There are two types of trunks used by Cisco and you will see on the CCNA exam. The most common these days is the IEEE 802.1Q, but older deployments and some networks also use Cisco’s proprietary Inter-Switch Link (ISL). However, ISL is not covered anymore in the CCNA course so I will cover only the basic information about it. Regardless of the type of trunk type used, trunks can be used only with Fast and Gigabit Ethernet interfaces.

Inter-Switch Link (ISL)

ISL is Cisco’s proprietary protocol used to create VLANs in a network. ISL is functioning at the Data-Link layer of the OSI model (layer 2). The size of the encapsulated ISL frames is starting from 94 bytes and can increase up to 1548 due to the additional fields the protocol creates during the encapsulation. The VLAN ID is a 15-bit value found in a 26-byte header of the frame. ISL also adds a 4-byte CRC in the frame for error correction and control.

IEEE 802.1Q

Today’s standard in trunking is 802.1Q. To better understand how other switches in the network are able to identify a frame belonging to a VLAN, you must know what does the first switch with that frame.

When a switch receives a frame on a port configured in access mode with a static VLAN, it takes that frame and inserts a VLAN tag, recalculates the FCS, and sends the frame out through the trunking port. The VLAN tag field contains an Ethertype field, a Tag control information field, and the FCS field. By convention, Ethertype is set to the value of 0x8100. Tag control information field contains 3 bits of user priority, 1 bit of canonical Format Identifier (used to transport Token Ring frames across Ethernet links) and 12 bits of VLAN ID (VID).

Trunking ports support the transmission of tagged frames as well as untagged frames through the interface.
Some devices are sending by default are tagging the VLAN traffic. If such traffic arrives in a native VLAN interface, the switch will drop the frame. The traffic sent to a native VLAN interface should always be untagged. The only solution for this problem if you need that switch port to be configured as native is to configure the other devices to send the traffic untagged.

Untagged Frames arriving to the switch are automatically forwarded to the native VLAN. The default native VLAN is 1, but when you configure an 802.1Q trunk port, you can specify another VLAN as native. When you configure this, a default Port VLAN ID (PVID) is assigned to the interface. For example, if you create the native VLAN 20, the PVID will also 20. To enable a port in trunking mode, you can use the switchport mode trunk interface configuration command. To specify a VLAN as a native VLAN use switchport trunk native vlan vlan-id. You can also check the status of the interface with show interfaces interface switchport.

Switch(config-if)#switchport mode trunk
Switch(config-if)#switchport trunk native vlan 20
Switch#show interfaces Fa0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 50
Trunking Native Mode VLAN: 20 (VLAN0020)
Administrative Native VLAN tagging: enabled
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Trunking VLANs Enabled: ALL

In many real-world scenarios, you may get a lot of VLANs on a single interface. Removing them one by one will be a time-consuming job. To accomplish this task faster use the no switchport trunk allow vlan (remove all VLANs configured on the trunk interface), no switchport trunk native vlan (resets the native VLAN back to 1), switchport mode access (puts the switch port back to access mode).

Trunking can cause a lot of headaches for network administrators. Problems can appear from different causes. Most common cases are when the Native VLAN mismatches, the trunk mode mismatches, the allowed VLAN list configured on trunk ports are not configured correctly or the IP addresses of the devices at both ends of the link are not configured correctly.

If the Native VLAN mismatches, the solution is to reconfigure the native VLAN correctly on the switch. You can then test the connectivity of the ends with the ping command.

Cisco uses its proprietary protocol, Dynamic Trunking Protocol (DTP) to negotiate the trunk links between the switches configured to support VLANs. If you forgot to enable the trunking port on at least one device, they will both negotiate in access mode. To solve this issue, use the switchport mode trunk interface configuration command on one switch. The other will re-negotiate the parameters and will discover that the connecting port is a trunk port. To check if a switch port is in trunk port, use the command show interfaces interface switchport and look for the line beginning with Administrative Mode. The Administrative Mode should be trunk.

Switch#show interfaces Fa0/1 switchport
Name: Fa0/1
Switchport:P Enabled
Administrative Mode: trunk

On a trunk port, you must configure what VLANs are allowed. The command used is switchport access trunk allowed vlan add vlan-id. If you forgot to add a VLAN to the trunk port, the frames from that VLAN will be discarded by the switch. First of all, you must check what VLANs are allowed with show interfaces trunk. If your VLAN is not in the list associated with the desired interface you must add it.

Switch#show interfaces trunk
Port   Mode  Encapsulation  Status    Native vlan
Fa0/1  on    802.1q         trunking  20
Port Vlans allowed on trunk
Fa0/1  10,20

In this example, the switch knows that in should receive frames for VLANs 10 and 20 on the FastEther0/1 interface. If the switch is the final destination of the packet, that’s correct. But if the device that should receive the packet is connected in FastEthernet0/2, this is not. You must also add the desired VLANs to the Fa0/2 interface.

Switch(config)#interface Fa0/2
Switch(config-if)#switchport trunk allowed vlan 10,20
Switch#show interfaces trunk
Port   Mode  Encapsulation  Status    Native vlan
Fa0/1  on    802.1q         trunking  20
Fa0/2  on    802.1q         trunking  20
Port Vlans allowed on trunk
Fa0/1  10,20
Fa0/2  10,20

Now you can check both ends of the link with the ping command and everything should be just fine.

It is crucial in your preparation for Cisco’s CCNA certification to understand how trunking works and how to troubleshoot it. We make our best to explain to you these CCNA concepts in the simplest terms possible and give you examples for an easier understanding.