About the switchport mode

  • I am new to network Engineering. I find it is hard to distinguish and understand different switchport settings.

    Why can I have a switchport set to access, auto, or dynamic? What are they used for? Are those functions only used for a host to switch connection?

    What is "switchport nonnegotiate" used for?

  • knotseh

    knotseh Correct answer

    8 years ago

    Welcome to the field of network engineering!

    DTP stands for Dynamic Trunking Protocol and is crucial to the commands below. It is also Cisco proprietary.

    switchport mode access - Always forces that port to be an access port with no VLAN tagging allowed EXCEPT for the voice vlan. DTP is not used and a trunk will never be formed.

    switchport nonegotiate - turns off DTP and forces the interface into a trunk.

    switchport mode dynamic desirable - pro-active DTP negotiation will begin and if the other-side is set to trunk, desirable, or auto. The interface will become a trunk. Otherwise the port will become an access port.

    switchport mode dynamic auto - allows the port to negotiate DTP if the other side is set to trunk or desirable. Otherwise it will become an access port.

    switchport mode trunk - This interface will always be a trunk no matter what happens on the other side. It will also use DTP to negotiate a neighbouring interface that is set to dynamic desirable or dynamic auto into a trunk.

    In the real world - I have never seen *dynamic auto*or dynamic desirable as generally network engineers try and make layer 2 related items (such as switchport settings) stable and static. There are also security risks associated with this.

    An access role port is usually used for an single host or device. You must also specify which VLAN you would like it to be associated with, otherwise it will default to VLAN 1 in the Cisco world. eg)

    interface gig0/1
    switchport mode access
    switchport access vlan 10

    Also, if you have a VLAN for voip traffic. You can also set the voice vlan as required by adding

    switchport voice vlan 20

    A trunk port is generally only used when you want to interconnect two switches together in order to pass multiple VLANs between the two switches. In this example, the switches will use Dot1Q tagging and allow vlans 10, 20 & 30 to be passed between the two switches. Vlan 10 however, will be passed without tagging since it is set as the native vlan. eg)

    Switch1# interface gig0/1
    switchport encapsulation dot1q
    switchport mode trunk
    switchport trunk native vlan 10
    switchport trunk allowed vlan 10,20,30

    Switch2# interface gig0/1
    switchport encapsulation dot1q
    switchport mode trunk
    switchport trunk native vlan 10
    switchport trunk allowed vlan 10,20,30

    Take a look at Implement trunk and trunk protocols for more examples and to learn more about ISL or dot1q tagging along with some more command and debug information.

    @Samuel no problem. BTW I didn't touch on STP but you should learn/review that as it goes hand in hand with access/trunk ports. Most access ports will have # spanning-tree portfast ...you'll learn why shortly!

    knotseh Auto-to-auto doesn't become trunk it means any chance to became access

    DTP _is_ used with `switchport mode access`. The port will initiate DTP, but it will never trunk. In fact, the _only_ way to disable DTP is to use `switchport nonegotiate`.

License under CC-BY-SA with attribution

Content dated before 7/24/2021 11:53 AM