EtherChannel Trunk Native VLAN Mismatch Between Ends
Presenting Symptom
Hosts in the same VLAN cannot communicate across an EtherChannel trunk, and the trunk is not forwarding traffic for some VLANs.
Network Context
A small enterprise campus network with two Cisco Catalyst 2960 switches connected via a 2-port EtherChannel trunk configured as a trunk. Both switches run IOS 15.x. The EtherChannel is configured with trunk mode and native VLAN 99. The problem occurs after a recent configuration change on one switch.
Diagnostic Steps
Check EtherChannel status and trunk configuration
show etherchannel summaryFlags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
M - not in use, minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+-------------+-----------+----------------------------------------------
1 Po1(SU) LACP Gi0/1(P) Gi0/2(P)The EtherChannel is up (SU) and both ports are bundled (P). This indicates the channel itself is operational at Layer 1/2, but does not confirm VLAN or native VLAN consistency.
Verify trunk status and allowed VLANs
show interfaces trunkPort Mode Encapsulation Status Native vlan Po1 on 802.1q trunking 99 Port Vlans allowed on trunk Po1 1-1005 Port Vlans allowed and active in management domain Po1 1,10,20,30,99 Port Vlans in spanning tree forwarding state and not pruned Po1 1,10,20,30,99
The trunk is up and native VLAN is 99. However, this only shows the local switch configuration. The problem may be a mismatch if the remote switch has a different native VLAN.
Check native VLAN on the remote switch
show interfaces trunk (on the other switch)Port Mode Encapsulation Status Native vlan Po1 on 802.1q trunking 100 Port Vlans allowed on trunk Po1 1-1005 Port Vlans allowed and active in management domain Po1 1,10,20,30,100 Port Vlans in spanning tree forwarding state and not pruned Po1 1,10,20,30,100
The remote switch shows native VLAN 100, while the local switch shows native VLAN 99. This mismatch causes CDP/VTP/STP frames (untagged) to be placed in different VLANs, leading to connectivity issues for native VLAN traffic and potential spanning tree problems.
Verify CDP neighbor details to confirm mismatch
show cdp neighbors port-channel 1 detail------------------------- Device ID: SW2 Entry address(es): IP address: 192.168.1.2 Platform: cisco WS-C2960-24TT-L, Capabilities: Switch IGMP Interface: Port-channel1, Port ID (outgoing port): Port-channel1 Holdtime : 122 sec Version : Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 15.0(2)SE, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2013 by Cisco Systems, Inc. Compiled Sat 27-Jul-13 02:16 by prod_rel_team advertisement version: 2 Native VLAN: 100 Duplex: full
CDP reports the remote switch's native VLAN as 100. This confirms the native VLAN mismatch between the two ends of the EtherChannel trunk.
Root Cause
The native VLAN is configured as 99 on the local switch and 100 on the remote switch for the same EtherChannel trunk. This mismatch causes untagged frames (such as CDP, VTP, STP BPDUs) to be placed in different VLANs on each switch, disrupting communication for the native VLAN and potentially causing spanning tree loops or port blocking.
Resolution
Verification
Run the following commands on both switches to confirm the native VLAN now matches: ``` show interfaces trunk ``` Expected output on both switches: ``` Port Mode Encapsulation Status Native vlan Po1 on 802.1q trunking 99 ``` Also verify CDP shows the same native VLAN: ``` show cdp neighbors port-channel 1 detail ``` Expected output: Native VLAN: 99 on both sides.
Prevention
1. Always configure native VLAN explicitly on both ends of a trunk and ensure they match. 2. Use a dedicated, unused VLAN for native VLAN (e.g., VLAN 999) to avoid conflicts with data VLANs. 3. Implement configuration templates or automation to enforce consistency across switches.
CCNA Exam Relevance
On the CCNA 200-301 exam, this scenario appears in troubleshooting questions where you must identify why hosts in the same VLAN cannot communicate across a trunk. The exam tests your ability to use 'show interfaces trunk' and 'show cdp neighbors detail' to identify native VLAN mismatch. Key fact: A native VLAN mismatch causes untagged frames to be placed in different VLANs, breaking connectivity for the native VLAN and potentially causing STP issues.
Exam Tips
Memorize that 'show interfaces trunk' displays the native VLAN; compare output on both ends to detect mismatch.
Remember that CDP advertises the native VLAN; use 'show cdp neighbors detail' to quickly check the remote switch's native VLAN without logging in.
Understand that a native VLAN mismatch does not bring down the trunk itself, but disrupts traffic for the native VLAN and control protocols like CDP, VTP, and STP.
Commands Used in This Scenario
show cdp neighbors detail
Displays detailed information about directly connected Cisco devices discovered via CDP, including IP addresses, IOS version, platform, and interface details, useful for verifying neighbor relationships and troubleshooting Layer 2 connectivity.
show etherchannel summary
Displays the status and configuration of all EtherChannel interfaces on the switch, used to verify channel bundling, port membership, and protocol state.
show interfaces trunk
Displays trunk interface status, allowed VLANs, and pruning information for all trunk ports on a Cisco switch, used to verify trunking configuration and VLAN membership.
Test Your CCNA Knowledge
Practice with scenario-based questions to prepare for the CCNA 200-301 exam.
Practice CCNA Questions