VLAN Trunking Questions
Question 1
Refer to the exhibit.
| Switch1#show int fastEthernet0/1 switchport Name: Fa0/1 Switchport: Enabled Administrative Mode: dynamic auto Operational Mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 2 (VLAN0002) Trunking Native Mode VLAN: 3 (VLAN0003) Administrative Native VLAN tagging: enabled Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk Native VLAN tagging: enabled Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk private VLANs: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false |
If a port is configured as shown and receives an untagged frame, of which VLAN will the untagged frame be a member?
A. VLAN 1
B. VLAN 2
C. VLAN 3
D. VLAN 4
Answer: B
Explanation
When typing:
Switch(config-if)#switchport mode ?
access Set trunking mode to ACCESS unconditionally
dynamic Set trunking mode to dynamically negotiate access or trunk mode
trunk Set trunking mode to TRUNK unconditionally
and
Switch(config-if)#switchport mode dynamic ?
auto Set trunking mode dynamic negotiation parameter to AUTO
desirable Set trunking mode dynamic negotiation parameter to DESIRABLE
So if we configure Fa0/1 as dynamic auto mode, it will not initiate any negotitation but waiting for the other end negotiate to be a trunk with DTP. If the other end does not ask it to become a trunk then it will become an access port. Therefore when using the “show interface fastEthernet0/1 switchport” command we will see two output lines “Administrative Mode: dynamic auto” and “Operational Mode: static access“
Note: To set this port to VLAN 2 as the output above just use one additional command: “switchport access vlan 2”.
Now back to our question, from the output we see that Fa0/1 is operating as an access port on VLAN 2 so if it receive untagged frame it will suppose that frame is coming from VLAN 2.
Question 2
Refer to the exhibit.
| Switch1#show interfaces fastEthernet0/1 switchport Name: Fa0/1 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 3 (VLAN0003) Administrative Native VLAN tagging: enabled Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk Native VLAN tagging: enabled Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk private VLANs: none Operational private-vlan: none Trunking VLANs Enabled: 4-100 Pruning VLANs Enabled: 100-200 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false |
Which VLANs are permitted to send frames out port FastEthernet0/1?
A. 100-200
B. 4-100
C. 1 and 4-100
D. 3 and 4-100
Answer: D
Explanation
Traffic on the native vlan does not get tagged as it crosses a trunk, so there is no dot1q tag in the first place to be filtered. And you don’t need to allow the native vlan. But if we force to tag the native vlan (with the “switchport trunk native vlan tag” command) then if the native vlan is not in the “allowed vlan” list it will be dropped.
GOD that embarrassing .. i didn’t choose the right answers .. but i know why i was wrong before i read the Explanation .. i simply didn’t read the question good 🙁
I though Q1 vlan 3 was the native and as such untaged , that will make the answer C
@ Kaafi It would be 3 if it was a trunk port, but that is an access port.
Could someone please clear me why we configure same port as access and also trunk?
I am planning for the End of the Year.
Hello All,
I need your opinion on the CCIE exam
I think that I agree with the answer to question 2, but I don’t agree with the explanation.
I just tested with a 3560 and a 3750 running 12.2(55)SE9.
If the native VLAN was not allowed on the trunk, PC traffic from that VLAN would not cross the trunk. I didn’t matter if it was tagged or untagged, it just wouldn’t pass over the trunk.
However, CDP traffic still passed over the trunk on the native VLAN whether it was tagged or not.
So I think that I agree with the answer, because the trunk will allow VLAN 4-100, and it will allow CDP and such over VLAN 3. However PC VLAN traffic will not pass over the trunk, so it’s kind of a silly question.
SW1——SW2——–SW3
Q1)sw 1 and 3 has vlan 30 70,80,90 and sw 2 has vlan 80,90 will vlan 70 on sw1 be able to communicate with sw3.sw 2 is in Transparent mode SW1 and 3 is in server mode
Q2) If sw1 is in domain CISCO server mode with vlan 10,20,30 sw2 is in domain BYPASS server mode vlan 10,20 and sw3 is in domain CISCO server mode vlan 10,20,30.
will vlan 30 in sw1 able to reach vlan 30 in sw3
Please help
Sw1–SW2–SW3,
For Q1). vlan 70 on sw1 will NOT able to communicate with sw3. as there is no plan 70 in sw2, and the trunk interface in SW2 will not allow vlan 70.
For Q2). Answer is no, reason is the same as Q1. is Sw2 do not have vlan 30. the trunk interface will not allow vlan 30.
Guys,
Whoever is interested for ccie r&s study group, add me on the skype:ernesto.birneto
can anyone please let me know ….the link for ccie R&S written dumps …
Q2, please can someone clarify:
the exhibit for Fa0/1 shows “Administrative Native VLAN tagging: enabled” doesn’t this statement mean that port 2 will tag traffic native vlan? since it says it is enabled? And if the native vlan 3 is tagged and not in allowed vlan, then vlan 3 will not pass over the trunk?
Hi, everybody. I have question. 350-001 is an old exam. 400-101 is a new exam. Are questions and answers CCIE R&S v5 Written on the top of page 400-101 or no? Thanks.
Back to now prepare for CCIE written
same question as JKD bro.
Q2, please can someone clarify:
the exhibit for Fa0/1 shows “Administrative Native VLAN tagging: enabled” doesn’t this statement mean that port 2 will tag traffic native vlan? since it says it is enabled? And if the native vlan 3 is tagged and not in allowed vlan, then vlan 3 will not pass over the trunk?
for Q2
Administrative Mode: trunk
Operational Mode: trunk
for Q1
Administrative Mode: dynamic auto
Operational Mode: static access
Your answer is wrong for question 2. The reason why is because of the “Trunking VLANs Enabled: 4-100” command. If you then tag any traffic with VLAN 3 over the trunk, the frame will not be allowed to actually traverse the trunk. It’s one of the ways to secure a switch. Where you tag the native vlan with say 100, and then remove vlan 100 from the vlan allowed list on the trunk itself. This means any untagged frames will always be tagged with VLAN 100, but never be allowed to traverse the trunk.
I am also planning for CCIE written exam R&S tell me the latest dumps Version
@Allen-Why should PC be using native vlan in the first place?
The outcome of your findings is ok and normal.
However, the answer and explanation for Q2 is very sweet and correct.
All the best guy please come share with us the experience after writing.