How to disable CDP-4-NATIVE_VLAN_MISMATCH (native vlan mismatch)

Cisco switches support CDP and use it to help us in a number of ways. One of them is to detect native VLAN mismatch between two connected ports. For 99% of the time this is a “good thing to do” ™ but there are some corner cases where this is not what you want.

For example, if you have a switch that is connected with another switch and their connected ports are configured as access ports (and not trunk ports) then this message doesn’t make much sense.

Well… it does…

Cisco switches also support VTP which eases the VLAN management task. For VTP to work, switches that are under the same “local network” are also under the same “VTP domain”. A VTP domain logically groups switches.

Now, here is the problem: Two switches connected using access mode that are in the same VTP domain should share the same VLAN configuration, even if they are configured as transparent.

What to do: To bypass this problem you have to change the vtp domain on those switches so that it doesn’t match. If you haven’t changed that already, they most probably are not in any VTP domain at all or they are in the same VTP domain.

The solution:

  1. Configure at least one of the two switches to be in transparent mode. You may not want that, but if you don’t know what this means then just do it:

    Switch(config)# vtp mode transparent
  2. Change the VTP domain of that switch:

    Switch(config)# vtp domain a_unique_name

    (you may want to use the hostname)

… and this annoying message:


Oct 27 12:16:29.352 EET: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet2/6 (2), with sw-el0 GigabitEthernet0/8 (1).

will be gone

13 Comments

  1. thanks brooo,
    or u can try the command below to remove “%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN bla bla bla bla”.

    S1(config)#int F0/3
    S1(config-if)#switchport mode trunk
    S1(config-if)#switchport trunk native vlan 99
    S1(config-if)#no switchport trunk native vlan tag

    done 🙂
    i’m sorry for my bad english 😀

  2. Thanks, I didn’t realise that the vtp name affect this. I was running vtp transparent mode without a domain name specified and was seeing these entries in the syslog. I just set separate vtp domain names per site (as you described) and now I no longer see these.

    Thanks for your info

  3. Good to know. I was either ignoring these messages (where possible), or was disabling CDP on the port. However this means that you will not see device, and it may be hard to identify the neighbor.

Leave a Reply

Your email address will not be published. Required fields are marked *