 5500 switch and write erase command on the Catalyst 3524XL switch to ensure a default configuration.

Conventions

For more information on document conventions, refer to the Cisco Technical Tips Conventions.

Background Theory

Trunking is a way to carry traffic from several VLANs over a point-to-point link between the two devices. Two ways in which you can implement Ethernet trunking are:

• ISL, a Cisco proprietary protocol

• IEEE 802.1Q standard

This document creates a trunk that carries traffic from two VLANs across a single link between a Catalyst 3500 and a Catalyst 5500 switch. Information on how to route between the two VLANs is beyond the scope of this document.

Important Notes

For Catalyst 2940/2950/2955/2970 Switches

Catalyst 2940 and 2950/2955 series switches support only 802.1Q trunking. These switches do not support ISL trunking.

Catalyst 2970 series switches support both ISL and 802.1Q trunking.

For Catalyst 2900XL/3500XL Switches

The Catalyst 2900XL/3500XL switches do not support Dynamic Trunking Protocol (DTP). Use the nonegotiate option for the switchport trunk command on the other side of the trunk link. Use of the nonegotiate option prevents the receipt of DTP frames from the peer that the XL switch cannot process.

Note: On a 4-MB DRAM Catalyst 2900XL switch, there is trunking support with these trunking-capable modules only:

• WS-X2914-XL-V

• WS-X2922-XL-V

• WS-X2924-XL-V

• WS-X2931-XL

• WS-X2932-XL

See this table for the current list of switch models that support trunking:

Note: In this table, only WS-C2916M-XL is a 4-MB DRAM switch. All other switches in the list are 8-MB DRAM switches. In order to determine whether your switch has 4 MB or 8 MB of DRAM, issue the user-level show version command. For more information, refer to the How to Determine the Amount of Switch Memory Using Command Line Interface section of Upgrading Software in Catalyst 2900XL and 3500XL Switches Using the Command Line Interface.

For Catalyst 4500/4000, 5500/5000, and 6500/6000 Switches

• The Catalyst 4500/4000 series, which includes the Catalyst 2948G and Catalyst 2980G, only supports 802.1Q trunking. The series does not support ISL trunking.

• Any Ethernet port on a Catalyst 6500/6000 series switch supports either 802.1Q or ISL encapsulation.

• Catalyst 5500/5000 trunk-capable ports either support ISL encapsulation only, or support either ISL or 802.1Q. This support scenario depends on the module. Issue the show port capabilities command to determine the support. The command output explicitly states the trunking capacity. Here is an example:

  cat5509 show port capabilities 3
  Model                    WS-X5234
  Port                     3/1
  Type                     10/100BaseTX
  Speed                    auto,10,100
  Duplex                   half,full
  Trunk encap type         802.1Q,ISL
  
  !--- This port supports both 802.1Q and ISL.
  
  Trunk mode               on,off,desirable,auto,nonegotiate
  Channel                  3/1-2,3/1-4 
  Broadcast suppression    percentage(0-100)
  Flow control             receive-(off,on),send-(off,on)
  Security                 yes
  Membership               static,dynamic
  Fast start               yes
  QOS scheduling           rx-(none),tx-(1q4t)
  CoS rewrite              yes
  ToS rewrite              IP-Precedence
  Rewrite                  yes
  UDLD                     yes
  AuxiliaryVlan            1..1000,untagged,dot1p,none
  SPAN                     source,destination

• Make sure that the trunking modes match across the trunk link. If you have configured one side of the link as an ISL trunk, configure the other side of the link as ISL. Similarly, if you have configured one side of the link as an 802.1Q, configure the other side of the link as 802.1Q.

Configure

In this section, you are presented with the information to configure the features described in this document.

Note: Use the Command Lookup Tool (registered customers only) to find more information on the commands used in this document.

Network Diagram

This document uses this network setup:

Configurations

This document uses these switch configurations:

• Catalyst 3524XL

• Catalyst 5500

This document applies this configuration to the switches:

• Set VLAN Trunk Protocol (VTP) modes on the switches.

