To manually configure a trunk port to run ISL or dotlq, use the switchport trunk encapsulation command.
Notice that there’s a third option, negotiate. The trunk ports will then negotiate between ISL and dotlq, and naturally it must be a protocol that both ports support. If the negotiating ports support both
protocols, ISL will be selected.
By the way, if you use lOS Help to display your switch’s
encapsulation choices, and there aren’t any, that’s a pretty good sign that your switch supports only dotlq!
There’s a third trunking protocol we need to be aware of. The Dynamic Trunking Protocol is a Cisco-proprietary point-to-point protocol that actively attempts to negotiate a trunk line with
the remote switchport. This sounds great, but there is a cost in overhead - DTP frames are transmitted every 30
seconds.
If you decide to configure a port as a non-negotiable trunk port, there’s no need for the port to send DTP frames. Also, if there’s a device on the other end of the line that can’t trunk at all a firewall, for example -there’s no need to send DTP frames.
DTP can be turned off at the
interface level with the switchport nonegotiate command, but as you see
below, you cannot turn DTP off until the port is no longer in dynamic desirable trunking mode.
You can verify DTP operation (or non-operation) with show dtp.
There is a show dtp interface command as well, but it’s
extremely verbose. It will show you which interfaces are
running DTP, which the basic show dtp command will not do.
While we’ve got those trunking modes in front of us, let’s
examine exactly what’s going on with each one.
Trunk mode means just that -this port is in unconditional
trunk mode and cannot be an access port. Since this port cannot negotiate, it’s standard procedure to place the remote trunk port in trunk mode.
Turning off DTP when you place a port in trunk mode is a great idea, because there’s no use in sending negotiation frames every 30 seconds if no negotiation is necessary.
Dynamic desirable is the default setting for most Cisco switch ports today. If the local switch port is running dynamic
desirable and the remote
switch port is running in trunk, dynamic desirable, or dynamic auto, a trunk will form. This is because a port in dynamic desirable mode is sending and responding to DTP frames.
If you connect two 2950s with a crossover cable, a trunk will form in less than 10 seconds with no additional configuration needed.
Dynamic auto is the “oddball”
trunking mode. A port
configured as dynamic auto
(often called simply “auto”) will not actively negotiate a trunk, but will accept negotiation
begun by the remote switch. As long as the remote trunk port is configured as dynamic
desirable or trunk, a trunk will form.
It’s important to note that the trunk mode does not have to match between two potential trunk ports. One port could be in dynamic desirable and the other in trunk mode, and the trunk would come up.
Is there a chance that two ports that are both in one of these three modes will not successfully form a trunk? Yes -if they’re both in dynamic auto mode.
You can expand the show interface trunk command we examined earlier in this section to view the trunking mode of a particular interface. Port 0/11 is running in dynamic desirable mode.
We can change the mode with the switchport mode command.
By changing the port to trunk mode, the mode is “on”.
When we looked at the options for switchport mode, did you notice that there is no “off”
setting?
When a port is configured as an access port, that
unconditionally turns trunking off. switchport mode access is the command that turns
trunking off. Here’s the show interface trunk command displaying the information for the port leading to HOST 1 after configuring the port as an
access port.
Through the various show commands we’ve used in this section, you might have noticed that trunk ports allow traffic for VLANs 1 - 4094 to cross the trunk line. This is the default, but it can be changed with the switchport trunk allowed vlan command. The various options
with this command do take a little getting used to, so let’s take a closer look at them.
except - Follow this option with the VLANs whose traffic should not be allowed across the
trunk. We’ll configure interface fast 0/11 and 0/12 to not trunk for VLAN 1000 and look at the results with show interface trunk.
VLAN 1000 is not allowed to trunk through interfaces fast 0/11 and fast 0/12. To allow VLAN 1000 to trunk through these interfaces again, we’ll use the add option of this command. (To remove
additional VLANs, we would use remove.)
VLAN 1000 is again allowed to trunk through these two
interfaces.
The more drastic choices are all and none. To disable trunking for all VLANs, the none option would be used. To enable
trunking for all VLANs again, we’ll use the all option.