200-301 Question #1459: Real Exam Question with Answer & Explanation

Question

Lab Simulation 19 Guidelines This is a lab item in which tasks will be performed on virtual devices. - Refer to the Tasks tab to view the tasks for this lab item. - Refer to the Topology tab to access the device console(s) and perform the tasks. - Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. - All necessary preconfigurations have been applied. - Do not change the enable password or hostname for any device. - Save your configurations to NVRAM before moving to the next item. - Click Next at the bottom of the screen to submit this lab and move to the next question. - When Next is clicked, the lab doses and cannot be reopened. Topology Tasks All physical cabling is in place and verified. Switch SW-1 is pre-configured and inaccessible. SW- 2 and SW-3 ports must be configured and operational to complete the configuration. 1. Configure SW-2 and SW-3 ports E0/0 to use the industry standard encapsulation method for trunking and only tag VLAN 10 2. Configure SW-2 and SW-3 ports E0/0 to send and receive untagged traffic over VLAN 11 3. Configure SW-2 and SW-3 ports E0/2 and E0/3 to use the industry standard encapsulation method for trunking and tag all VLANS 4. Configure SW-2 and SW-3 ports E0/2 and E0/3 for link aggregation using the industry standard protocol with the following requirements: - SW-2 ports must not initiate the negotiation for the aggregation protocol - SW-3 ports must immediately negotiate the aggregation protocol - Use the designated number assignment Answer: SW-2 Config t Interface e0/0 switchport mode trunk switchport trunk encapsulation dot1q switchport access vlan 10 switchport trunk native vlan 11 Interface e0/2 switchport mode trunk switchport trunk encapsulation dot1q channel-group 23 mode passive Interface e0/3 switchport mode trunk switchport trunk encapsulation dot1q channel-group 23 mode passive interface port-channel 23 switchport mode trunk switchport trunk encapsulation dot1q SW-3 Config t Interface e0/0 switchport mode trunk switchport trunk encapsulation dot1q switchport access vlan 10 switchport trunk native vlan 11 Interface e0/2 switchport mode trunk switchport trunk encapsulation dot1q channel-group 23 mode active Interface e0/3 switchport mode trunk switchport trunk encapsulation dot1q channel-group 23 mode active interface port-channel 23 switchport mode trunk switchport trunk encapsulation dot1q

Options

• task1. Configure SW-2 and SW-3 ports E0/0 to use the industry standard encapsulation method for trunking and only tag VLAN 10. 2. Configure SW-2 and SW-3 ports E0/0 to send and receive untagged traffic over VLAN 11. 3. Configure SW-2 and SW-3 ports E0/2 and E0/3 to use the industry standard encapsulation method for trunking and tag all VLANs. 4. Configure SW-2 and SW-3 ports E0/2 and E0/3 for link aggregation using the industry standard protocol with the following requirements: - SW-2 ports must not initiate the negotiation for the aggregation protocol - SW-3 ports must negotiate the aggregation protocol - Use the designated number assignment
• prerequisitesConsole access is available for all required devices (SW-2 and SW-3). All necessary preconfigurations have been applied.

Explanation

Lab Simulation 19: Trunk Configuration & EtherChannel (LACP)

Overall Goal

You are configuring two inter-switch links between SW-2 and SW-3:

1. E0/0 - A trunk port with selective VLAN behavior: only VLAN 10 traffic is tagged; VLAN 11 is the native (untagged) VLAN.
2. E0/2 + E0/3 - A redundant, load-balanced logical link (EtherChannel / Port-Channel) using the industry-standard link aggregation protocol (LACP/802.3ad), carrying all VLANs.

The key protocols and standards involved:

Task 1 & 2 - Port E0/0: Selective Trunk (Steps 1–6 / 18–23)

Step-by-step

config t Enters global configuration mode. Required before any interface-level changes.

interface e0/0 Enters the specific interface context. All subsequent commands apply only to this port.

switchport trunk encapsulation dot1q Sets the trunking encapsulation to IEEE 802.1Q - the "industry standard" the task requires. The alternative is Cisco's proprietary ISL (Inter-Switch Link), which is older and no longer common.

