Re: Problem with CSS11503 and Trunking

cantorb · ‎11-04-2004

I am very new the the CSS world. I've only delt with CSSs that were already up and running in production. I am now attempting to bring up a pair of 11503 with box-to-box redundancy. In order for the pair to operate with b2b one of the Ge interfaces needs to be used for a heartbeat to a Ge interface on the other 11503. With this configuration we are only left with 1 Ge interface per box. In order to achieve the desired result I am planning to trunk (preferably .1q) from Ge1/2 to a 3750 switch. I have applied what I believe to be the appropiate commands but the interface becomes unactive and reachable only via the local segment (I cannot ping outside of the local segment). Here are my configs on the css and the switch. Also, it has occured to me that the CSSs might requrie a full blown config in order for it to be able to accept and respond to ICMP. Please review and advise.

3750 SWITCH CONFIG

!

interface GigabitEthernet1/0/14

description css1 ge1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 200,300,400,500,600,700

switchport mode trunk

!

interface GigabitEthernet1/0/15

description css2 ge1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 200,300,400,500,600,700

switchport mode trunk

!

CSS 11503 CONFIG

qw-css-1# sho run

!Generated on 11/04/2004 21:10:52

!Active version: sg0740004

configure

!*************************** GLOBAL ***************************

sntp server 10.0.0.10 version 1

cdp run

vrrp-backup-timer 15

ip redundancy

app session 1.1.1.1

app

dns primary 10.0.0.10

dns suffix admin.qw.franklin.edu

ftp-record DEFAULT_FTP 10.0.0.11 ftp des-password ef1gschehdkc6cza

!************************* INTERFACE *************************

interface 1/1

trunk

vlan 200

vlan 300

vlan 400

vlan 500

vlan 600

vlan 700

vlan 800

interface 1/2

bridge vlan 2

!************************** CIRCUIT **************************

circuit VLAN2

ip address 1.1.1.2 255.255.255.0

redundancy-protocol

circuit VLAN700

redundancy

description "Console *RILO* VLAN"

ip address 10.0.5.40 255.255.255.0

circuit VLAN600

redundancy

description "Remote VLAN"

ip address 10.0.4.40 255.255.255.0

circuit VLAN500

redundancy

description "Active Directory VLAN"

ip address 10.0.3.40 255.255.255.0

circuit VLAN400

redundancy

description "Students VLAN"

ip address 10.0.2.40 255.255.255.0

circuit VLAN300

redundancy

description "Courses VLAN"

ip address 10.0.1.40 255.255.255.0

circuit VLAN200

description "Admin VLAN"

qw-css-1#

seilsz · ‎11-04-2004

Have you seen the following reference:

http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_configuration_example09186a00801e16c7.shtml

~Zach

briedcan · ‎11-05-2004

I actually did see that document...I actually have the PDF downloaded on my PC. I was, however, a bit confused on why some of the things in the document were configured. Are the *bridge state*, *bridge pathcost* and *bridge priority* commands required or are they optional commands?

Also, I think one of my biggest concerns is with my current config (posted above) should I be able to ping the IPs on the circuits?

Thanks for all the help guys.

bc

seilsz · ‎11-05-2004

Your CSS trunk configuration looks fine. The bridge state, pathcost and priority commands are optional.

I don't see any routes configured in your CSS. What is the IP address you are trying to ping the circuits from?

~Zach

briedcan · ‎11-05-2004

Routes...ahh...we might be on to something here. Actually anywhere I try to ping from I can't seem to get anything. I am only able to get into the box via the mgmt ip. This IP is on the same segment as a linux box that I ssh to. So, for these circuits to work, do you think that I need a default route for each circuit defined? Thanks again for the help Zach.

bc

seilsz · ‎11-05-2004

The CSS needs to understand how to get back to the source of the traffic it is receiving. Whether that is a default route or something more specific really depends on your topology/routing policy.

For devices outside the CSS, they will need routes pointing to the circuit and/or content VIP addresses. How many and of what type, again, depends on your design.

If you want to post a diagram or some additional information, I'm sure we could figure it out.

~Zach

pknoops · ‎11-05-2004

I would agree that you need to have atleast one default route on the CSS to make things work.

You may also want to add "default vlan" to the GE port in question as this is necessary.

Pete..

briedcan · ‎11-05-2004

Two things:

First, I added the appropriate statics to the box and it still seems like a now go.

Secondly, I've got some things to do but I'm going to post a Visio after a bit so you can all know what I'm dealing with.

Thanks again!

bc

magruder58 · ‎11-08-2004

What does a show phy and show int show? Are the interfaces up?

I don't see the switchport command under the 3750 interface. You should specify it as a switchport.

jfoerster · ‎11-08-2004

Hi,

well another thing about the Switch.

In my opinion the default vlan which is 1 if nothing is configured is not permitted on the trunk which causes trouble in my opinion. In the case you have a diffrent vlan as default vlan you've to configure this on the switch and on the CSS so that every device knows which is the default vlan.

Cheers,

Joerg