Disabling Native VLAN Configuration on Trunk mode
This chapter contains sample configurations to check the functionality to drop the untagged traffic by disabling the native VLAN by configuring acceptable-frame-type VLAN-tagged.
Topology
Native VLAN Topology
Configuration
SW1
SW1#configure terminal | Enter configuration mode |
SW1(config)#bridge 1 protocol mstp | Create bridge |
SW1(config)#vlan database | Enter VLAN configuration mode |
SW1(config-vlan)#vlan 2-10 bridge 1 state enable | Create 2-10 vlans |
SW1(config-vlan)#exit | Exit VLAN configuration mode |
SW1(config)#interface xe21 | Enter interface configuration mode for xe21 |
SW1(config-if)#switchport | Configure switchport |
SW1(config-if)#bridge-group 1 | Associate interface with bridge-group 1 |
SW1(config-if)#switchport mode trunk | Configure port mode as trunk |
SW1(config-if)#switchport trunk allowed vlan all | Allow all the VLANs on the xe21 port |
SW1(config-if)#exit | Exit from interface mode |
SW1(config)#interface xe6 | Enter interface configuration mode for xe6 |
SW1(config-if)#switchport | Configure switchport |
SW1(config-if)#bridge-group 1 | Associate interface with bridge-group 1 |
SW1(config-if)#switchport mode trunk | Configure port mode as trunk |
SW1(config-if)#switchport trunk allowed vlan all | Allow all the VLANs on the xe6 port |
SW1(config-if)#exit | Exit from interface mode |
SW1(config)#commit | Commit the candidate configuration to the running configuration |
SW2
SW2#configure terminal | Enter configuration mode |
SW2(config)#bridge 1 protocol rstp vlan-bridge | Create bridge |
SW2(config)#vlan database | Enter VLAN configuration mode |
SW2(config-vlan)#vlan 2-10 bridge 1 state enable | Create 2-10 vlans |
SW2(config-vlan)#exit | Exit VLAN configuration mode |
SW2(config)#interface xe6 | Enter interface configuration mode for xe6 |
SW2(config-if)#switchport | Configure switchport |
SW2(config-if)#bridge-group 1 | Associate interface with bridge-group 1 |
SW2(config-if)#switchport mode trunk | Configure port mode as trunk |
SW2(config-if)#switchport trunk allowed vlan all | Allow all the VLANs on the xe6 port |
SW2(config-if)#exit | Exit from interface mode |
SW2(config)#interface xe13 | Enter interface configuration mode for xe13 |
SW2(config-if)#switchport | Configure switchport |
SW2(config-if)#bridge-group 1 | Associate interface with bridge-group 1 |
SW2(config-if)#switchport mode trunk | Configure port mode as trunk |
SW2(config-if)#switchport trunk allowed vlan all | Allow all the VLANs on the xe13 port |
SW2(config-if)#exit | Exit from interface mode |
SW2(config)#commit | Commit the candidate configuration to the running configuration |
Validation
Sending untagged, VLAN-5 and VLAN-6 traffic from IXIA-1 to IXIA-2. In the show bridge o/p we can see all the MAC entries learnt for all the traffics.
In the show vlan brief output for default VLAN interface xe21 is having port type as untagged (u).
SW1#show bridge
bridge 1 is running on mstp
Ageout time is global and if something is configured for vxlan then it will be a
ffected here also
Bridge CVLAN SVLAN BVLAN Port MAC Address FWD Time-out
---------+------+------+------+-----------+-----------------+-----+---------+
1 1 ce2/2 0010.9400.0001 1 300
SW1#show interface counters rate mbps
+-------------------+--------------+-------------+--------------+-------------+
| Interface | Rx mbps | Rx pps | Tx mbps | Tx pps |
+-------------------+--------------+-------------+--------------+-------------+
xe21 621.21 606650 0.00 0
xe6 0.00 0 621.21 606651
SW1#show vlan brief
Bridge VLAN ID Name State H/W Status Member ports
(u)-Untagged, (t)-Tagged
======= ======= ================ ======= ========== ==========================
1 1 default ACTIVE Success xe21(u) xe6(u)
1 2 VLAN0002 ACTIVE Success xe21(t) xe6(t)
1 3 VLAN0003 ACTIVE Success xe21(t) xe6(t)
1 4 VLAN0004 ACTIVE Success xe21(t) xe6(t)
1 5 VLAN0005 ACTIVE Success xe21(t) xe6(t)
1 6 VLAN0006 ACTIVE Success xe21(t) xe6(t)
1 7 VLAN0007 ACTIVE Success xe21(t) xe6(t)
1 8 VLAN0008 ACTIVE Success xe21(t) xe6(t)
1 9 VLAN0009 ACTIVE Success xe21(t) xe6(t)
1 10 VLAN0010 ACTIVE Success xe21(t) xe6(t)
Configuring Disable-Native-VLAN on Trunk mode
SW1
SW1(config)#interface xe21 | Enter interface configuration mode for xe21 |
SW1(config-if)#switchport mode trunk disable-native-vlan | Configure disable native VLAN on trunk mode |
SW1(config-if)#exit | Exit from interface mode |
SW1(config)#commit | Commit the candidate configuration to the running configuration |
Validation
After configuring disable-native-vlan, show vlan brief output we can see that xe21 interface is having port type as tagged (t).
SW1#show bridge
bridge 1 is running on mstp
Ageout time is global and if something is configured for vxlan then it will be a
ffected here also
Bridge CVLAN SVLAN BVLAN Port MAC Address FWD Time-out
---------+------+------+------+-----------+-----------------+-----+---------+
SW1#sh vlan brief
bridge 1 is running on rstp vlan-bridge
Ageout time is global and if something is configured for vxlan then it will be a
ffected here also
Bridge CVLAN SVLAN BVLAN Port MAC Address FWD Time-out
---------+------+------+------+-----------+-----------------+-----+---------+
1 1 xe21 0000.0000.0001 1 300
1 5 xe21 0000.0000.0005 1 300
SW1#show interface counters rate mbps
+-------------------+--------------+-------------+--------------+-------------+
| Interface | Rx mbps | Rx pps | Tx mbps | Tx pps |
+-------------------+--------------+-------------+--------------+-------------+
xe21 864.88 844613 0.00 0
xe6 0.00 0 0.00 0
SW1#show interface counters drop-stats
Interface ce2/2
Rx Policy Discards: 454522965
Rx EGR Port Unavail: 454522967