Trunk links common problem mostly occurs due to incorrect configurations. Troubleshooting trunk links problem is a common task in networking. If a problem with a trunk is found and the cause is unknown, first, check the trunks for a native VLAN mismatch.
If native VLAN is correct then, check for trunk mode mismatches, and at last check for the allowed VLAN list on the trunk. The following types of errors generally occur during configuring the trunk links.
Sometimes port of the switch behaves like a trunk even the port is not configured as a trunk. If an access port accepts frames from VLANs different from the VLAN to which it is assigned. This is called VLAN leaking. To troubleshoot VLAN leaking in the local and peer VLAN matching use the show interfaces trunk command. The VLAN leaking occurs If the native VLAN is not the same on both sides.
Trunk link ports of both sides configured with different native VLANs is known as native VLAN mismatches. The native VLAN mismatches affect inter-VLAN routing, among other problems. This is also a security risk. The CDP displays a console notification message of a native VLAN mismatch.
Figure 1 illustrates the console notification of native VLAN mismatch. For example Figure 1 shows that the native VLAN on one side of the trunk link is VLAN 1 and the other side is VLAN 30. A-frame sent from VLAN 1 on one side is received on VLAN 30 on the other side. VLAN 1 leaks into the VLAN 30 segment.
So, static configuration of trunk links is the best practice ever. Cisco Catalyst switches attempt to negotiate a trunk link by default. Use the show interfaces trunk command to display the status of the trunk, the native VLAN used on that trunk links, and also verify trunk establishment. Figure2 illustrates the output of the show interfaces trunk command on Sw-2.
If the native VLAN mismatch occurs, the connectivity issues start in the network. So, the data traffic for other VLAN except native VLAN will successfully propagate across the network. Native VLAN mismatch doesn’t keep trunk establishment. The administrator can easily re-configure native VLAN on both sides of the link
Trunk Mode Mismatches and Wrong VLAN allowed List
Normally switchport mode trunk command is using to configure trunk links. Cisco Catalyst switch uses DTP to negotiate the state of the trunk link. When statically configured trunk port on a trunk link incompatible with the neighbouring trunk port, a trunk link fails to form between the two switches.
Figure 3 illustrates that PC-2 and PC-3 can communicate with each other but cannot communicate with PC-4. The topology indicates a valid configuration. But, why PC-2 and PC3 cannot connect to PC-4. Use the show interfaces trunk command to check the status of the trunk ports on both switches.
The output shown in Figure 4 reveals that interface Gig0/1 on Sw-1 is in dynamic auto mode and only VLAN 20 is allowed on the trunk link. Gig0/2 is also in dynamic auto mode. So, therefore PCs of VLAN 20 on Sw-1 cannot communicate with PCs of VLAN-20 on Sw-2. Figure 5 illustrates the show interface trunk output of Sw-2. Where all VLANs are allowed.
To resolve this problem, configure the trunk mode again on Fa0/1 ports on Sw-1 manually and allow all VLANs with interface mode command “switchport trunk allowed vlan all” or “switchport trunk allowed vlan vlan-id” .
After the configuration change, the output of the show interfaces command on Sw-1 indicates in figure 6 that port Gig0/1 is now in trunking mode and all VLANs are now allowed to the trunk. Now all PCs can communicate with each other on both switches.