Configuring Interface Characteristics
the VLAN membership of the port is discovered. Dynamic access ports on the switch are assigned to a
VLAN by a VLAN Membership Policy Server (VMPS). The VMPS can be a Catalyst 6500 series switch;
the switch cannot be a VMPS server.
You can also configure an access port with an attached Cisco IP Phone to use one VLAN for voice traffic and
another VLAN for data traffic from a device attached to the phone.
Trunk Ports
A trunk port carries the traffic of multiple VLANs and by default is a member of all VLANs in the VLAN
database.
Although by default, a trunk port is a member of every VLAN known to the VTP, you can limit VLAN
membership by configuring an allowed list of VLANs for each trunk port. The list of allowed VLANs does
not affect any other port but the associated trunk port. By default, all possible VLANs (VLAN ID 1 to 4094)
are in the allowed list. A trunk port can become a member of a VLAN only if VTP knows of the VLAN and
if the VLAN is in the enabled state. If VTP learns of a new, enabled VLAN and the VLAN is in the allowed
list for a trunk port, the trunk port automatically becomes a member of that VLAN and traffic is forwarded
to and from the trunk port for that VLAN. If VTP learns of a new, enabled VLAN that is not in the allowed
list for a trunk port, the port does not become a member of the VLAN, and no traffic for the VLAN is forwarded
to or from the port.
Tunnel Ports
Tunnel ports are used in IEEE 802.1Q tunneling to segregate the traffic of customers in a service-provider
network from other customers who are using the same VLAN number. You configure an asymmetric link
from a tunnel port on a service-provider edge switch to an IEEE 802.1Q trunk port on the customer switch.
Packets entering the tunnel port on the edge switch, already IEEE 802.1Q-tagged with the customer VLANs,
are encapsulated with another layer of an IEEE 802.1Q tag (called the metro tag), containing a VLAN ID
unique in the service-provider network, for each customer. The double-tagged packets go through the
service-provider network keeping the original customer VLANs separate from those of other customers. At
the outbound interface, also a tunnel port, the metro tag is removed, and the original VLAN numbers from
the customer network are retrieved.
Tunnel ports cannot be trunk ports or access ports and must belong to a VLAN unique to each customer.
Routed Ports
A routed port is a physical port that acts like a port on a router; it does not have to be connected to a router.
A routed port is not associated with a particular VLAN, as is an access port. A routed port behaves like a
regular router interface, except that it does not support VLAN subinterfaces. Routed ports can be configured
with a Layer 3 routing protocol. A routed port is a Layer 3 interface only and does not support Layer 2
protocols, such as DTP and STP.
Configure routed ports by putting the interface into Layer 3 mode with the no switchport interface configuration
command. Then assign an IP address to the port, enable routing, and assign routing protocol characteristics
by using the ip routing and router protocol global configuration commands.
OL-29420-01
Catalyst 2960-XR Switch Interface and Hardware Component Configuration Guide, Cisco IOS Release 15.0(2)EX1
Interface Types
15