Network & Security Engineering
  • My Training Course
  • Network Engineering
    • CompTIA Network+
      • OSI Model: Layers 1-7 (Functions & Devices)
      • TCP/IP Model: Layers & Protocols
      • Encapsulation & De-encapsulation Process in Networking
      • Star, Mesh, Bus, Ring, Hybrid
      • LAN, WAN, WLAN, MAN, CAN, PAN
      • IPv4 Addressing & Classes
      • CIDR Notation & Subnet Masks
      • Private vs. Public IPs
      • Common TCP & UDP Ports
      • Twisted Pair (CAT5e, CAT6, CAT7, etc.)
      • Fiber Optic Cables
      • Ethernet Frame Structure
      • Switches
      • Router
      • Traceroute Test
      • Setting Up a Wireless Network in Cisco Packet Tracer
    • CCNA
      • Cisco Systems History
      • Cisco Certification Roadmap
      • Cisco Router Port Naming
      • Configuring Hostname, Passwords, and Banners in GNS3
      • Setting Router Clocks in Cisco Devices
      • Assigning IP Addresses to Interfaces
      • How to Back Up and Restore Router Configurations with TFTP
      • SSH Configuration on a Cisco Router
      • Configuring Static Routes on Routers
      • Configuring RIP v2 and Verifying Routes
      • Configuring EIGRP
      • Implementing Single-Area OSPF
      • Implementing Multiple OSPF Areas
      • Troubleshooting with show ip route
      • Configuring Standard ACLs in Cisco Routers
      • Getting Internet in GNS3 using a Cisco Router
      • Securing Remote Management and Disabling Unnecessary Services
      • Setting up a DHCP Server on a Cisco Router
      • Creating VLANs and Assigning Ports
      • Blackhole VLAN
      • Configuring 802.1Q Trunking
      • Configuring SSH on a Cisco Switch
      • Configuring Router-on-a-stick (ROAS) for VLANs
      • Setting up Syslog for Network Monitoring
      • Serial Point-to-Point Overview
      • Point-to-Multipoint OSPF in Metro Ethernet WAN Network
      • Frame Relay Configuration
    • CCNP
      • OSPF Single Area Configuration
      • OSPF Multi-Area Configuration
    • GNS3
      • About GNS3
      • GNS3 Architecture
      • Windows Installation
      • Linux Installation
      • Cisco IOS images for Dynamips
      • Add Router IOS Image in GNS3
      • Add a Virtual Machine in GNS3
      • Upgrade The GNS3 VM
      • L2 Switching Simulation
      • L3 switching Simulation
      • Lab 01 : Connect 2 PCs
      • Lab 02 : Configuring Ethernet and Serial Interfaces
      • Lab 03 : Basic switch setup
      • Lab 04 : Basic router setup
      • Lab 05 : Connect Router to Cloud in GNS3
      • Lab 06 : Router Remote Access via Telnet
      • Lab 07 : Configure Static Route in GNS3
      • Lab 08 : Syslog Server for Cisco Router in GNS3
      • Lab 09 : DHCP configuration in GNS3
      • Lab 10 : PPP Configuration
      • Lab 11 : Configuring Switch Security Features
    • MTCNA
      • Module 1 : Introduction
        • History
        • Cisco vs. MikroTik
        • Training Programs
        • MikroTik RouterOS
        • MikroTik RouterBOARD
        • Product Categories
        • Product Naming
        • First Time Access
        • Winbox
        • Default Configuration
        • Neighbor Discovery
        • Command Line Interface
        • Router Identity
        • Upgrading RouterOS
        • Package Management
        • Users and Services
        • Reset Configuration
        • RouterOS Licensing
      • Module 2 : DHCP
        • Overview of DHCP
        • DHCP Client
        • DHCP Server
        • RouterOS ARP table
      • Module 3 : Bridging
        • OSI Model
        • Overview of Bridging
      • Module 4 : Routing
        • IP Addressing
        • Routing Concepts
        • Static routing
      • Module 5 : Wireless
        • Basics of Radio Waves
        • Wireless Agencies
        • 802.11a/b/g/n/ac Concepts
        • Setup a simple wireless link
        • Link Budget Calculation
        • Wireless Network Topologies
        • 2.4 GHz Band
        • 5 GHz Band
      • Module 6 : Firewall
        • Firewall Principles
        • Firewall (Input Chain)
      • Module 7 : QoS
        • Quality of Service
  • Network Administrator
    • Linux Commands
      • The ls command
      • The cd command
      • The cat command
      • The head command
      • The tail command
      • The pwd command
      • The touch Command
      • The cal Command
      • The uname command
      • The mkdir command
      • The gzip command
      • The who command
      • The man command
      • The passwd command
      • The w command
      • The whoami command
      • The cp command
    • Windows Server 2012
      • Windows Server 2012 - Home
      • Installation
      • Server Roles
      • PowerShell
      • Windows Firewall
      • Remote Desktop Management
      • Resource Monitor
      • Active Directory
      • Group Policy Overview
      • DC Accounts
      • DHCP Role
      • DNS Role
      • Primary Zones
      • Manage Records
      • IIS Overview
      • IIS Security
      • Sharing of Files
      • Print Server
    • VMware Workstation
      • Install VMware Workstation on Windows
      • Customize Network Settings in VMware Workstation
      • Install VMware Tools on Windows and Windows Server VMs
      • Configure Autologin for a Windows VM on VMware Workstation
      • Lab 01 - Install Windows 7 on a VMware Workstation
      • Lab 02 - Install CentOS 8 on a VMware Workstation
      • Lab 03 - Install Kali Linux on VMware Workstation
      • Lab 04 - Install The Mikrotik CHR On VMware Workstation​
      • Lab 05 - Install Ubuntu in VMware Workstation
      • Lab 06 - Installing GNS3 VM on VMware Workstation
      • Lab 07 - Install Windows Server 2012 R2 on VMWare Workstation
      • Lab 08 - Install Windows 10 in VMware Workstation
    • LPIC-1
      • 101.1 Determine and configure hardware settings
  • Security Engineering
    • Practical Packet Analysis
      • Network Traffic Analysis with Wireshark in GNS3
      • Echo Requests and Responses
      • Dynamic Host Configuration Protocol
      • Cisco Discovery Protocol
      • Routing Information Protocol
    • PRTG Network Monitoring
      • Overview of PRTG Network Monitor
      • Internet Uptime/Availability Monitoring
      • Configuring SNMP v2 on Cisco Devices
    • Classical Ciphers
      • Caesar Cipher
      • Atbash Cipher
      • Vigenère Cipher
      • Affine Cipher
      • Hill Cipher
      • Rail Fence Cipher
      • Scytale Cipher
      • Bacon's Cipher
      • Beaufort Cipher
      • ROT13
      • Gronsfeld Cipher
  • Web Development
    • HTML
      • What is HTML?
      • Basic HTML Structure
      • Headings and Paragraphs
      • Text Formatting Tags
      • Working with Links
      • Adding Images to a Webpage
      • Embedding Videos and Audio
      • Creating Lists
      • Building Tables
      • HTML Forms
Powered by GitBook
On this page
  • Scenario:
  • Network Topology:
  • Step-by-Step Guide to Configuring 802.1Q Trunking:
  • Keywords
  1. Network Engineering
  2. CCNA