• Add a second VLAN, VLAN 2, on the switches.

  Note: You add ports on those VLANs.

• Enable trunking with use of ISL or 802.1Q on the Fast Ethernet link that interconnects the switches.

  This allows the trunk to carry traffic for all VLANs.

• Enable spanning tree PortFast on the ports, where workstations have connection.

  According to the topology, you enable spanning tree PortFast on ports 3/2 and 3/3 on the Catalyst 5500 and on ports FastEthernet0/2 and FastEthernet0/3 on the Catalyst 3524XL switch.

This procedure provides the commands necessary to configure trunking. Each step includes the Cisco IOS Software and CatOS commands. Base your choice of command to use on the software that runs on the switch.

1. Configure VTP on both switches.

   In this example, you configure VTP mode as transparent. You can also configure the switches as either client or server. For more information, refer to Creating and Maintaining VLANs.

   • Cisco IOS Software

     IOSSwitch#vlan database
     3524xl(vlan)#vtp transparent
     Setting device to VTP TRANSPARENT mode.

   • CatOS

     CatOSSwitch> (enable) set vtp mode transparent
     VTP domain modified

2. Create the additional VLANs.

   You must complete this step on both switches if the VTP mode is transparent, as in the example. Otherwise, you only need to define the additional VLANs on the VTP server switch.

   • Cisco IOS Software

     IOSSwitch(vlan)#vlan 2
     VLAN 2 added:
     Name: VLAN0002
     IOSSwitch(vlan)#exit
     APPLY completed.
     Exiting....

   • CatOS

     CatOSSwitch(enable) set vlan 2
     VTP advertisements transmitting temporarily stopped,
     and will resume after the command finishes.
     Vlan 2 configuration successful

3. Assign some ports to the VLANs and, at the same time, enable PortFast on those ports if necessary.

   • Cisco IOS Software

     IOSSwitch(config)#interface fastethernet 0/2
     IOSSwitch(config-if)#switchport access vlan 2
     IOSSwitch(config-if)#spanning-tree portfast
     %Warning: portfast enabled on FastEthernet0/2.
     
     !--- Usually, you need to enable PortFast on ports that connect !--- to a single host. When you have enabled PortFast, !--- hubs, concentrators, switches, and bridges that connect to this !--- interface can cause temporary spanning tree loops. !--- Use PortFast with CAUTION.
     
     IOSSwitch(config-if)#exit
     

   • CatOS

     CatOSSwitch> (enable) set vlan 2 3/2
     Vlan 2 configuration successful
     VLAN 2 modified.
     VLAN 1 modified.
     VLAN Mod/Ports
     ---- -----------------------
     2     3/2 
     CatOSSwitch> (enable) set spantree portfast 3/2 enable
     

4. Enable trunking on the port.

   • Cisco IOS Software

     IOSSwitch(config)#interface fastethernet 0/1
     IOSSwitch(config-if)#switchport mode trunk
     

   • CatOS

     Omit this step for CatOS switches. In Step 5, you designate a port as trunk and, at the same time, you define the encapsulation.

5. Enter the trunking encapsulation as either ISL or 802.1Q (dot1q).

   • Cisco IOS Software

     IOSSwitch(config-if)#switchport trunk encapsulation isl
     
     OR
     
     IOSSwitch(config-if)#switchport trunk encapsulation dot1q
     

     Note: In the case of 2940/2950 switches, do not use these switchport commands. The Catalyst 2940/2950 switches only support 802.1Q encapsulation. When you enable trunking on the interface with the switchport mode trunk command, you automatically configure 802.1Q encapsulation.

   • CatOS

     CatOSSwitch> (enable) set trunk 3/1 nonegotiate isl
     Port(s) 3/1 trunk mode set to nonegotiate.
     Port(s) 3/1 trunk type set to Isl.
     
     !--- This switch connects to a 2900XL. !--- Therefore, you must use the nonegotiate option. 
     
