VLAN support: trunk mode vs general mode

Network Switches

Network Switches
Information and ideas on Dell PowerConnect network switch solutions.

VLAN support: trunk mode vs general mode

This question is not answered

Hi,

Can anyone outline the difference between the trunk mode and general mode for VLAN support and the pros/cons of each mode?

We have two PowerConnect 6248 switches interconnected with a LAG (2 x 10GbE) and we need to VLAN support for the LAG between the two switches and also a couple of other LAGs (2 x 1GbE) to older PowerConnect 5324 switches.

We have about 10 different VLANs.

We're not sure if we should use trunk mode or general mode for the LAGs.

Thanks.

All Replies
  • 62xx,8xxx,M6xxx,M8xxx:

    Trunk: all vlans tagged, no native (untagged) vlans, vlan 1 not allowed

    General: can choose multiple tagged and untagged vlans, pvid allow classification of untagged vlans, default is untagged

    5324, M5316, 54xx, 35xx, 33xx:

    Trunk: native vlan allows one untagged vlan, all other vlans tagged

    General: can choose multiple tagged and untagged vlans, pvid allow classification of untagged vlans, default is tagged

    I always use general mode on PowerConnect because it is the most flexible.  The default difference (tagged/untagged) between the different models can be confusing when comparing configurations produced from a "show running-config" though.

     

     

  • bh1633

    62xx,8xxx,M6xxx,M8xxx:

    Trunk: all vlans tagged, no native (untagged) vlans, vlan 1 not allowed

    General: can choose multiple tagged and untagged vlans, pvid allow classification of untagged vlans, default is untagged

    Thanks for the information, but it looks like it needs an update: trunk mode will also allow VLAN 1.

    E.g. traffic for VLAN 1 seems to be able to pass just fine through the LAG connecting two PowerConnect 6248 switches with firmware version 3.2.0.7 with the following config:

    interface port-channel 1

    switchport mode trunk

    switchport trunk allowed vlan add 1

    Is that a feature of the new firmware version?

    Thanks.

  • I mis-remembered.  I did some testing with vlan 1 a while back.  The results are below.   The problem is vlan 1 is handled differently between PowerConnect models and also differently from Cisco.  My suggestion is stil to use general mode.

    PowerConnect 62xx,8xxx,M6xxx,M8xxx:

    • “switchport trunk native vlan xxx” – command not available
    • Vlan 1
      • “switch trunk allowed vlan add 1” – allowed
      • vlan 1 egress traffic is always tagged
      • tagged vlan 1 ingress traffic is accepted if vlan 1 is in trunk
      • untagged ingress traffic is dropped

     

    PowerConnect 33xx, 34xx, 35xx, 53xx, 54xx, 60xx

    • “switchport trunk native vlan xxx” – available
    • Vlan 1
      • “switch trunk allowed vlan add 1” – not allowed
      • vlan 1 egress traffic is always untagged, can not be tagged
      • tagged vlan 1 ingress traffic is always dropped
      • untagged ingress traffic is put in native vlan

     

    Cisco

    • “switchport trunk native vlan xxx” – available
    • Vlan 1
      • “switch trunk allowed vlan add 1” – allowed
      • vlan 1 egress traffic is untagged if native, tagged if in trunk
      • untagged ingress traffic is put in native vlan
      • tagged vlan 1 ingress traffic is dropped if native vlan, accepted if in trunk
  • Just one comment - native (untagged) vlans on  trunks are the common source of misconfigurations, loops and also serious security issue (vlan hopping attack).

    Thus for switch-to-switch interconnections I'd strongly recommend using 'switchport mode trunk' which on 62xx enforces tagging for all vlans and disallows the user to configure any untagged vlan.

  • I think I'll use the trunk mode instead of general mode for the interconnection between the two PC6248 switches.

    But since we still have some legacy equipment on VLAN 1 and we need to interconnect the newer PC6248 switch with an older PC5324 switch, it looks like we're forced to use the general mode for that interconnection, since the trunk mode for the PC6248 will tag VLAN 1 packets, while the same mode on the PC5324 won't, correct?

    Or is there a way to force the PC5324 to also tag VLAN 1 packets?

    Thanks.

  • There is a chance that 5324 just blocks vlan 1 because it's the native vlan by default and the same vlan couldn't be both tagged and untagged. Try creating some dummy vlan (e.g. vlan 4000) and then assign it as native to your interconnection:

     

    interface xy

    switchport mode trunk

    switchport trunk native vlan 4000

    switchport trunk allowed vlan add 1

     

    If this succeeds, you'll have tagged vlan 1 also on 5324.

     

  •  

    I don't understand at all diffrence between general i trunk mode. I have pc 6248, 1/g10 is in general mode, i set few vlans as untagged. What happend when untagged frame will enter the port ? what vlan will be associate to this frame ? Could You explain ?

    thank You

    Popo

     

    #show interfaces switchport ethernet 1/g10      

    Port: 1/g10
    VLAN Membership mode:General Mode

    Operating parameters:
    PVID: 1      
    Ingress Filtering: Enabled    
    Acceptable Frame Type: Admit All   
    Default Priority: 0           
    GVRP status:Disabled
    Protected:Disabled

    Port 1/g10 is member in:

    VLAN    Name                              Egress rule   Type
    ----    --------------------------------- -----------   --------
    1       Default                           Untagged      Default 
    58                                        Untagged      Static  
    59                                        Untagged      Static  
    60                                        Untagged      Static  

                        


    Static configuration:
    PVID: 1      
    Ingress Filtering: Enabled    
    Acceptable Frame Type: Admit All   

    Port 1/g10 is statically configured to:

    VLAN    Name                              Egress rule
    ----    --------------------------------- -----------
    58                                        Untagged 
    59                                        Untagged 
    60                                        Untagged

     

  • on 6200:

    Trunk mode- all traffic is transmitted with a vlan tag in the selected vlans.  All incoming traffic must be tagged in the selected vlans or it is dropped.

    General mode is much more flexible:  At its simplest, general mode ports can transmit tagged or untagged packets in the selected vlans.  Incoming traffic can be tagged or untagged. The PVID sets the vlan of incoming untagged packets.  You may also classify incoming traffic wiith MAC/IP association.

    In your example, the PVID is 1, so untagged traffic will be switched in vlan 1.

  • Although late reaction, someone else might be helped with the answer/extra information:

    For the above described situation you could use both trunk as general mode: in both cases you can define which traffic (VLAN's) are allowed on the link and in both cases you can include VLAN1 as allowed traffix.

    When you connect to a Cisco switch that has a trunk configured to your Dell 62xx, M6xxx or M8xxx you will need the general mode as on a Cisco trunk the native VLAN (often Vlan1 but can be another one) is UNtagged.

    Because the Dell switches in trunk mode expect all traffic (ingress) to be tagged and sends all outgoing (egress) tagged the traffic to/from native VLAN configured on the Cisco switch won't be recognized by the Dell switch and this can result in STP topology changes and thus flapping interfaces.

    So when you connect your Dell switch to a Cisco switch with more then one VLAN of traffic on it use the general mode on the Dell switch as explained above.