Configuring 802.1Q Trunking

Nerd Cafe

PreviousBlackhole VLANNextConfiguring SSH on a Cisco Switch

Last updated 1 month ago

Scenario:

You have two Cisco switches, Switch1 and Switch2, and you want to set up an 802.1Q trunk between them. The trunk will carry traffic for multiple VLANs (for example, VLAN 10, VLAN 20, and VLAN 30) between the two switches.

The goal is for devices on different VLANs on different switches to communicate as if they are on the same network.

Network Topology:

Sw1 and Sw2 are connected via a trunk link, which is configured on their respective interfaces.

Step-by-Step Guide to Configuring 802.1Q Trunking:

Step 1: Initial Setup on Switch1

Access Switch1:

  • Open the command-line interface (CLI) of Sw1 using a console cable or SSH (if configured).

Configure VLANs on Switch1:

  • Define the VLANs that will be used on both switches. In this case, we are using VLAN 10, VLAN 20, and VLAN 30.

Sw1#configure terminal
Sw1(config)#vlan 10
Sw1(config-vlan)#name Marketing
Sw1(config-vlan)#exit
Sw1(config)#vlan 20
Sw1(config-vlan)#name HR
Sw1(config-vlan)#exit
Sw1(config)#vlan 30
Sw1(config-vlan)#name IT

Configure the trunk port:

  • Let's say the trunk port on Switch1 will be FastEthernet 0/1.

  • Enter interface configuration mode and set it as a trunk port.

Sw1(config)#interface ethernet 3/3
Sw1(config-if)#switchport trunk encapsulation dot1q
Sw1(config-if)#switchport mode trunk

Verify the configuration:

  • Use the following command to verify that the trunk is correctly configured.