     CatOSSwitch> (enable)

     OR

     
     !--- If you want to configure 802.1Q trunking instead, !--- issue this command:
     
     CatOSSwitch>(enable) set trunk 3/1 nonegotiate dot1q
     

   There are several options for trunking modes, such as: on, off, auto, desirable, auto, and nonegotiate. For more information on each, refer to the appropriate CatOS software configuration page for the switch product that you are configuring.

   In the case of 802.1Q, make sure that the native VLAN matches across the link. By default, the native VLAN is 1 or the VLAN that you have configured on the port. If your network requires the native VLAN to be other than VLAN 1, you can change the native VLAN. If you change the default native VLAN, you must change the native VLAN on the other side of the link as well. In order to change the native VLAN, issue one of these commands:

   • Cisco IOS Software

     switchport trunk native vlan vlan-ID
     
     

   • CatOS

     set vlan vlan-ID module/port
     
     

     Note: The module/port in this command is the trunk port.

Note: This output shows the issue of commands on the 3524XL switch. Comments in blue italics explain certain commands and steps:

3524xl#show running-config
Building configuration...

Current configuration:

!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname 3524xl
!
no logging console
enable password mysecret
!
!
!
!
!
ip subnet-zero
!
!
!
interface fastethernet0/1
switchport mode trunk
!

!--- If you have configured 802.1Q, !--- you instead see this output !--- under interface fastethernet0/1: !--- interface fastethernet0/1 !--- switchport trunk encapsulation dot1q !--- switchport mode trunk 

!
interface fastethernet0/2
switchport access vlan 2
spanning-tree portfast
!
interface fastethernet0/3
spanning-tree portfast
!
interface fastethernet0/4
!

!--- Output suppressed.
!
interface VLAN1
ip address 10.10.10.2 255.255.255.0
no ip directed-broadcast
no ip route-cache
!
!
line con 0
transport input none
stopbits 1
line vty 0 4
password mysecret
login
line vty 5 15
login
!
end

Note: This output shows the issue of commands on the 5500 switch. Comments in blue italics explain certain commands and steps:

cat5509> (enable) show config
This command shows non-default configurations only.
Use 'show config all' to show both default and non-default configurations.
........

..................

..

begin
!
# ***** NON-DEFAULT CONFIGURATION *****
!
!
!
set enablepass $2$FNl3$8MSzcpVMg1H2aWfll13aZ.
!
#system
set system name  cat5509
!
#frame distribution method
set port channel all distribution mac both
!
#vtp
set vtp mode transparent
set vlan 1 name default type ethernet mtu 1500 said 100001 state active
set vlan 2 
set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active
set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state 
 active stp ieee
set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state 
 active stp ibm
set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state 
 active mode srb aremaxhop 7 stemaxhop 7 backupcrf off
!
#ip
set interface sc0 1 10.10.10.3/255.255.255.0 10.10.10.255
!
!
# default port status is enable
!
!
#module 1 : 4-port 10/100BaseTX Supervisor
!
#module 2 : 3-port 1000BaseX Ethernet
!
#module 3 : 24-port 10/100BaseTX Ethernet
set vlan 2  3/2
set trunk 3/1 nonegotiate isl 1-1005

!--- If you have configured 802.1Q trunk, !--- this line displays as: !--- set trunk 3/1 nonegotiate dot1q 1-1005 

set spantree portfast 3/2-3 enable
!
#module 4 empty
!
#module 5 empty
!
#module 6 : 24-port 10BaseF Ethernet
!
#module 7 empty
!
#module 8 : 24-port 10/100BaseTX Ethernet
!
#module 9 empty
end
cat5509> (enable)

Verify

show Commands

This section provides information that you can use to confirm that your configuration works properly.

Certain show commands are supported by the Output Interpreter Tool (registered customers only) , which allows you to view an analysis of show command output.

