We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is Why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 568 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

 

317 New Members signed up the last 30 days!

satisfaction-guaranteed

100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags: ,


Forum Replies

  1. You have a very unique way of explaining, Clear and direct to the point. I am very grateful.
    Thank you

  2. Hi John,

    When you mix access and trunk mode, we get to see this message:

    SwitchA#
    %SPANTREE-7-RECV_1Q_NON_TRUNK: Received 802.1Q BPDU on non trunk FastEthernet0/14 VLAN1.
    %SPANTREE-7-BLOCK_PORT_TYPE: Blocking FastEthernet0/14 on VLAN0001. Inconsistent port type.
    %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking FastEthernet0/14 on VLAN0001. Port consistency restored.

    The trunk will send BPDUs for each VLAN, our access mode interface only sends one BPDU so that's why CDP reports this error. This won't be a working trunk but I think the access mode VLAN (VLAN1) will work.

    I'd have to give this a try to see if it works.

    Rene

  3. Dear Rene

    i'm new here i finished before some week from CCNA I want to study CCNP with you the explanation is very good.this command:

    switchport trunk encapsulation dot1q

    Is not working in my packet tracer how can I make a switching lab ??

  4. Hi Mohamed,

    There are two trunking protocols, 802.1q and ISL. Some newer switches only support 802.1Q and in that case this command will be unavailable.

    It's also possible that packet tracer doesn't support it, it's a simulator after all. It doesn't matter too much though...when this command doesn't work then the switch will use 802.1Q when you configure the interface as a trunk.

    Rene

  5. Hello Pankaj.

    Tagging occurs when a frame exits a switch on a trunk port. If you have a trunk port with VLANs 10 and 20 allowed on it for example, and you send a frame from VLAN 10 through that trunk, as it exits the physical port, a tag of "10" will be placed in the header of the frame.

    So in none of your above examples is tagging being configured. The following configuration configures a trunk:

    interface fastethernet0/1
    switchport mode trunk
    switchport trunk allowed vlan 10,20

    These commands tell the switch that frames that exit fastethernet 0/1 must be tagged with the appropriate VLAN tag.

    Now you mention that you read that you should not tag a frame twice. The article you read is probably referring to double tagging as a method of attacking networked resources to gain access to traffic on other VLANs that would normally not be accessible. This is a security issue that you can read more about here: https://supportforums.cisco.com/discussion/12304791/double-tagging-through-access-ports-why

    There are cases where you do want to have two tags such as when you use q-in-q. You can read more about it in Rene's lessons here: https://networklessons.com/switching/802-1q-tunneling-q-q-configuration-example/

    I hope this has been helpful!

    Laz

31 more replies! Ask a question or join the discussion by visiting our Community Forum