Order note: On platforms that support both ISL and dot1q (like IOS on older Catalyst switches), you must set encapsulation before or at the same time as setting the mode to trunk. On some platforms, switchport mode trunk will error if encapsulation is ambiguous. The procedure lists mode before encapsulation - this works on many platforms, but best practice is encapsulation first.

switchport mode trunk Unconditionally sets the port to trunk mode. Without this, the port could remain in access mode or attempt dynamic negotiation (DTP), which is unreliable and a security risk.

switchport trunk allowed vlan 10 (Corrected from answer)

Important: The provided answer uses switchport access vlan 10, which is an access port command and has no effect on a trunk port. The correct command to fulfill "only tag VLAN 10" is switchport trunk allowed vlan 10.

This restricts the trunk to only carry VLAN 10 as a tagged frame. Without this, the trunk would carry all VLANs by default. The native VLAN (set next) is carried untagged and does not need to appear in the allowed list separately on most platforms.

switchport trunk native vlan 11 Sets VLAN 11 as the native VLAN - the VLAN whose traffic crosses the trunk without an 802.1Q tag. This fulfills Task 2: "send and receive untagged traffic over VLAN 11."

What goes wrong if skipped: The native VLAN defaults to VLAN 1. Untagged traffic would land in the wrong VLAN, and if the two sides of a trunk have mismatched native VLANs, CDP/STP will warn about a native VLAN mismatch, and traffic will be misrouted.

Task 3 & 4 - Ports E0/2 & E0/3: EtherChannel with LACP (Steps 7–17 / 24–34)

Why EtherChannel?

Spanning Tree Protocol (STP) blocks redundant physical links to prevent loops. EtherChannel bundles physical links into one logical Port-Channel interface, so STP sees one link rather than two - giving you redundancy and bandwidth aggregation without blocked ports.

interface e0/2 / interface e0/3 Configure each physical member port individually. Both must be configured identically (same VLAN, same speed/duplex, same channel-group) or the EtherChannel will fail to form.

switchport trunk encapsulation dot1q Same reason as before - 802.1Q is required. Applies to both physical ports.

switchport mode trunk Sets each physical port to trunk mode so it carries all VLANs. Task 3 says "tag all VLANs," meaning no allowed vlan restriction - the default behavior (all VLANs allowed) is correct here.

channel-group 23 mode passive (SW-2) / channel-group 23 mode active (SW-3)

This is the LACP assignment. Breaking it down:

Why number 23? The "designated number assignment" convention here uses the two switch numbers (SW-2 and SW-3) concatenated → 23. This makes the channel-group number self-documenting.

Critical rule: A LACP channel requires at least one side to be active. passive↔passive will never form a channel because neither side initiates. active↔passive or active↔active both work. If you set both sides to passive, the EtherChannel silently never forms.

What goes wrong if skipped: Without channel-group, the ports operate as independent trunks. STP would block one of them, eliminating redundancy. You'd also lose the bandwidth aggregation benefit.

interface port-channel 23

switchport mode trunk

switchport trunk encapsulation dot1q

The Port-Channel interface is the logical interface that STP, routing, and VLANs actually use. Even though physical ports have their settings, you must explicitly configure the logical Port-Channel with matching trunk settings. Some IOS versions inherit settings automatically, but explicitly setting them ensures correctness and survives reboots.

What goes wrong if skipped: The Port-Channel interface may come up in default access mode (VLAN 1), dropping all tagged traffic even if the physical ports are correctly configured. Inter-VLAN traffic would fail.

What Would Break if Steps Were Done Out of Order

Memory Tips

dot1q vs ISL: "Dot1q is the Default industry standard" - anything with "industry standard" on an exam = 802.1Q = encapsulation dot1q.

Native VLAN = untagged VLAN: Think of "native" as the port's home VLAN - it doesn't need a tag because it's already home.

LACP modes - Active vs Passive: Think of LACP like a phone call. Active dials first. Passive only picks up. Someone has to dial - so you need at least one active side.

Channel-group number: Use the two switch endpoint numbers concatenated (SW-2 ↔ SW-3 → group 23). Works up to 9+9 = consistent naming.

LACP vs PAgP: "LACP = Legit standard (IEEE 802.3ad)"; PAgP = Proprietary (PAgP = Proprietary Aggregation Protocol).

No community discussion yet for this question.