Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1327
Views
4
Helpful
4
Replies

2960X Vlan interface and MGMT on same subnet, causing errors

richc2012
Level 1
Level 1

‎05-29-2018 11:34 AM - edited ‎03-01-2019 04:43 AM

Hello all,

I am using the PnP app to provision 2960X switches, using DHCP option 43. If the IP address that the switch receives on F0 via DHCP is on a different subnet than the Vlan interface IP which is in the configuration that is being pushed, the provisioning is successful, but if the two are in the same subnet then the APIC-EM loses connectivity to the switch once the config is deployed and the DHCP scope gets filled up with "BAD ADDRESS". What exactly is occurring here and what is the workaround?

Labels:
4 Replies 4

aradford
Cisco Employee
Cisco Employee

‎05-29-2018 05:32 PM

this is routing 101.

you cannot have two interfaces on an L3 device in the same subnet. 

The way you solve this is to do a

int f0

no ip address

int vlan x

ip address a.b.c.d netmask xxx.xxx.xxx.xxx

and you need to add a default route.

0 Helpful

richc2012
Level 1
Level 1
In response to aradford

‎05-29-2018 06:19 PM

So this is not a L3 device, it is a catalyst 2960X switch and IP routing has not been enabled, we are using the F0 interface since it comes pre-configured as IP add DHCP. perhaps i did not explain the scenario well enough. We are having brand new switches ordered and shipped to the branch office where it is needed, there a Field technician un-boxes it an plugs in the management interface, F0 into the sites LAN ( where we have already added option 43 to the dhcp scope) once the switch boots we see it "unclaimed" in the APIC-EM, from there we proceed to push down a config, in this config is the VLAN int X config, once the config gets applied is where the issues begin, The Apic is no longer able to access the device so it goes int error - device not in terminal state, and the DHCP scope starts filling up with BAD Address being caused by the new switch. This only occurs when the Vlan X ip address is in the same subnet as the address that F0 gets from DHCP, so are you saying that ZTP cannot work in this scenario?

richc2012
Level 1
Level 1
In response to richc2012

‎05-29-2018 06:30 PM

Just to make sure i wasn't  losing my mind i looked up the facts from Cisco's web site, what we are ordering are 2960X and not the XR version

2960X.JPG

aradford
Cisco Employee
Cisco Employee
In response to richc2012

‎05-29-2018 06:40 PM

Hi Richard,

let me be a bit clearer.  F0 is a L3 Out of band management port.  It cannot overlap with any other interface (vlan SVI) defined on the switch...

Just wondering why you are mixing between OBM F0 and inband management, vlan X?

Normal scenario would be to choose one or the other, and not have both in the same subnet (as this is not allowed, irrespective of PnP).  The only way you could do this is to have the management interface in a seperate vrf, which is not supported on 2960x.

It should be possible to use PnP to deploy these devices.

If you are managing in band, the usual approach is to use a front panel port to connect to uplink DHCP server/APIC-EM.  There are two choices for the vlan X configuration:

  1. (preferred) use "pnp startup-vlan xxx" on the upstream device which will automatically create management VLAN X and use DHCP to get an IP address which you can then overwrite
  2. use dhcp on vlan 1 to get an initial IP address, and then do a vlan switchover.  (no ip address on vlan 1, ip address on vlan x, no shut, static default route etc)

adam

Customers Also Viewed These Support Documents