Goal of this step
Allow VLAN 10, 20, 30 to:
- travel between switches
- reach the router
🚫 Still no inter-VLAN routing yet
🚫 No router subinterfaces yet
🔹 TRUNK LINKS WE WILL CONFIGURE
| Link | Why |
|---|---|
| HQ-SW2 ↔ DIST-SW1 | Carry VLAN 10 |
| HQ-SW3 ↔ DIST-SW1 | Carry VLAN 20 & 30 |
| DIST-SW1 ↔ HO-R1 | Carry all VLANs to router |
🔹 STEP 25.1 — Trunk HQ-SW2 ↔ DIST-SW1
On HQ-SW2
(Use the port that connects to DIST-SW1, example Gi0/1 or Fa0/x)
enable
configure terminal
interface gigabitEthernet0/1
switchport mode trunk
switchport trunk allowed vlan 10
end
write memory
On DIST-SW1 (port to HQ-SW2)
enable
configure terminal
interface gigabitEthernet0/2
switchport mode trunk
switchport trunk allowed vlan 10
end
write memory
🔹 STEP 25.2 — Trunk HQ-SW3 ↔ DIST-SW1
On HQ-SW3 (port to DIST-SW1)
enable
configure terminal
interface gigabitEthernet0/1
switchport mode trunk
switchport trunk allowed vlan 20,30
end
write memory
On DIST-SW1 (port to HQ-SW3)
enable
configure terminal
interface fastEthernet0/23
switchport mode trunk
switchport trunk allowed vlan 20,30
end
write memory
🔹 STEP 25.3 — Trunk DIST-SW1 ↔ HO-R1
⚠️ This is the MOST IMPORTANT trunk.
On DIST-SW1 (port to HO-R1)
enable
configure terminal
interface gigabitEthernet0/1
switchport mode trunk
switchport trunk allowed vlan 10,20,30
end
write memory
🔹 VERIFY TRUNKS (DO THIS)
On each switch:
show interfaces trunk
You should see:
- Trunk ports listed
- Allowed VLANs correct
🧠 What is TRUE right now
✅ VLAN traffic can now move end-to-end
❌ Router still cannot route VLANs
❌ PCs still cannot ping gateways
This is EXPECTED.
🔑 GOLD RULE (lock this in)
Trunks carry VLANs; routers need subinterfaces to route them.
