Trunking Administrative Modes
- Switchport mode access – Which prevents the interface from trunking, this interface would always act as an access port.
- Switchport mode trunk – Which puts the interface in trunking
- Switchport mode dynamic auto – The interface waits to receive a trunk negotiation message, at which point the switch would respond and negotiate whether to use trunking. If so which type of trunking.
- Switchport mode dynamic desirable – Initiates negotiation messages and responds to negotiation messages to dynamically choose whether to start using trunking. This also decides which type of trunking to use.
The best security practice I always use is hard code these interface (either access or trunk), there is no need for these to negotiate trunking behaviors. If somebody plugged in a switch or used a tool to trick the switch in believing it is a trunk port they now can listen to all traffic in your network! That is really it for the different types of trunking modes, if I have two switches together and both of them are in dynamic auto, what would the interface operational mode be? Would it be a Trunk or an access? The answer would be an access, because of they are both waiting for a trunk negotiation message. I hope this information is helpful and if you have a question post it below also see if you can figure out if the interface would be trunking or if it would be in an access port.
- Access + Access =?
- Trunk + Auto =?
- Trunk + Trunk =?
- Auto + Auto =?
- Desirable + Auto =?
- Access + Desirable =?
- Desirable + Trunk =?
- Desirable + Desirable=?
- Access + Trunk =?
- Access + Auto =?
- Trunk + Access =?
Related articles
- Configure Router on a Stick (lewiryan.github.io/ciscoskills)
- VLAN Trunking Methods (learnnetworkingwithme.wordpress.com)
- Nexus 1000v - DMZ Private VLAN config example (datacenterhawk.wordpress.com)
- Nicira Open vSwitch inside vSphere/ESX (ioshints.info)