Cisco switchport mode access vs switchport access vlan

TOPICS:2960 3550 cdp Cisco dtp dynamic auto dynamic desirable dynamic trunking protocol host spanning tree switch switchport trunk VLAN

Posted By: Alfred Tong February 10, 2014

What’s the difference between “switchport mode access” and “switchport access vlan xx”?

First of all, both commands are required to set the switch to an access port.

switch(config-if)# switchport mode access

This above command disables DTP – Dynamic Trunking Protocol on the specified interface and basically turns off trunk negotiation. This command is important for any access port setting because without this command the port can be easily setup as a trunk interface.

switch(config-if)# switchport access vlan 10

This command sets the port to access vlan 10. Without the switchport mode access command, if the neighbouring port is a trunk port, the port will be configured as a trunk.

To confirm whether trunking has been disabled on an interface use the following command:

show interfaces switchport

Name: Fa0/2
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 10 (INTERNET)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none 
Administrative private-vlan mapping: none 
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none

Notice that the “negotiation of trunking:” is set to off.

You can also use the following command to confirm whether the port is setup as a trunk.

show interfaces trunk

What’s the best command to use for a port that will be connected to a host?

If you want to setup an access port for hosts, I would recommend using this command to save some typing:

switch(config-if)# switchport host

This command will automatically setup the port with a bunch of useful commands specifically designed for end host devices.

switchport mode will be set to access
spanning-tree portfast will be enabled
channel group will be disabled