Sw1#show interfaces ethernet 3/3 switchport
Name: Et3/3
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Appliance trust: none
Sw1#

Step 2: Initial Setup on Switch2

Access Switch2:

  • Access the command-line interface (CLI) of Switch2.

Configure VLANs on Switch2:

  • Just like on Switch1, configure the same VLANs on Switch2.

Sw2#configure terminal
Sw2(config)#vlan 10
Sw2(config-vlan)#name Marketing
Sw2(config-vlan)#exit
Sw2(config)#vlan 20
Sw2(config-vlan)#name HR
Sw2(config-vlan)#exit
Sw2(config)#vlan 30
Sw2(config-vlan)#name IT

Configure the trunk port:

  • Configure the trunk port on FastEthernet 0/1 on Switch2 (the same port used on Switch1).

Sw2(config)#interface ethernet 3/3
Sw2(config-if)#switchport trunk encapsulation dot1q
Sw2(config-if)#switchport mode trunk

Verify the configuration:

  • Again, verify that the trunk is working correctly.

Sw2#show interfaces ethernet 3/3 switchport
Name: Et3/3
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Appliance trust: none
Sw2#

Step 3: Verify Connectivity Between VLANs

Assign VLANs to Access Ports:

  • Now, you need to assign VLANs to the access ports on both switches so that devices in different VLANs can communicate.

On Sw1:

Sw1#configure terminal
Sw1(config)#interface range ethernet 0/0-3
Sw1(config-if-range)#switchport mode access
Sw1(config-if-range)#switchport access vlan 10
Sw1(config-if-range)#exit
Sw1(config)#interface range ethernet 1/0-3
Sw1(config-if-range)#switchport mode access
Sw1(config-if-range)#switchport access vlan 20
Sw1(config-if-range)#exit
Sw1(config)#interface range ethernet 2/0-3
Sw1(config-if-range)#switchport mode access
Sw1(config-if-range)#switchport access vlan 30

On Sw2:

Sw2#configure terminal
Sw2(config)#interface range ethernet 0/0-3
Sw2(config-if-range)#switchport mode access
Sw2(config-if-range)#switchport access vlan 10
Sw2(config-if-range)#exit
Sw2(config)#interface range ethernet 1/0-3
Sw2(config-if-range)#switchport mode access
Sw2(config-if-range)#switchport access vlan 20
Sw2(config-if-range)#exit
Sw2(config)#interface range ethernet 2/0-3
Sw2(config-if-range)#switchport mode access
Sw2(config-if-range)#switchport access vlan 30

Check the Trunk Link:

  • Verify that the trunk link is allowing multiple VLANs to pass by using the show vlan brief command. The trunk should be carrying VLANs 10, 20, and 30.

On Sw1:

Sw1#show vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et3/0, Et3/1, Et3/2
10   Marketing                        active    Et0/0, Et0/1, Et0/2, Et0/3
20   HR                               active    Et1/0, Et1/1, Et1/2, Et1/3
30   IT                               active    Et2/0, Et2/1, Et2/2, Et2/3
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup

On Sw2:

Sw2#show vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et3/0, Et3/1, Et3/2
10   Marketing                        active    Et0/0, Et0/1, Et0/2, Et0/3
20   HR                               active    Et1/0, Et1/1, Et1/2, Et1/3
30   IT                               active    Et2/0, Et2/1, Et2/2, Et2/3
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup

Step 4: Testing the Configuration

Test Connectivity:

  • Connect devices to the access ports on each switch and test that they can communicate across the VLANs.

  • For example, if you have a device on VLAN 10 connected to Sw1, you should be able to ping the device on VLAN 10 connected to Sw2.

/PC1> ping 192.168.10.101

84 bytes from 192.168.10.101 icmp_seq=1 ttl=64 time=0.703 ms
84 bytes from 192.168.10.101 icmp_seq=2 ttl=64 time=1.084 ms
84 bytes from 192.168.10.101 icmp_seq=3 ttl=64 time=0.810 ms
84 bytes from 192.168.10.101 icmp_seq=4 ttl=64 time=1.055 ms
^C
PC1>

Keywords

802.1Q trunking, VLAN trunking, Cisco switch configuration, trunk port, VLAN tagging, switchport mode trunk, dot1q encapsulation, inter-switch communication, VLAN propagation, trunk link, Cisco CCNA, switchport access vlan, show interfaces trunk, VLAN management, switch configuration, network segmentation, access port, trunking protocol, Ethernet trunk, switch-to-switch connection, سیسکو

Topology