Where access ports allow for only one data VLAN and one voice VLAN, a trunk port can carry one or more VLANs. Generally, you would use a trunk to connect switches together where you need to carry traffic. In some cases, you would configure a trunk port to connect to a server, such as a virtual server. If the device needs to use more than one VLAN, then you will want to configure the port as a trunk port.
Configure
The following commands will set up the interface to trunk mode exclusively. This will turn off Dynamic Trunking Protocol (DTP). Depending on the hardware you are on, you may need to set the encapsulation mode. Most newer equipment and code should default to using 802.1Q encapsulation, though.
Switch#configure terminal
Switch(config)#interface interface-id
Switch(config-if)#switchport trunk encapsulation {dot1q | isl}
Switch(config-if)#switchport mode trunk
In order to add and remove VLANs on a trunk, you need to go to the interface and specify whether you want to add or remove VLANs.
To add one or more VLANs to the trunk:
Switch#configure terminal Switch(config)#interface interface-id Switch(config-if)#switchport trunk allowed vlan add vlan-id,vlan-id,vlan-id
To remove one or more VLANs from the trunk, you replace the add parameter with remove. It may appear odd that the allowed parameter is in the command but think of it like this, you are removing an allowed VLAN from the trunk.
Switch#configure terminal Switch(config)#interface interface-id Switch(config-if)#switchport trunk allowed vlan remove vlan-id,vlan-id,vlan-id
Verify
To verify what interfaces are trunks and what VLANs are configured, you would use the following command:
Switch#show interfaces trunk
You may also want to check the switchport configuration for the interface.
Switch#show interfaces interface-id switchport Name: interface-id Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk private VLANs: none Operational private-vlan: none Trunking VLANs Enabled: All Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false Unknown unicast blocked: disabled Unknown multicast blocked: disabled Appliance trust: none
Troubleshoot
When you try to set the interface to trunk mode, you may encounter an error message regarding the trunk encapsulation. This occurs on older hardware, but you may still see it. You just need to set the trunk encapsulation first, then go back to configuring the interface as a trunk.
Switch(config-if)#switchport mode trunk Command rejected: An interface whose trunk encapsulation is "Auto" can not be configured to "trunk" mode.
Trunks will carry multiple VLANs only if they are created. If you look at the output of the show interfaces trunk command and do not see the VLANs you expect, ensure the VLANs are created on the device.
Leave a Reply