being the first IEEE standards-based trunking protocol for Ethernet. It allows multiple VLANs to traverse infrastructure equipment where cross vendor links exist. The 802.1Q protocol has the following features: To identify a frame with a given VLAN, the 802.1Q protocol adds a tag, or a field, to the standard Layer 2 Ethernet data frame. The components of this tag are shown in Figure . Because inserting the tag alters the original frame, the switch must recalculate and alter the FCS value for the original frame before sending it out the 802.1Q trunk port. In contrast, ISL does not modify the original frame at all. The new 802.1Q Tag field has the following components : If a non-802.1Q-enabled device or an access port receives an 802.1Q frame, the tag data is ignored, and the packet is switched at Layer 2 as a standard Ethernet frame. This allows for the placement of Layer 2 intermediate devices, such as other switches or bridges, along the 802.1Q trunk path. To process an 802.1Q tagged frame, a device must allow an MTU of 1522 or higher. Note: An Ethernet frame that has a larger MTU than expected (1518 by default for Ethernet) but no larger than 1600 bytes registers as a Layer 2 error frame called a “baby giant.” For ISL, the original frame plus ISL encapsulation can generate a frame as large as 1548 bytes, and 1522 bytes for an 802.1Q tagged frame.
Content 2.3 Implementing Trunks 2.3.4 Explaining 802.1Q Native VLANs When configuring an 802.1Q trunk, a matching native VLAN must be defined on each end of the trunk link. A trunk link is inherently associated with tagging each frame with a VID. The purpose of the native VLAN is to allow frames not tagged with a VID to traverse the trunk link. An 802.1Q native VLAN is defined as one of the following: Compare this to ISL, in which no frame may be transported on the trunk link without encapsulation, and any unencapsulated frames received on a trunk port are immediately dropped. Each physical port has a parameter called a port VID (PVID). Every 802.1Q port is assigned a PVID value equal to the native VID. When a port receives a tagged frame that is to traverse the trunk link, the tag is respected. For all untagged frames, the PVID is considered the tag. This allows the frames to traverse devices that may be unable to read VLAN tag information. Native VLANs have the following attributes:
Content 2.3 Implementing Trunks 2.3.5 Explaining VLAN Ranges Each VLAN on the network must have a unique VID. The valid range of user-configurable ISL VLANs is 1 to 1024. The valid range of VLANs specified in the IEEE 802.1Q standard is 1 to 4094. Figure describes VLAN ranges and their use. As a best practice, assign extended VLANs starting with 4094 and work downward, because some switches use extended-range VIDs for internal use starting at the low end of the extended range. Refer to "Configuring Extended-Range VLANs" in the software configuration guide associated with your switch platform and software release. Web Links To configure extended-range VLANs on a Catalyst 2960 switch, see: Configuring Extended-Range VLANs
Content 2.3 Implementing Trunks 2.3.6 Describing Trunking Configuration Commands Commands for configuring a trunk vary depending on your switch’s operating system. The commands in Figure are for a Cisco IOS software-based switch. Figure describes commands for configuring a trunk on a switch that is running Cisco IOS software. A trunk link can be configured statically or dynamically. Trunk links should be configured statically whenever possible. However, Cisco Catalyst switch ports run Dynamic Trunking Protocol (DTP), which can automatically negotiate a trunk link. This Cisco proprietary protocol can determine an operational trunking mode and protocol on a switch port when it is connected to another device that is also capable of dynamic trunk negotiation. DTP mode can be configured to turn the protocol off or to instruct it to negotiate a trunk link only under certain conditions, as described in Figure . The default DTP mode is Cisco IOS and platform dependent. To determine the current DTP mode, use the show dtp interface command. Note that this command is not available on Catalyst 2950 and 3550 switches, but is available on Catalyst 2960 and 3560 switches. Note: General best practice is to set the interface to trunk and nonegotiate when a trunk link is required. DTP should be turned off on links where trunking is not intended.
Content 2.3 Implementing Trunks 2.3.7 Configuring Trunking Switch ports are configured for trunking using Cisco IOS commands. To configure a switch port as an 802.1Q or an ISL trunking port, follow these steps on each trunk interface. Step 1 Enter interface configuration mode. Step 2 Shut down the interface to prevent the possibility of premature autoconfiguration. Step 3 Select the trunking encapsulation. Note that some switches support only ISL or 802.1Q. In particular, the Catalyst 2950 and 2960 support only 802.1Q. Step 4 Configure the interface as a Layer 2 trunk. Step 5 Configure the trunking native VLAN number for 802.1Q links. This number must match at both ends of an 802.1Q trunk. Step 6 Configure the allowable VLANs for this trunk. This is necessary if VLANs are restricted to certain trunk links. This is best practice with the Enterprise Composite Network Model and leads to the correct operation of VLAN interfaces. Step 7 Use the no shutdown command on the interface to activate the trunking process. Step 8 Verify the trunk configuration using show commands. Figure shows how to configure interface Fast Ethernet 5/8 as an 802.1Q trunk. Frames from VLANs 1, 5, 11, and 1002 to 1005 will be allowed to traverse the trunk link. The switchport mode for the interface is trunk (on), and no DTP messages will be sent on the interface. Note: For security reasons, the native VLAN has been configured to be an “unused” VLAN. This will be discussed in more detail later. Figure describes the commands used to configure a switch port as an 802.1Q trunk link. CAUTION: Ensure that the native VLAN for an 802.1Q trunk is the same on both ends of the trunk link. If there is a