Troubleshooting VLAN and Trunk Issues

VLAN and trunking issues can cause communication failures between devices in different VLANs. Below is a step-by-step guide to diagnose and resolve VLAN and trunking problems.

1. Check VLAN Configuration

Issue: Devices in the same VLAN cannot communicate.

Solution:

Verify the VLAN exists on the switch:bashCopyEditshow vlan brief
If the VLAN is missing, create it:bashCopyEditconfigure terminal vlan 10 name Sales exit
Ensure the ports are assigned to the correct VLAN:bashCopyEditshow interfaces GigabitEthernet0/1 switchport
- If needed, assign the correct VLAN:bashCopyEditinterface GigabitEthernet0/1 switchport mode access switchport access vlan 10
If the device still cannot communicate, check if the VLAN is allowed on the trunk.

2. Verify Trunk Links

Issue: Devices in different VLANs cannot communicate across switches.

Solution:

Check if the port is in trunk mode:bashCopyEditshow interfaces trunk
- If the port is missing, it is not operating as a trunk.
Enable trunk mode manually:bashCopyEditinterface GigabitEthernet0/1 switchport mode trunk
Check if VLANs are allowed on the trunk:bashCopyEditshow interfaces trunk
- If VLANs are missing, allow them manually:bashCopyEditinterface GigabitEthernet0/1 switchport trunk allowed vlan 10,20,30

3. Check Native VLAN Mismatch

Issue: Trunk is up, but VLAN traffic is not passing correctly.

Solution:

Verify native VLANs on both ends of the trunk:bashCopyEditshow interfaces trunk
- If one switch has VLAN 1 as native and another has VLAN 99, packets may be dropped.
Fix the mismatch by setting the same native VLAN on both switches:bashCopyEditinterface GigabitEthernet0/1 switchport trunk native vlan 99

4. Check Spanning Tree (STP) Blocking

Issue: Some VLANs work, others don’t.

Solution:

Check if STP is blocking the trunk port:bashCopyEditshow spanning-tree interface GigabitEthernet0/1
If a port is in blocking mode, try:bashCopyEditshow spanning-tree vlan 10
- If STP is incorrectly blocking the trunk, consider changing the STP priority:bashCopyEditspanning-tree vlan 10 priority 4096
- If needed, manually enable the port:bashCopyEditinterface GigabitEthernet0/1 no shutdown

5. Check Inter-VLAN Routing Issues

Issue: Devices in different VLANs cannot communicate.

Solution:

If VLANs need to communicate, a router or Layer 3 switch is required.
Verify if SVIs (Switched Virtual Interfaces) are configured:bashCopyEditshow ip interface brief
If missing, create an SVI for each VLAN:bashCopyEditinterface vlan 10 ip address 192.168.10.1 255.255.255.0 no shutdown
Ensure the default gateway is set on end devices:
- If VLAN 10 uses 192.168.10.1, set this as the gateway.

6. Check VTP Configuration

Issue: VLANs are not propagating between switches.

Solution:

Verify VTP mode:bashCopyEditshow vtp status
- Ensure one switch is in VTP Server mode and others are in VTP Client mode.
If VLANs are not syncing, try resetting the VTP revision number:bashCopyEditvtp mode transparent vtp mode client

7. Check for DTP Issues (If Trunk is Not Forming)

Issue: Trunk mode is not working.

Solution:

Verify the DTP mode on both ends:bashCopyEditshow interfaces switchport
If both ports are dynamic auto, no trunk will form. Change one side to dynamic desirable:bashCopyEditinterface GigabitEthernet0/1 switchport mode dynamic desirable
If connecting to a non-Cisco switch, disable DTP:bashCopyEditswitchport mode trunk switchport nonegotiate

8. Restart the Trunking Process (Last Resort)

If all configurations are correct but the VLAN is still not passing traffic, restart the trunk port:

interface GigabitEthernet0/1
  shutdown
  no shutdown

Summary of Key Troubleshooting Commands

Command	Purpose
`show vlan brief`	Checks if VLANs exist on the switch.
`show interfaces trunk`	Verifies which ports are in trunk mode.
`show interfaces switchport`	Displays VLAN and trunk settings on an interface.
`show spanning-tree interface Gi0/1`	Checks if STP is blocking the port.
`show vtp status`	Confirms VTP domain, mode, and VLAN propagation.
`show ip interface brief`	Verifies if SVI (inter-VLAN routing) is configured.
`show cdp neighbors`	Confirms if the switch is connected to the expected devices.

Best Practices to Avoid VLAN and Trunk Issues

✅ Manually configure trunk ports (switchport mode trunk).
✅ Disable DTP (switchport nonegotiate) unless auto-negotiation is needed.
✅ Ensure native VLANs match on both ends of a trunk.
✅ Use show interfaces trunk to verify allowed VLANs.
✅ Check STP (show spanning-tree) to prevent VLAN blocking.

Troubleshooting VLAN and Trunk Issues

1. Check VLAN Configuration

Issue: Devices in the same VLAN cannot communicate.

Solution:

2. Verify Trunk Links

Issue: Devices in different VLANs cannot communicate across switches.

Solution:

3. Check Native VLAN Mismatch

Issue: Trunk is up, but VLAN traffic is not passing correctly.

Solution:

4. Check Spanning Tree (STP) Blocking

Issue: Some VLANs work, others don’t.

Solution:

5. Check Inter-VLAN Routing Issues

Issue: Devices in different VLANs cannot communicate.

Solution:

6. Check VTP Configuration

Issue: VLANs are not propagating between switches.

Solution:

7. Check for DTP Issues (If Trunk is Not Forming)

Issue: Trunk mode is not working.

Solution:

8. Restart the Trunking Process (Last Resort)

Summary of Key Troubleshooting Commands

Best Practices to Avoid VLAN and Trunk Issues

Share this:

Comments

Leave a comment Cancel reply

More posts

🚀 How to Install Docker on Ubuntu Server (Step-by-Step Guide)

Microsoft Releases Emergency OOB Update to Fix Outlook Freezes

Hashing & Data integrity

🔐 SSH Configuration with RADIUS Authentication (Cisco)