On the Catalyst 2900XL/3500XL/2950 switches:

• show interfaces {fastethernet | gigabitethernet} module/port switchport

• show vlan

• show vtp status

On the Catalyst 5500/5000 switch:

• show port capabilities module/port

• show port module/port

• show trunk module/port

• show vtp domain

Sample show Command Output

Catalyst 3500XL Switch

• show interfaces {fastethernet | gigabitethernet} module/port switchport

  Use this command to check the administrative and operational status of the port. Also, use this command to make sure that the native VLAN matches on both sides of the trunk. The native VLAN handles untagged traffic when the port is in 802.1Q trunking mode. Refer to Creating and Maintaining VLANs for details on native VLANs.

  3524xl#show interfaces fastethernet 0/1 switchport 
  Name: Fa0/1
  Switchport: Enabled
  Administrative mode: trunk
  Operational Mode: trunk
  Administrative Trunking Encapsulation: isl
  Operational Trunking Encapsulation: isl
  Negotiation of Trunking: Disabled
  Access Mode VLAN: 0 ((Inactive))
  Trunking Native Mode VLAN: 1 (default)
  Trunking VLANs Enabled: ALL
  Trunking VLANs Active: 1,2
  Pruning VLANs Enabled: 2-1001
  
  Priority for untagged frames: 0
  Override vlan tag priority: FALSE
  Voice VLAN: none
  Appliance trust: none
  Self Loopback: No

  Note: For 802.1Q trunking, the output of the show interfaces {fastethernet | gigabitethernet} module/port switchport command changes in this way:

  3524xl#show interfaces fastethernet 0/1 switchport 
  Name: Fa0/1
  Switchport: Enabled
  Administrative mode: trunk
  Operational Mode: trunk
  Administrative Trunking Encapsulation: dot1q
  Operational Trunking Encapsulation: dot1q
  Negotiation of Trunking: Disabled
  Access Mode VLAN: 0 ((Inactive))
  Trunking Native Mode VLAN: 1 (default)
  Trunking VLANs Enabled: ALL
  Trunking VLANs Active: 1,2
  Pruning VLANs Enabled: 2-1001
  
  Priority for untagged frames: 0
  Override vlan tag priority: FALSE
  Voice VLAN: none
  Appliance trust: none
  Self Loopback: No

• show vlan

  Use this command to verify that the interfaces, or ports, belong to the correct VLAN. In this example, only interface Fa0/2 belongs to VLAN 2. The rest of the interfaces are members of VLAN 1:

  3524xl#show vlan 
  VLAN Name                             Status    Ports
  ---- -------------------------------- --------- -------------------------------
  1    default                          active    Fa0/3, Fa0/4, Fa0/5, Fa0/6,
                                                  Fa0/7, Fa0/8, Fa0/9, Fa0/10,
                                                  Fa0/11, Fa0/12, Fa0/13, Fa0/14,
                                                  Fa0/15, Fa0/16, Fa0/17, Fa0/18,
                                                  Fa0/19, Fa0/20, Fa0/21, Fa0/22,
                                                  Fa0/23, Fa0/24, Gi0/1, Gi0/2
  2    VLAN0002                         active    Fa0/2
  1002 fddi-default                     active    
  1003 token-ring-default               active    
  1004 fddinet-default                  active    
  1005 trnet-default                    active    
  
  !--- Output suppressed.
  
  

• show vtp status

  Use this command to check the VTP configuration on the switch. In this example, the VTP mode is Transparent. The correct VTP mode depends on the topology of your network. For details on VTP, refer to Creating and Maintaining VLANs.

  3524xl#show vtp status
  VTP Version                     : 2
  Configuration Revision          : 0
  Maximum VLANs supported locally : 254
  Number of existing VLANs        : 6
  VTP Operating Mode              : Transparent
  VTP Domain Name                 : 
  VTP Pruning Mode                : Disabled
  VTP V2 Mode                     : Disabled
  VTP Traps Generation            : Disabled
  MD5 digest                      : 0x74 0x79 0xD3 0x08 0xC0 0x82 0x68 0x63 
  Configuration last modified by 10.10.10.2 at 3-1-93 00:05:30

