When I was an impressionable youth back in my college years, I decided it might be a good idea to take Japanese as a foreign language. I spent three semesters learning vocabulary and kanji and eventually managed to forget pretty much everything I learned. One lesson that did stick with me, however, occurred in my first semester. Our professor was explaining to us gaijins (Westerners) that we needed to be very careful about how we pronounced certain words. Since words in Japanese are limited by a very small number of vowel sounds, there are many cases were words use the same sounds but have totally different meanings. Such is the case with shujin. When pronounced as I have written it, it is the word for “husband”. However, if you hold the “u” sound a little too long, as in shuujin, you instead have referred to that person as a “prisoner”. As my professor explained, “Well, perhaps those two words really aren’t so different.” In this case, a small difference in pronunciation can have a profound difference in meaning.
Another place where I see an issue similar to this is when someone starts asking questions about terminology differences between HP Networking (nee Procurve) and Cisco terminology on switches. Often, these questions boil down to two major terminology differences based around one word: trunk. It’s pronounced the same in both vendors world, but just like in Japanese, it can have a very different meaning depending on how it’s used. Allow me to illustrate:
In Ciscoland, when I use the term trunk, I am referring to a port that carries multiple VLANs. Trunk ports carry information about each of the VLANs on the switch in either Cisco’s ISL proprietary format or in the 802.1q vendor-neutral format. Newer switches, like the 2960, have no support for ISL and will only form trunks using 802.1q, so I’ll use 802.1q for my examples. Just keep in mind that if the switch doesn’t support ISL, you don’t need to configure the trunk encapsulation. When these ports are designated as “trunks”, the frames are tagged with a special 802.1q header that indicates which VLAN they are a part of. The only VLAN that is not tagged with an 802.1q header (by default) is the native VLAN. On Cisco equipment, the default native VLAN for an 802.1q trunk is VLAN 1. The behavior of Cisco IOS is to transmit information about all VLANs present on the switch over the trunk. You can narrow this behavior through use of the switchport trunk allowed vlan command. A sample Cisco trunk config might look like this:
Switch(config)#interface gig 0/1 Switch(config-int)#switchport trunk encapsulation dot1q Switch(config-int)#switchport trunk allowed vlan 1,10,99 Switch(config-int)#switchport mode trunk
This configuration is sufficient to setup an 802.1q trunk and only allow VLANs 1, 10, and 99 to pass traffic on it.
In HPvania, the terminology used for a port that carries multiple VLANs is a tagged port. On an HP switch, the individual ports are rarely configured directly. Instead, the VLAN itself is configured and the ports are added to the VLAN configuration. In order to setup an access port, it is configured as an untagged member of the VLAN it needs to belong to. Since HP does not support ISL trunking, the terminology is straight from 802.1q. The untagged ports do not carry 802.1q headers that specify they VLAN information. This would be known as an “access port” on a Cisco switch. In order to create a port that carries information for multiple VLANs, we must “tag” those VLANs on that port. This modifies the packets sent on that port to carry VLAN tags for the VLANs indicated. A sample configuration for an HP switch connected to the above Cisco switch might look like this:
Switch(config)#vlan 1 Switch(config-vlan)#untagged 1 Switch(config-vlan)#untagged 48 Switch(config-vlan)#vlan 10 Switch(config-vlan)#tagged 48 Switch(config-vlan)#vlan 99 Switch(config-vlan)#tagged 48
Notice that the configuration is done under the VLAN and references the port number on the switch. Access ports are untagged members of a particular VLAN, and the native VLAN of an 802.1q trunk is also an untagged member. Even though 802.1q has a native VLAN that doesn’t carry a tag, on an HP switch this VLAN needs to be explicitly set. The other VLANs must be tagged to the uplink port in order for their information to be carried between switches. This lends itself to being an additive solution, where VLANs are only present on a trunk if they have been specifically configured. There is no need to prune VLANs or exclude them from the trunk if they aren’t needed. They just aren’t configured in the first place.
Which method is better? This tends to devolve into an OSPF vs. IS-IS type of argument. If you are more comfortable with one you tend to prefer it. I tend to use the Cisco terminology in my day-to-day operations, and I have a slight preference for not needing to remember to add each individual VLAN to an uplink port. However, from a security perspective, I do like the HP idea of only adding VLANs that are needed. In fact, this same concept of VLAN creation is present in the Force10 OS. If you’d like to see more of it in action, you should check out Stretch’s excellent intro to Force10 over on Packetlife.net.
