A trunk can fail without printing a single error.
The link is up, both switches look configured, and yet no VLAN crosses to the other switch.You are the on-call engineer, and three tickets are waiting in your queue.
For each one you read the symptoms, prove the cause in the CLI, apply the fix, and verify it.
Figure 1 – 802.1Q Lab Topology
Every ticket starts from this topology: SW1 and SW2 joined by a single link on G0/1, VLAN 10 and VLAN 20 on both sides.
Reading the Trunk State
Ticket 1: users in VLAN 10 on SW1 cannot reach VLAN 10 on SW2, and VLAN 20 is dead across the link too.
The cable is fine and both ports are up.Start on SW1: ask it which ports are trunking.
SW1# show interfaces trunk SW1#Nothing comes back.
Not a single port is trunking, even though G0/1 is cabled and up.Ask the interface which mode it actually landed in.
SW1# show interfaces g0/1 switchport Name: Gig0/1 Switchport: Enabled Administrative Mode: dynamic auto Operational Mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) // Output omitted for clarityHere is the mismatch: the port is set to dynamic auto, yet it came up as static access.
It only trunks if the neighbor initiates, and the neighbor never did.Answer the question below
What is the operational mode of G0/1 while the trunk fails to form?
The Negotiation Deadlock
To see why the trunk never came up, remember how DTP decides.
A dynamic auto port listens for DTP frames but never sends the first one.
When both sides sit in dynamic auto, each one waits for the other to speak.
Nobody initiates, so the link stays access.That is your ticket: dynamic auto on both ends, the one pairing that never trunks.
Two listeners, no speaker.
The full mode matrix lives in the 802.1Q Trunking Review.Answer the question below
Which DTP mode pairing never forms a trunk?
Forcing the Trunk
You could bump one side to dynamic desirable, but on an inter-switch link you want a trunk that never rides on negotiation.
Hardcode both ends as static trunks, so the link never depends on DTP again.SW1# configure terminal Enter configuration commands, one per line. End with CNTL/Z. SW1(config)# interface g0/1 SW1(config-if)# switchport mode trunk SW1(config-if)# end %SYS-5-CONFIG_I: Configured from console by consoleApply the exact same command on SW2, because a static trunk on one side still needs a willing partner on the other.
SW2# configure terminal Enter configuration commands, one per line. End with CNTL/Z. SW2(config)# interface g0/1 SW2(config-if)# switchport mode trunk SW2(config-if)# end %SYS-5-CONFIG_I: Configured from console by consoleNow confirm the trunk is really up on SW1.
SW1# show interfaces trunk Port Mode Encapsulation Status Native vlan Gi0/1 on 802.1q trunking 1 Port Vlans allowed on trunk Gi0/1 1-1005 Port Vlans allowed and active in management domain Gi0/1 1,10,20The Status column reads trunking, the mode is on: a static trunk that negotiates nothing.
VLAN 10 and VLAN 20 can finally cross, and both tickets from those users disappear.Both ends now hold the trunk on their own.
You can lock them down further with switchport nonegotiate, a command that stops the port from sending DTP frames entirely.Answer the question below
Which switchport mode forces a trunk without relying on DTP?
Ticket 2 is noisy: SW1's console prints the same native VLAN warning every minute.
The trunk is up and tagged VLAN 10 and 20 still work, but untagged traffic is leaking between two VLANs.40 % Complete: you’re making great progress
Ready to pass your CCNP exam?