When looking at the CCNA it is good idea to get a hold of trunking between switches along with that there are a couple of administrative modes that each physical interface on Cisco switch can be when you are trunking between them. Remember that when we are trunking it usually carries all VLANs (This can be changed) but there are different ways to make trunking between links happen.
When you are in an interface on a Cisco switch you can change the operational mode of that interface by issuing the switchport mode command. There are four commands that can be issued:
Switch(config-if)#switchport mode ? access Set trunking mode to ACCESS unconditionally dynamic Set trunking mode to dynamically negotiate access or trunk mode trunk Set trunking mode to TRUNK unconditionally
- Switchport mode access – Which prevents the interface from trunking, this interface would always act as an access port.
- Switchport mode trunk – Which puts the interface in trunking
- Switchport mode dynamic auto – The interface waits to receive a trunk negotiation message, at which point the switch would respond and negotiate whether to use trunking. If so which type of trunking.
- Switchport mode dynamic desirable – Initiates negotiation messages and responds to negotiation messages to dynamically choose whether to start using trunking. This also decides which type of trunking to use.
The best security practice I always use is hard code these interface (either access or trunk), there is no need for these to negotiate trunking behaviors. If somebody plugged in a switch or used a tool to trick the switch in believing it is a trunk port they now can listen to all traffic in your network!
That is really it for the different types of trunking modes, if I have two switches together and both of them are in dynamic auto, what would the interface operational mode be? Would it be a Trunk or an access? The answer would be an access, because of they are both waiting for a trunk negotiation message. I hope this information is helpful and if you have a question post it below also see if you can figure out if the interface would be trunking or if it would be in an access port.
- Access + Access =?
- Trunk + Auto =?
- Trunk + Trunk =?
- Auto + Auto =?
- Desirable + Auto =?
- Access + Desirable =?
- Desirable + Trunk =?
- Desirable + Desirable=?
- Access + Trunk =?
- Access + Auto =?
- Trunk + Access =?
- Configure Router on a Stick (ciscoskills.net)
- VLAN Trunking Methods (learnnetworkingwithme.wordpress.com)
- Nexus 1000v – DMZ Private VLAN config example (datacenterhawk.wordpress.com)
- Nicira Open vSwitch inside vSphere/ESX (ioshints.info)