Trunking

Trunk links are point-to-point, 100Mbps or 1000Mbps links between two switches, between a switch and a router, or between a switch and a server. Trunk links carry the traffic of multiple VLANs, from 1 to 1005 at a time. You can not run trunk links on 10Mbps links.

Cisco switches use the Dynamic Trunking Protocol (DTP) to manage trunk negation in the Catalyst switch engine software release 4.2 or later, using either ISL or 802.1Q. DTP is a point- to-point protocol and was created to send trunk information across 802.1Q trunks. Dynamic ISL (DISL) was used to support trunk negation on ISL links only before DTP was released in software release 4.1; and before DISL, auto-negotiation of trunk links was not allowed.

A trunk is a port that supports multiple VLANs, but before it became a trunk, it was the member of a single VLAN. The VLAN it is a member of when it becomes a trunk is called a native VLAN. If the port were to lose the trunking ability, it would revert to membership in its native VLAN.

Configuring Trunk Ports

This section shows you how to configure trunk links on the 4000 series and the 2950/3550 series IOS-based switches.

4000 Switch

To configure a trunk on a 4000 series switch, use the set trunk command, and on the IOS-based switch, use the trunk on command:

Terry_4000> (enable) set trunk 2/12 ? Usage: set trunk <mod_num/port_num> [on|off|desirable|auto|nonegotiate] [vlans] [trunk_type] (vlans = 1..1005 An example of vlans is 2-10,1005)     (trunk_type = isl,dot1q,dot10,lane,negotiate) Terry_4000> (enable) set trunk 2/12 on isl Port(s) 2/12 trunk mode set to on. Port(s) 2/12 trunk type set to isl. Terry_4000> (enable) 2003 Mar 21 06:31:54 %DTP-5-TRUNKPORTON:Port 2/12 has become isl trunk

Port 2/12 has become a trunk port that uses ISL encapsulation. Notice that we did not specify the VLANs to trunk. By default, all VLANs would be trunked. Take a look at a configuration in which we specified the VLANs to use:

Terry_4000> (enable) set trunk 2/12 on 1-5 isl Adding vlans 1-5 to allowed list. Please use the 'clear trunk' command to remove vlans from allowed list. Port(s) 2/12 allowed vlans modified to 1-1005. Port(s) 2/12 trunk mode set to on. Port(s) 2/12 trunk type set to isl. 

Notice that, even though we told the switch to use VLANs 1-5, it added 1-1005 by default. To remove VLANs from a trunk port, use the clear vlan command. We'll do that in a minute.

We need to explain the different options for turning up a trunk port:

on The switch port is a permanent trunk port regardless of the other end. If you use the on state, you must specify the frame tagging method because it will not negotiate with the other end.

off The port becomes a permanent non-trunk link.

desirable The port you want to trunk becomes a trunk port only if the neighbor port is a trunk port set to on, desirable, or auto.

auto The port wants to become a trunk port but becomes a trunk only if the neighbor port asked the port to be a trunk. This is the default for all ports. However, because auto switch ports will never ask (they only respond to trunk requests), two ports will never become a trunk if they are both set to auto.

nonegotiate Makes a port a permanent trunk port, but because the port does not use DTP frames for communication, there is no negotiation. If you're having DTP problems with a switch port connected to a non-switch device, then use the nonegotiate command when using the set trunk command. This enables the port to be trunked, but you won't be sent any DTP frames.

2950 and 3550 Series

The 2950 switches support the same options but with different commands, as shown next. The 2950 series supports only IEEE 802.1Q VLANs, whereas the 3550 support ISL as well.

Terry_2950(config-if)#switchport trunk ?  allowed   Set allowed VLAN characteristics when interface is in trunking            mode  native    Set trunking native characteristics when interface is in trunking            mode  pruning   Set pruning VLAN characteristics when interface is in trunking mode Terry_2950(config-if)#switchport mode ?  access    Set trunking mode to ACCESS unconditionally  dynamic   Set trunking mode to dynamically negotiate access or trunk mode  trunk     Set trunking mode to TRUNK unconditionally Terry_2950(config-if)#switchport mode dynamic ?  auto      Set trunking mode dynamic negotiation parameter to AUTO  desirable Set trunking mode dynamic negotiation parameter to DESIRABLE Terry_2950(config-if)#switchport mode dynamic auto Terry_2950(config-if)#^Z Terry_2950#

Clearing VLANs from Trunk Links

As demonstrated in the preceding sections, all VLANs are configured on a trunk link unless cleared by an administrator. If you do not want a trunk link to carry VLAN information because you want to stop broadcasts on a certain VLAN from traversing the trunk link, or because you want to stop topology change information from being sent across a link where a VLAN is not supported, use the clear trunk command.

This section shows you how to clear VLANs from trunk links on both the 4000 and IOS- based series of switches.

4000 Series

The command to clear a VLAN from a trunk link is clear trunk slot/port vlans. Here is an example:

Terry_4000> (enable) clear trunk 2/12 5-1005 Removing Vlan(s) 5-1005 from allowed list. Port 1/2 allowed vlans modified to 1-4

2950 and 3550 Series Switches

The command switchport trunk allowed vlan remove vlan-list is used to limit which VLANs can use a particular trunk:

Terry_2950(config)# interface fa 0/10 Terry_2950(config-if)# switchport trunk allowed vlan remove 2-10,12,15 

Use a hyphen to show a contiguous range of VLANs that are to be excluded and use a comma to separate VLANs that are not contiguous. Do not leave spaces. From the configuration, you can see that the specified VLANs have been removed from the supported list.

Terry_2950#show run Building configuration… version 12.1 [output cut] interface FastEthernet0/10  switchport trunk allowed vlan 1,11,13,14,16-1005  switchport mode trunk  no ip address

Verifying Trunk Links

On the 4000 series, you can verify your trunk ports, using the show trunk command. If you have more than one port trunking and want to see statistics on only one trunk port, you can use the show trunk port_number command:

Terry_4000> (enable) show trunk 2/12 Port     Mode        Encapsulation  Status       Native vlan -------- ----------- -------------  ------------ -----------  2/12    on          isl            trunking     1 Port     Vlans allowed on trunk -------- ------------------------------------------------------  2/12    1-4 Port     Vlans allowed and active in management domain -------- ------------------------------------------------------  2/12    1 Port     Vlans in spanning tree forwarding state and not pruned -------- ------------------------------------------------------  2/12    1 Terry_4000> (enable)

The 2950/3550 series of Catalyst switches continue to do it differently than the 4000. To view the trunk status of a port on one of these switches, the command show interface interface_ id switchport needs to be used:

Terry_2950#show interface fa0/10 switchport Name: Fa0/10 Switchport: Enabled Administrative Mode: trunk Operational Mode: down Administrative Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Administrative private-vlan host-association: none Administrative private-vlan mapping: none Operational private-vlan: none Trunking VLANs Enabled: 1,11,13,14,16-1005 Pruning VLANs Enabled: 2-1001 Protected: false Voice VLAN: none (Inactive) Appliance trust: none Terry_2950#

A VLAN that is enabled on the switch is one that the switch has learned exists in the switch- fabric of the LAN. Somewhere out there, a device needs that particular VLAN, or it might be configured for future use. An active VLAN is a VLAN in which one or more ports on this switch are members.