Highlighted
pzero
Silver

VLAN support: trunk mode vs general mode

Jump to solution

Hi,

Can anyone outline the difference between the trunk mode and general mode for VLAN support and the pros/cons of each mode?

We have two PowerConnect 6248 switches interconnected with a LAG (2 x 10GbE) and we need to VLAN support for the LAG between the two switches and also a couple of other LAGs (2 x 1GbE) to older PowerConnect 5324 switches.

We have about 10 different VLANs.

We're not sure if we should use trunk mode or general mode for the LAGs.

Thanks.

0 Kudos
9 Replies
bh1633
Gold

Re: VLAN support: trunk mode vs general mode

Jump to solution

62xx,8xxx,M6xxx,M8xxx:

Trunk: all vlans tagged, no native (untagged) vlans, vlan 1 not allowed

General: can choose multiple tagged and untagged vlans, pvid allow classification of untagged vlans, default is untagged

5324, M5316, 54xx, 35xx, 33xx:

Trunk: native vlan allows one untagged vlan, all other vlans tagged

General: can choose multiple tagged and untagged vlans, pvid allow classification of untagged vlans, default is tagged

I always use general mode on PowerConnect because it is the most flexible.  The default difference (tagged/untagged) between the different models can be confusing when comparing configurations produced from a "show running-config" though.

 

 

0 Kudos
pzero
Silver

Re: VLAN support: trunk mode vs general mode

Jump to solution

62xx,8xxx,M6xxx,M8xxx:

Trunk: all vlans tagged, no native (untagged) vlans, vlan 1 not allowed

General: can choose multiple tagged and untagged vlans, pvid allow classification of untagged vlans, default is untagged

Thanks for the information, but it looks like it needs an update: trunk mode will also allow VLAN 1.

E.g. traffic for VLAN 1 seems to be able to pass just fine through the LAG connecting two PowerConnect 6248 switches with firmware version 3.2.0.7 with the following config:

interface port-channel 1

switchport mode trunk

switchport trunk allowed vlan add 1

Is that a feature of the new firmware version?

Thanks.

0 Kudos
bh1633
Gold

Re: VLAN support: trunk mode vs general mode

Jump to solution

I mis-remembered.  I did some testing with vlan 1 a while back.  The results are below.   The problem is vlan 1 is handled differently between PowerConnect models and also differently from Cisco.  My suggestion is stil to use general mode.

PowerConnect 62xx,8xxx,M6xxx,M8xxx:

  • “switchport trunk native vlan xxx” – command not available
  • Vlan 1
    • “switch trunk allowed vlan add 1” – allowed
    • vlan 1 egress traffic is always tagged
    • tagged vlan 1 ingress traffic is accepted if vlan 1 is in trunk
    • untagged ingress traffic is dropped

 

PowerConnect 33xx, 34xx, 35xx, 53xx, 54xx, 60xx

  • “switchport trunk native vlan xxx” – available
  • Vlan 1
    • “switch trunk allowed vlan add 1” – not allowed
    • vlan 1 egress traffic is always untagged, can not be tagged
    • tagged vlan 1 ingress traffic is always dropped
    • untagged ingress traffic is put in native vlan

 

Cisco

  • “switchport trunk native vlan xxx” – available
  • Vlan 1
    • “switch trunk allowed vlan add 1” – allowed
    • vlan 1 egress traffic is untagged if native, tagged if in trunk
    • untagged ingress traffic is put in native vlan
    • tagged vlan 1 ingress traffic is dropped if native vlan, accepted if in trunk
0 Kudos
peterhd
Bronze

Re: VLAN support: trunk mode vs general mode

Jump to solution

Just one comment - native (untagged) vlans on  trunks are the common source of misconfigurations, loops and also serious security issue (vlan hopping attack).

Thus for switch-to-switch interconnections I'd strongly recommend using 'switchport mode trunk' which on 62xx enforces tagging for all vlans and disallows the user to configure any untagged vlan.

