What is trunk port? How to use them on switches?

In this example, we will use 2 different switches, 2 different VLANs (VLAN 10 and VLAN 20). On each switches there will be a “trunk port” to carry all VLAN related data through 802.1Q protocol. Trunk ports are capable of carrying multiple VLAN data through the network.

First, we will use 4 clients which are belong to 2 different VLANs and connected to 2 different switches. Then we will define our VLANs with their properties (interface IP address, subnet mask, VLAN ID etc.).

Second, we should define physical gigabitethernet ports as trunk ports to carry multiple VLAN data through the network. So all VLAN information and databases will be carried through this single port.

Here below you can find the configuration of trunk ports on both switches,

FOR SWITCH1;

Switch>en
Switch#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#hostname SW1
SW1(config)#vlan 10
SW1(config-vlan)#vlan 20
SW1(config-vlan)#exit
SW1(config)#interface vlan 10
SW1(config-if)#
%LINK-5-CHANGED: Interface Vlan10, changed state to up

SW1(config-if)#ip address 192.168.1.1 255.255.255.0
SW1(config-if)#no shutdown
SW1(config-if)#exit
SW1(config)#interface vlan 20
SW1(config-if)#
%LINK-5-CHANGED: Interface Vlan20, changed state to up

SW1(config-if)#ip address 192.168.2.1 255.255.255.0
SW1(config-if)#no shutdown
SW1(config-if)#exit
SW1(config)#do wr
Building configuration...
Compressed configuration from 7383 bytes to 3601 bytes[OK]
[OK]
SW1(config)#interface g1/0/1
SW1(config-if)#switchport mode trunk

SW1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/1, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/1, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up

SW1(config-if)#no shutdown
SW1(config-if)#exit
SW1(config)#do wr
Building configuration...
Compressed configuration from 7383 bytes to 3601 bytes[OK]
[OK]

SW1(config)#interface g1/0/2
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 10
SW1(config-if)#no shutdown
SW1(config-if)#exit
SW1(config)#interface g1/0/3
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 10
SW1(config-if)#no shutdown
SW1(config-if)#exit
SW1(config)#do wr
Building configuration...
Compressed configuration from 7383 bytes to 3601 bytes[OK]
[OK]
SW1(config)#

FOR SWITCH2, we will only create VLAN names (IDs) as in the example below, all other VLAN data will be coming from trunk port.

Switch>en
Switch#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#hostname SW2
SW2(config)#vlan 10
SW2(config-vlan)#vlan 20
SW2(config-vlan)#exit
SW2(config)#interface g1/0/1
SW2(config-if)#switchport mode trunk
SW2(config-if)#no shutdown
SW2(config-if)#exit
SW2(config)#interface g1/0/2
SW2(config-if)#switchport mode access
SW2(config-if)#switchport access vlan 20
SW2(config-if)#no shutdown
SW2(config-if)#exit
SW2(config)#interface g1/0/3
SW2(config-if)#switchport mode access
SW2(config-if)#switchport access vlan 20
SW2(config-if)#no shutdown
SW2(config-if)#exit
SW2(config)#do wr
Building configuration...
Compressed configuration from 7383 bytes to 3601 bytes[OK]
[OK]
SW2(config)#
SW2#

IMPORTANT NOTE : as default, VLANs cannot communicate each other. If you would like to enable Inter-VLAN communication; you should enable “ip routing” command. By this way, all your VLANs can talk to each other without any restrictions. If you want to set some rules for VLAN traffic, you may use ACL or Extended ACLs to prevent incoming or outgoing traffic from a specific IP or Port. Also there are another methods known as ROAS (Router on a stick). With ROAS you may define all rules on the router like a firewall.

Back To Top
error: Content is protected !!