So, if HP refers to an uplink carrying multiple VLANs are a tagged port, then does HP have a “trunk”? In fact they do. In HPvania, a trunk is a logical construct that aggregates multiple ports into one logical link. For those of you that might be out there scratching your heads about this one, this means that when you “trunk” a group of ports on an HP switch, you are creating one LACP link from up to four individual ports. This kind of configuration should look like this:
Switch(config)#trunk 19-24 Switch(config)#trk1 Switch(config-trk)#lacp Switch(config-trk)#vlan 1 Swtich(config-vlan)#untagged trk1 Swtich(config-vlan)#vlan 10 Swtich(config-vlan)#tagged trk1 Swtich(config-vlan)#vlan 99 Swtich(config-vlan)#tagged trk1
Those of you that are fans of irony will appreciate that the above config sets up this LACP port aggregation to pass multiple VLANs to another switch. In other words, we are configuring a Cisco “trunk” on top of an HP “trunk”.
In Ciscoland, the idea of aggregating multiple ports into a grouping is referred to by many names, usually “port channeling” or “Etherchanneling”. The latter is the term that usually describes the Cisco-proprietary Port Aggregation Protocol (PAgP) links that are created by default. However, this term has more or less become genericized and is used to refer to any group of aggregated ports on a Cisco switch. Cisco does support LACP on aggregated ports, so let’s see how we’d configure this switch to use LACP and send tagged VLAN traffic back to the HP switch:
Switch(config)#interface range gi 0/19-24 Switch(config-int-range)#switchport trunk encapsulation dot1q Switch(config-int-range)#switchport trunk allowed vlan 1,10,99 Switch(config-int-range)#switchport mode trunk Switch(config-int-range)#channel-group 1 mode active Switch(config-int-range)#channel-protocol lacp
This will set the aggregated ports to use LACP and pass VLANs across the link with 802.1q tags. Note that you must set the channel-group command to “active” in order to use LACP on the link. If you set it to “auto” or “desirable”, it will use PagP by default. If you set the mode to “on”, it will not use LACP or PAgP at all.
There you have it. The terminology is different, but as long as you know what you are trying to accomplish, you can usually figure out what you need to configure in order to make it all work correctly. Hopefully you’ll never find yourself married to any particular configuration, much less become a prisoner of it. In the end, just remember that a trunk is still just a trunk. The meaning is entirely up to you.
The Networking Nerd 
As always, this is a great article. I have had to explain these differences to several engineers over the past 18 months (now I will just give them this URL!).
In my mind, the market that the ProCurve switches were aimed at had fewer VLANs per switch and thus it made more sense to configure ports under the VLAN as opposed each port. This way you could go “SysAdmin> Ahh! Here are all my Desktop ports” etc.
I have rolled out about 400 HP switches in the past 18 months as part of some big network rollouts and I am surprised (in both directions) about the E-Series hardware.
Kurt
@networkjanitor
As a note, Exreme Networks uses the same way as HP, with the addition that it refers to vlans by name with its tag being optional (it assigns an internal one if none is specified).
So, to set up vlan trunking on port 1:10 you do:
# create vlan Foo
# configure vlan “Foo” tag 10
# create vlan Bar
# configure vlan “Bar” tag 20
# configure vlan “Default” add port 1:10
# configure vlan “Foo” add ports 1:10 tagged
# configure vlan “Bar” add ports 1:10 tagged
In may HP 1800-8G a trunk port is an etherchannel port, tagged port is a trunk port.
So I spent 1 hour doing stupid things in order to configure a router on a stick 😦
Good article! I have had this exact cross communication where a server engineer is asking me about “trunking” for their server, referring to port channeling and not VLAN trunking I was thinking of. Took a bit of head scratching to work out what he was on about.
Pingback: Tweets that mention When Is A Trunk Not A Trunk? | The Networking Nerd -- Topsy.com
Nice job, Tom.
I try to stick with “aggregate link” and “tagging interface” when talking to non-Cisco folks. Only the former has really taken hold in my vocabulary, but I’m working on it.
The “add ports to a VLAN” vs. “add VLANs to a port” thing is especially painful. The HP/Extreme/Nortel way just doesn’t fit nicely in my brain.
Nice read! Thanks for posting. I have a few procurves in my network, but most is in the Nordic/Europe area. Haven’t gotten that deep in them, so this is good to know, if I ever do!
Are your last two HP/Cisco examples really identical?
I don’t see how the Cisco gets vlan 1 untagged.
Is it possible on Cisco to have tagged and untagged vlans on the same port, like you do on HP?
Matts,
Cisco has vlan 1 as native vlan by default. Any traffic that does not have any tag attached to it will be considered to be in vlan 1. Its by default the management domain. Traffic sent out the switch on this vlan will not have any tags attached. The other switch receiving it can have the following cinfiguration:
Switch(config-ifg)#switchport trunk native vlan 10.
In which case, the other switch receving this untagged traffic will consider it to be in vlan 10. You see how native vlans work? So yes, Cisco can carry tagged and untagged traffic together as it by default has a native vlan.
-Hardy
Great Post! Just saved me a lot of time while configuring trunking to a HP switch from a Cisco AP.
