Filter
Top Products
12-3
Catalyst 2960 and 2960-S Switch Software Configuration Guide
OL-8603-09
Chapter 12 Configuring Interface Characteristics
Understanding Interface Types
Note When you change a Layer 3 interface into Layer 2 mode, the configuration information related to the
affected interface might be lost, and the interface is returned to its default configuration.
For detailed information about configuring access port and trunk port characteristics, see Chapter 13,
“Configuring VLANs.”
Access Ports
An access port belongs to and carries the traffic of only one VLAN (unless it is configured as a voice
VLAN port). Traffic is received and sent in native formats with no VLAN tagging. Traffic arriving on
an access port is assumed to belong to the VLAN assigned to the port.
If an access port receives an 802.1Q tagged packet, the packet is dropped, and the source address is not
learned.
Supported access ports:
• Static access ports are manually assigned to a VLAN (or through a RADIUS server for use with
IEEE 802.1x). For more information, see the “802.1x Authentication with VLAN Assignment”
section on page 10-19.
• VLAN membership of dynamic access ports is learned through incoming packets. By default, a
dynamic access port is not a member of any VLAN. Traffic forwarding to and from the port is
enabled only when the port VLAN membership is discovered. Dynamic access ports on the switch
are assigned to a VLAN by a VLAN Membership Policy Server (VMPS). The VMPS can be a
Catalyst 6500 series switch. The Catalyst 2960 or 2960-S switch cannot be a VMPS server.
You can also configure an access port with an attached Cisco IP Phone to use one VLAN for voice traffic
and another VLAN for data traffic from a device attached to the phone. For more information about voice
VLAN ports, see Chapter 15, “Configuring Voice VLAN.”
Trunk Ports
A trunk port carries the traffic of multiple VLANs and by default is a member of all VLANs in the VLAN
database.
The switch supports only 802.1Q trunk ports. An 802.1Q trunk port supports simultaneous tagged and
untagged traffic. The trunk port is assigned a default port VLAN ID (PVID), and all untagged traffic
travels on the port default PVID. All untagged traffic and tagged traffic with a NULL VLAN ID belong
to the port default PVID. A packet with a VLAN ID equal to the outgoing port default PVID is sent
untagged. All other traffic is sent with a VLAN tag.
Although by default, a trunk port is a member of every VLAN known to the VTP, you can limit VLAN
membership by configuring an allowed list of VLANs for each trunk port. The list of allowed VLANs
affects only the associated trunk port. By default, all possible VLANs (VLAN ID 1 to 4094) are in the
allowed list. A trunk port can become a member of a VLAN only if VTP knows of the VLAN and if the
VLAN is enabled. If VTP learns of a new, enabled VLAN and the VLAN is in the allowed list, the trunk
port automatically becomes a member of that VLAN. Traffic is forwarded to and from the trunk port for
that VLAN. If VTP learns of an enabled VLAN that is not in the allowed list for a trunk port, the port
does not become a member of the VLAN, and traffic for the VLAN is not forwarded to or from the port.
For more information about trunk ports, see Chapter 13, “Configuring VLANs.”