CatOS Switches

• show port capabilities module/port

  Use this command to check if the port is capable of trunking:

  cat5509 show port capabilities 3/1
  Model                    WS-X5234
  Port                     3/1
  Type                     10/100BaseTX
  Speed                    auto,10,100
  Duplex                   half,full
  Trunk encap type         802.1Q,ISL
  Trunk mode               on,off,desirable,auto,nonegotiate
  Channel                  3/1-2,3/1-4 
  Broadcast suppression    percentage(0-100)
  Flow control             receive-(off,on),send-(off,on)
  Security                 yes
  Membership               static,dynamic
  Fast start               yes
  QOS scheduling           rx-(none),TX(1q4t)
  COs rewrite              yes
  ToS rewrite              IP-Precedence
  Rewrite                  yes
  UDLD                     yes
  AuxiliaryVlan            1..1000,untagged,dot1p,none
  SPAN                     source,destination

• show port module/port

  cat5509> (enable) show port 3/1
  
  Port  Name               Status     Vlan       Level  Duplex Speed Type
  ----- ------------------ ---------- ---------- ------ ------ ----- ------------
   3/1                     connected  trunk      normal a-full a-100 10/100BaseTX
  
  Port  AuxiliaryVlan AuxVlan-Status
  ----- ------------- --------------
   3/1  none          none          
  
  
  Port  Security Violation Shutdown-Time Age-Time Max-Addr Trap     IfIndex
  ----- -------- --------- ------------- -------- -------- -------- -------
   3/1  disabled  shutdown             0        0        1 disabled      12
  
  Port  Num-Addr Secure-Src-Addr   Age-Left Last-Src-Addr     Shutdown/Time-Left
  ----- -------- ----------------- -------- ----------------- ------------------
   3/1         0                 -        -                 -        -         -
  
  !--- Output suppressed.
  
  

• show trunk module/port

  Use this command to verify the trunking status and configuration.

  cat5509> (enable) show trunk
  * - indicates vtp domain mismatch
  Port      Mode         Encapsulation  Status        Native vlan
  --------  -----------  -------------  ------------  -----------
   3/1      nonegotiate  isl            trunking      1
  
  Port      Vlans allowed on trunk
  --------  ---------------------------------------------------------------------
   3/1      1-1005
  
  Port      Vlans allowed and active in management domain 
  --------  ---------------------------------------------------------------------
   3/1      1-2
  
  Port      Vlans in spanning tree forwarding state and not pruned
  --------  ---------------------------------------------------------------------
   3/1      1-2
  

  Note: For 802.1Q trunking, the output of this command changes in this way:

  cat5509> (enable) show trunk
  * - indicates vtp domain mismatch
  Port      Mode         Encapsulation  Status        Native vlan
  --------  -----------  -------------  ------------  -----------
   3/1      nonegotiate  dot1q          trunking      1
  
  Port      Vlans allowed on trunk
  --------  ---------------------------------------------------------------------
   3/1      1-1005
  
  Port      Vlans allowed and active in management domain 
  --------  ---------------------------------------------------------------------
   3/1      1-2
  
  Port      Vlans in spanning tree forwarding state and not pruned
  --------  ---------------------------------------------------------------------
   3/1      1-2
  

• show vtp domain

  cat5509> (enable) show vtp domain
  DomainName                      Domain Index VTP Version Local Mode  Password
  -------------------------------- ------------ ----------- ----------- ----------
                                   1            2           Transparent -
  
  Vlan-count Max-vlan-storage Config Revision Notifications
  ---------- ---------------- --------------- -------------
  6          1023             0               disabled
  
  Last Updater    V2 Mode  Pruning  PruneEligible on Vlans
  --------------- -------- -------- -------------------------
  10.10.10.3      disabled disabled 2-1000

Troubleshoot

There is currently no specific troubleshooting information available for this configuration.

Related Information

• Creating and Maintaining VLANs
• Creating and Maintaining VLANs
• Configuring Ethernet VLAN Trunks
• Using PortFast and Other Commands to Fix Workstation Startup Connectivity Delays
• Cisco IOS Desktop Switching Command Reference, Release 12.0(5)XU
• LAN Product Support
• LAN Switching Support
• Technical Support - Cisco Systems