If someone could email me, that would be great. I am currently being jerked around by my local PUD Telecom, We need a port with all Traffic tagged for 1 Vlan not multiple, they are insisting that it is a Trunk port because the packets will be taggen, and wanting to charge us an extra 500$ per month. Is this right or wrong, Please email me at timandrist92@hotmail.com Thanks!!
Pingback: Brocade – Packet Spraying and SDN Integrating | The Networking Nerd
nice article , I have a question though . I am using e3800 and I want my data in Valn1 and voice in vlan 2 ; I have
10.0.1.0/24 for Vlan 1
10.0.2.0/24 for voice
The idea is to have BOTH data and voice on the SAME port , so vlan 1 is untagged and vlan 2 is tagged on all ports including the one that connects to core HP switch.
to test the configuration I used two laptops , configured them with static IPs in Vlan2 and tried to ping . it works , I removed these machines from Vlan1 ( assuming that they should work) but they cannot ping . as soon as I return them to Vlan1 they can ping .
If I switch Vlan 2 from tagged to untagged on those two access ports ; they can ping . but with such scenario they never can connect to data network ( VLAN1)
Anything wrong with my test ? or config ?
Pingback: When Is A Trunk Not A Trunk? | Daz's bits and bobs
Awesome article. Clear like a crystal. And very well writen. A ilustration and after 2 good day-by-day examples. I navigate throught forums (Cisco/HP), talked to CCNPs and not even single one could give a better picture of the wjolw ting like you did! This article will be placed in my Hall of Fame of my Favourites WebLinks. Thanks and congratualtions!
Weverton Lima
Aracaju, SE / Brazil.
Pingback: Nobody Cares | The Networking Nerd
On HP 1910, they actually use “trunk” for both of these meanings.
Link aggregations are called trunks in one tab, but you can also choose between “access”, “hybrid” and “trunk” for your aggregates.
Hope this saves someone from a few hours of configuration headache I got for myself by confusing these two meanings when trying to link aggregate two switches together.
This is THE best article I’ve ever written to explain the true difference between Cisco and HP switching because it is a huge assessment thought-wise for Cisco guys. Well, I can speak for myself. I have taught myself but this just clearly reasserts why I’ve learning very succinctly. Nice work.
Sorry, the best article I’ve ever READ 🙂
Thanks so much. I am trying to interconnect 2 vlans between a Cisco Aironet to a Procurve switch. On HP’s web interface I couldn’t figure out why I would even need the “trunk” section when it seems I could do everything I needed on the “vlan” tab. After reading your article I now understand that I don’t need the “trunk” section because it is for something completely different than what I am trying to do.
Pingback: Q And A Should Include The E | The Networking Nerd
An update explaining this for HP comware (3com, h3c) is needed.
Spoiler alert: Oposite of provision(hp procurve), similar to Cisco
Thanks for the heads up Jesus. I did find a Comware/Procurve/Cisco command reference from HP – (http://h17007.www1.hp.com/docs/interoperability/Cisco/HP-Networking-and-Cisco-CLI-Reference-Guide_June_10_WW_Eng_ltr.pdf) that does give the differences in the various CLI syntaxes.
Great article!
As a helper to those configuring HP switches, and what might make your life a lot easier, is that you can string the vlan port additions into a single command. Your example, while perhaps less clear, would be shortened to:
Switch(config)#vlan 1 untagged 1,48
Switch(config)#vlan 10 tagged 48
Switch(config)#vlan 99 tagged 48
I’d argue that the “switchport mode trunk” command in Cisco should be implied if you’re assigning multiple VLAN’s to an interface; that always bugged me about iOS
I have an Issue with a HP Procurve. I want to make an Accessport from one interface of the HP Switch to a Cisco Router. The VLAN on the devices is different tho:
Switch:
vlan 60
untagged 26
exit
Router:
interface FastEthernet1
switchport access vlan 49
With this configuration the Spanning tree on the Router brings this error:
%SPANTREE-7-RECV_1Q_NON_TRUNK: Received 802.1Q BPDU on non trunk FastEthernet1 VLAN49.
%SPANTREE-7-BLOCK_PORT_TYPE: Blocking FastEthernet1 on VLAN49. Inconsistent port type.
It seems the Switch is still sending dot1q VLAN Tags on an untagged port.
I tried configuring a trunkport on the router with native-VLAN 49. Got this result:
%SPANTREE-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id 60 on FastEthernet1 VLAN49.
turning off spanning tree for vlan 49 ignores the problem but works.
Pingback: ZyXEL ZyWALL USG-50 VLANs – johnk's blog
thank you so much!!!
Great article!
Just saved me a lot of time while configuring trunking to a HP switch
Pingback: SolarWinds IT Blog Spotlight – The Networking Nerd - Geek Speak - Resources & Events - THWACK