2-584
Catalyst 3550 Multilayer Switch Command Reference
OL-8566-01
Chapter 2 Catalyst 3550 Switch Cisco IOS Commands
switchport mode
When you enter dynamic desirable mode, the interface becomes a trunk interface if the neighboring
interface is set to trunk, desirable, or auto mode.
To autonegotiate trunking, the interfaces must be in the same VTP domain. Trunk negotiation is
managed by the Dynamic Trunking Protocol (
DTP), which is a point-to-point protocol. However, some
internetworking devices might forward DTP frames improperly, which could cause misconfigurations.
To avoid this, you should configure interfaces connected to devices that do not support DTP to not
forward DTP frames, which turns off DTP.
• If you do not intend to trunk across those links, use the switchport mode access interface
configuration command to disable trunking.
• To enable trunking to a device that does not support DTP, use the switchport mode trunk and
switchport nonegotiate interface configuration commands to cause the interface to become a trunk
but to not generate DTP frames.
• With GigaStack GBICs, dynamic trunking is only supported when two switches are connected by a
single GigaStack GBIC link. If trunking is required when more than two switches in a stack are
connected by GigaStack GBIC links, you must manually configure trunking in this manner:
–
Manually shut down the GigaStack port by using the shutdown interface configuration
command.
–
Manually configure trunk mode on the GigaStack port by using the switchport mode trunk
interface configuration command on both GBIC interfaces to cause the interfaces to become
trunks.
–
Use the no shutdown interface configuration command to bring up the GigaStack port.
When you enter dot1q-tunnel, the port is set unconditionally as an IEEE 802.1Q tunnel port.
Access port, trunk ports, and tunnel ports are mutually exclusive.
Any IEEE 802.1Q encapsulated IP packets received on a tunnel port can be filtered by MAC ACLs, but
not by IP ACLs. This is because the switch does not recognize the protocol inside the IEEE 802.1Q
header. This restriction applies to router ACLs, port ACLs and VLAN maps.
The IEEE 802.1x authentication feature interacts with switchport modes in these ways:
• If you try to enable IEEE 802.1x authentication on a trunk port, an error message appears, and
IEEE
802.1x authentication is not enabled. If you try to change the mode of an IEEE 802.1x-enabled
port to trunk, the port mode is not changed.
• If you try to enable IEEE 802.1x authentication on a dynamic port, an error message appears, and
IEEE 802.1x authentication is not enabled. If you try to change the mode of an IEEE 802.1x-enabled
port to dynamic, the port mode is not changed.
• If you try to enable IEEE 802.1x authentication on a dynamic-access (VLAN Query Protocol
[VQP]) port, an error message appears, and IEEE 802.1x authentication is not enabled. If you try to
change an IEEE 802.1x-enabled port to dynamic VLAN assignment, an error message appears, and
the VLAN configuration is not changed.
Configuring a port as an IEEE 802IEEE 802.1Q tunnel port has these limitations:
• IP routing and fallback bridging are not supported on tunnel ports.
• Tunnel ports do not support IP access control lists (ACLs).
• If an IP ACL is applied to a trunk port in a VLAN that includes tunnel ports, or if a VLAN map is
applied to a VLAN that includes tunnel ports, packets received from the tunnel port are treated as
non-IP packets and filtered with MAC access lists.
• Layer 3 QoS ACLs and other QoS features related to Layer 3 information are not supported on
tunnel ports.
To Next Page
Loading...