0 Kudos
pzero
Silver

Re: VLAN support: trunk mode vs general mode

Jump to solution

I think I'll use the trunk mode instead of general mode for the interconnection between the two PC6248 switches.

But since we still have some legacy equipment on VLAN 1 and we need to interconnect the newer PC6248 switch with an older PC5324 switch, it looks like we're forced to use the general mode for that interconnection, since the trunk mode for the PC6248 will tag VLAN 1 packets, while the same mode on the PC5324 won't, correct?

Or is there a way to force the PC5324 to also tag VLAN 1 packets?

Thanks.

0 Kudos
peterhd
Bronze

Re: VLAN support: trunk mode vs general mode

Jump to solution

There is a chance that 5324 just blocks vlan 1 because it's the native vlan by default and the same vlan couldn't be both tagged and untagged. Try creating some dummy vlan (e.g. vlan 4000) and then assign it as native to your interconnection:

 

interface xy

switchport mode trunk

switchport trunk native vlan 4000

switchport trunk allowed vlan add 1

 

If this succeeds, you'll have tagged vlan 1 also on 5324.

 

0 Kudos
popo1970
Bronze

Re: VLAN support: trunk mode vs general mode

Jump to solution

 

I don't understand at all diffrence between general i trunk mode. I have pc 6248, 1/g10 is in general mode, i set few vlans as untagged. What happend when untagged frame will enter the port ? what vlan will be associate to this frame ? Could You explain ?

thank You

Popo

 

#show interfaces switchport ethernet 1/g10      

Port: 1/g10
VLAN Membership mode:General Mode

Operating parameters:
PVID: 1      
Ingress Filtering: Enabled    
Acceptable Frame Type: Admit All   
Default Priority: 0           
GVRP statusSmiley Very Happyisabled
ProtectedSmiley Very Happyisabled

Port 1/g10 is member in:

VLAN    Name                              Egress rule   Type
----    --------------------------------- -----------   --------
1       Default                           Untagged      Default 
58                                        Untagged      Static  
59                                        Untagged      Static  
60                                        Untagged      Static  

                    


Static configuration:
PVID: 1      
Ingress Filtering: Enabled    
Acceptable Frame Type: Admit All   

Port 1/g10 is statically configured to:

VLAN    Name                              Egress rule
----    --------------------------------- -----------
58                                        Untagged 
59                                        Untagged 
60                                        Untagged

 

bh1633
Gold

Re: VLAN support: trunk mode vs general mode

Jump to solution

on 6200:

Trunk mode- all traffic is transmitted with a vlan tag in the selected vlans.  All incoming traffic must be tagged in the selected vlans or it is dropped.

General mode is much more flexible:  At its simplest, general mode ports can transmit tagged or untagged packets in the selected vlans.  Incoming traffic can be tagged or untagged. The PVID sets the vlan of incoming untagged packets.  You may also classify incoming traffic wiith MAC/IP association.

In your example, the PVID is 1, so untagged traffic will be switched in vlan 1.

0 Kudos
Tonkie67
Copper

Re: VLAN support: trunk mode vs general mode

Jump to solution

Although late reaction, someone else might be helped with the answer/extra information:

For the above described situation you could use both trunk as general mode: in both cases you can define which traffic (VLAN's) are allowed on the link and in both cases you can include VLAN1 as allowed traffix.

When you connect to a Cisco switch that has a trunk configured to your Dell 62xx, M6xxx or M8xxx you will need the general mode as on a Cisco trunk the native VLAN (often Vlan1 but can be another one) is UNtagged.

Because the Dell switches in trunk mode expect all traffic (ingress) to be tagged and sends all outgoing (egress) tagged the traffic to/from native VLAN configured on the Cisco switch won't be recognized by the Dell switch and this can result in STP topology changes and thus flapping interfaces.

So when you connect your Dell switch to a Cisco switch with more then one VLAN of traffic on it use the general mode on the Dell switch as explained above.

0 Kudos