switchport mode trunk
Configures a switch interface as a trunk port, allowing multiple VLANs to traverse the link.
Overview
The 'switchport mode trunk' command is used on Cisco Nexus switches to configure an interface as a trunk port. Trunk ports carry traffic for multiple VLANs by encapsulating Ethernet frames with IEEE 802.1Q tags, which identify the VLAN membership. This is essential for interconnecting switches, routers, and servers that need to handle multiple VLANs over a single physical link. On NX-OS, trunk ports are statically configured; dynamic trunking protocols like DTP are not supported. The command is typically followed by 'switchport trunk allowed vlan' to restrict which VLANs traverse the trunk, and 'switchport trunk native vlan' to specify the untagged VLAN (default 1). In troubleshooting workflows, verifying trunk status with 'show interface trunk' helps identify misconfigurations such as mismatched native VLANs or missing allowed VLANs. NX-OS also supports 'switchport mode trunk' on port-channels for link aggregation of trunk links.
switchport mode trunkWhen to Use This Command
- Connecting a Nexus switch to another switch to carry multiple VLANs across the link.
- Connecting a Nexus switch to a router on a stick (ROAS) for inter-VLAN routing.
- Connecting a Nexus switch to a server with a trunk interface for VLAN tagging.
- Configuring a trunk port between Nexus switches in a vPC pair.
Parameters
| Parameter | Syntax | Description |
|---|---|---|
| mode | switchport mode {access | trunk} | Sets the interface mode. 'trunk' enables trunking. 'access' sets the interface as an access port. |
Command Examples
Basic trunk configuration on Ethernet1/1
interface ethernet1/1
switchport mode trunkswitchport mode trunk switchport trunk allowed vlan 1-4094
The interface is set to trunk mode, and by default all VLANs are allowed.
Trunk with specific allowed VLANs
interface ethernet1/2
switchport mode trunk
switchport trunk allowed vlan 10,20,30-40switchport mode trunk switchport trunk allowed vlan 10,20,30-40
Only VLANs 10, 20, and 30-40 are allowed on this trunk.
Understanding the Output
The 'switchport mode trunk' command itself does not produce output; it is a configuration command. To verify trunk status, use 'show interface trunk' or 'show interface ethernet1/1 switchport'. The 'show interface trunk' output displays interfaces in trunk mode, the native VLAN, and allowed VLAN lists. Key fields include 'Port' (interface name), 'Mode' (trunk), 'Encapsulation' (802.1q), 'Status' (trunking), 'Native vlan' (default 1), and 'Allowed vlans' (list). A healthy trunk shows 'trunking' status and correct allowed VLANs. Problem values include 'not-trunk' (misconfiguration) or missing VLANs.
Configuration Scenarios
Basic Trunk Between Two Nexus Switches
Two Nexus switches (Nexus-A and Nexus-B) need to carry VLANs 10, 20, and 30.
Topology
Nexus-A Gi1/1 --- Nexus-B Gi1/1Steps
- 1.Configure interface on Nexus-A: interface ethernet1/1, switchport mode trunk, switchport trunk allowed vlan 10,20,30.
- 2.Configure interface on Nexus-B: interface ethernet1/1, switchport mode trunk, switchport trunk allowed vlan 10,20,30.
! Nexus-A interface ethernet1/1 switchport mode trunk switchport trunk allowed vlan 10,20,30 ! Nexus-B interface ethernet1/1 switchport mode trunk switchport trunk allowed vlan 10,20,30
Verify: Use 'show interface trunk' on both switches to verify trunk status and allowed VLANs.
Watch out: Ensure both sides have matching allowed VLAN lists and native VLAN (default 1).
Trunk to Router-on-a-Stick
A Nexus switch connects to a router for inter-VLAN routing. The router uses subinterfaces.
Topology
Nexus Gi1/1 --- Router Gi0/0Steps
- 1.On Nexus: interface ethernet1/1, switchport mode trunk, switchport trunk allowed vlan 10,20.
- 2.On Router: interface gi0/0.10, encapsulation dot1Q 10, ip address 10.0.10.1/24; interface gi0/0.20, encapsulation dot1Q 20, ip address 10.0.20.1/24.
! Nexus interface ethernet1/1 switchport mode trunk switchport trunk allowed vlan 10,20 ! Router interface gi0/0.10 encapsulation dot1Q 10 ip address 10.0.10.1 255.255.255.0 interface gi0/0.20 encapsulation dot1Q 20 ip address 10.0.20.1 255.255.255.0
Verify: Ping from a host in VLAN 10 to VLAN 20's gateway to test inter-VLAN routing.
Watch out: The router interface must be configured with no IP address on the physical interface, only on subinterfaces.
Troubleshooting with This Command
When troubleshooting trunk issues on Nexus switches, start with 'show interface trunk' to list all trunk interfaces and their status. If an interface is not listed, verify it is configured with 'switchport mode trunk'. Check the 'Status' column; it should show 'trunking'. If it shows 'not-trunking', the interface may be in access mode or administratively down. Use 'show interface ethernet1/1 switchport' to see detailed switchport configuration, including operational mode and allowed VLANs. Common issues include native VLAN mismatch; use 'show interface trunk' to see the native VLAN on each side. If traffic for a specific VLAN is not passing, verify that VLAN is in the allowed list with 'show interface trunk' or 'show running-config interface ethernet1/1'. Also ensure the VLAN exists in the VLAN database with 'show vlan'. On NX-OS, trunk ports do not participate in DTP, so both sides must be manually configured as trunk. If using a port-channel, verify the port-channel interface is also configured as trunk. Use 'show port-channel summary' to check member interfaces.
CCNA Exam Tips
Remember that 'switchport mode trunk' must be used before 'switchport trunk allowed vlan'.
On NX-OS, the default native VLAN is 1; changing it requires 'switchport trunk native vlan <vlan>'.
Know that 'switchport mode trunk' is not needed for dynamic protocols like DTP; NX-OS does not support DTP.
Common Mistakes
Forgetting to set the interface to trunk mode before configuring allowed VLANs, resulting in the command being rejected.
Assuming 'switchport mode trunk' automatically allows all VLANs; it does, but explicit allowed VLAN configuration is common.
Confusing trunk mode with access mode; trunk mode is for tagged traffic, access mode for untagged.
Platform Notes
On Cisco NX-OS, the 'switchport mode trunk' command behaves similarly to Cisco IOS, but with key differences: NX-OS does not support Dynamic Trunking Protocol (DTP); all trunk ports must be statically configured. The default native VLAN is 1, and the default allowed VLAN list is all VLANs (1-4094). On IOS, 'switchport mode trunk' implicitly enables trunking, but on NX-OS, it is explicit. The 'switchport trunk encapsulation' command is not available on NX-OS because only 802.1Q is supported. For equivalent commands on other platforms: on Juniper JunOS, use 'set interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode trunk'; on Arista EOS, use 'switchport mode trunk' similar to NX-OS. NX-OS version differences: earlier versions (e.g., 5.x) had slightly different output formatting, but the command syntax remains consistent.
Practice for the CCNA 200-301
Test your knowledge with hundreds of CCNA practice questions covering all exam domains.
Practice CCNA Questions