Trunk port not showing MAC address

S

saveic

New Member
Reaction score
0
So I have a basic setup for a trunk port for an AP.
switchport trunk allowed vlan 10,30,40,50
switchport trunk native vlan 10
switchport mode trunk
switchport nonegotiate

The AP is Ubiquiti. When the port is in trunk mode, I can no longer see the mac address of the AP and it is no longer reachable. Yet the wireless still works and I can see the mac address of all the clients connected to the AP.
When I switch the port to switchport mode access, the mac address shows up for the AP and it gets an IP address but of course the devices cannot join the wireless.

How can I get the mac address to show up for the AP while the port is in trunk mode? The switch I have is a L3 cisco 3560-8pc-s.
 
I’m not sure what you mean by you’re not able to see the MAC address, but when you change it to be an access port which vlan are you assigning?
 
Try changing the management VLAN of the AP to 10. It's under Settings > Services

This way it's tagged rather than using the native VLAN (which you should probably change back to 1 on that port)
 
Last edited:
SAFCasper said:
Try changing the management VLAN of the AP to 10. It's under Settings > Services

This way it's tagged rather than using the native VLAN (which you should probably change back to 1 on that port)
Click to expand...

For clarification to the op, the native VLAN is merely untagged traffic.

That interface above is saying that it allows Layer-2 Frames (the PDU for Layer-2 is NOT packet) with an 802.1q tag of 30,40, or 50 (only NOT 10 with a tag) ... AND it allows frames with no 802.1q tag present.. With no tag present, a received frame will be dropped into VLAN 10. That interface with transmit (with a tag) for VLANs 30, 40, and 50. It will transmit for VLAN 10 without a tag.

Any given specific, individual frame has a source and destination MAC address and may or may not contain one (1) 802.1q tag*. That is to say a Frame belongs to exactly one(1) VLAN. An Interface can sort and separate many frames for transmission to/from multiple VLANS, but any given frame itself gets sorted into one VLAN or dropped if not allowed on the trunk. Likewise any specific given frame gets transmitted within one VLAN segment (or not) depending upon the configuration of the interface. Case and point if a frame from VLAN 123 was being sent, the interface above would never transmit it... it would also drop a frame received with 802.1q tag of VLAN 123 because it is not allowed.

*Yes, I know of Q-in-Q, which allows more than one VLAN tag per frame, but that is outside the scope of this answer.
 
NETWizz said:
For clarification to the op, the native VLAN is merely untagged traffic.

That interface above is saying that it allows Layer-2 Frames (the PDU for Layer-2 is NOT packet) with an 802.1q tag of 30,40, or 50 (only NOT 10 with a tag) ... AND it allows frames with no 802.1q tag present.. With no tag present, a received frame will be dropped into VLAN 10. That interface with transmit (with a tag) for VLANs 30, 40, and 50. It will transmit for VLAN 10 without a tag.
Click to expand...

Once you change native back to 1 surely vlan 10 would be allowed tagged as part of this command?
switchport trunk allowed vlan 10,30,40,50

Yes in theory untagged traffic from the AP should currently be dropped into VLAN 10 as native/untagged. But clearly something isn't working with that so I'm offering an alternate approach since other tagged vlans do seem to be working. I'll confess I don't have much expectation it will work but for the sake of a few minutes it's worth a test.


Question for @saveic you say it works when setting the port to access. Are you assigning a vlan when you do this or simply entering switchport mode access

If the latter, that would put it on the default VLAN1 not VLAN10. Are you sure VLAN 10 is correctly assigned elsewhere in your network? for example is it tagged on your uplink port(s) to the router? Does the router know what to do with vlan 10? Are there other switches in the chain which need to know about vlan 10?
 
Last edited:
SAFCasper said:
Once you change native back to 1 surely vlan 10 would be allowed tagged as part of this command?
switchport trunk allowed vlan 10,30,40,50

Yes in theory untagged traffic from the AP should currently be dropped into VLAN 10 as native/untagged. But clearly something isn't working with that so I'm offering an alternate approach since other tagged vlans do seem to be working. I'll confess I don't have much expectation it will work but for the sake of a few minutes it's worth a test.


Question for @saveic you say it works when setting the port to access. Are you assigning a vlan when you do this or simply entering switchport mode access

If the latter, that would put it on the default VLAN1 not VLAN10. Are you sure VLAN 10 is correctly assigned elsewhere in your network? for example is it tagged on your uplink port(s) to the router? Does the router know what to do with vlan 10? Are there other switches in the chain which need to know about vlan 10?
Click to expand...

Everything you said does not change anything I said.

I would need the configuration of the network to know how the AP is configured the switch is configured, where the routing process is located, etc. Pretty sure a Cisco 3560 is a multi-layer switch, so it might well be acting as the router at least for some directly-connected subnets.

Your default answer shouldn't be to just set the switchport to be an access port in VLAN 1. If you change it to switchport mode access, immediately your statement, "offering an alternate approach since other tagged vlans do seem to be working" will cease to be true and that interface will begin dropping ALL tagged traffic no longer operating like a trunk.

My best guess is that the OP expects the switch to accept tagged or untagged traffic for VLAN 10, but that is not how it works. If the native VLAN is 10, it accepts only untagged traffic on behalf of VLAN 10. If the Ubiquiti devices is not altered, my guess is that by default it is managed via VLAN 1.

I also do not know why PoE is not enabled on that Cisco switch. Almost certainly that would be the ideal way to power the AP, too.

Most likely this is what the OP needs:

interface GigabitEthernet x/x
power inline
switchport trunk allowed vlan 10,30,40,50
switchport trunk native vlan 1
switchport mode trunk
switchport nonegotiate
 
NETWizz said:
Everything you said does not change anything I said.
Click to expand...

I wasn't trying to prove anything you said was incorrect, because it wasn't. But it seemed like you were suggesting my method wouldn't work and I was wondering why.

Question again in simpler format was:
switchport trunk allowed vlan 10,30,40,50
switchport trunk native vlan 1
Surely this would allow VLAN 10 as tagged on the interface? (all I've changed is the native VLAN back to 1)

Sorry if it came across the wrong way. This shouldn't fall into an argument we are both just trying to help.


NETWizz said:
Your default answer shouldn't be to just set the switchport to be an access port in VLAN 1.
Click to expand...

I never at any point suggested doing this.
 
Last edited:
You must log in or register to reply here.

Similar threads

johnrobert
Mac Mail
Replies
6
Views
589
timeshifter
timeshifter
mmerry
ISP Rant
Replies
4
Views
538
mmerry
mmerry
YeOldeStonecat
Ubiquiti's new Unifi Express came in
Replies
5
Views
1K
YeOldeStonecat
YeOldeStonecat
Appletax
[WARNING] PSA: Lenovo USB-C Port Failures – A Serious Ongoing Issue
2
Replies
37
Views
2K
Appletax
Appletax
thecomputerguy
What Ubiquiti AIR Point to MultiPoint product should I buy?
Replies
3
Views
345
YeOldeStonecat
YeOldeStonecat
Back
Top