02-07-2013 08:33 AM
I have created a management vlan on my network of 2950 and 3750 switches. One 3750 has a trunk to each of the 2950 switches which includes the management VLAN. On that 3750 the vlan and line protocol are both up even though there is no specific port assigned to the vlan; I believe the trunk connections allow the vlan line protocol to come up. On another 3750 stack I have my VLAN defined with no ports designated or trunks; the VLAN is up however the line protocol is down. Is there an easy solution for this?
Thanks!
Solved! Go to Solution.
02-12-2013 08:43 PM
Loren,
First your going about this wrong. You don't need to tear apart your L3 port channel just to get a management vlan to come up. Get rid of the management vlan all together (it is only being used to remotely access the switch). Replace that with a loopback interface:
Config t
!
Interface loopback0
IP address x.x.x.x 255.255.255.255
!
This will act as an always up interface. You should never plug a loopback cable into a port just to get a vlan up. When possible use a trunk in your case you don't have any redundant switch to trunk to so use the loopback0 interface instead. Does this help? Is there a specific reason you need that vlan to work? If so pleas e let me know and we can look at other options, but sounds like you just need a management interface and the loopback interface works great for that.
Toby
Sent from Cisco Technical Support Android App
02-07-2013 09:23 AM
I'm not quite following - on the non-working 3750 do you have an SVI created?
You need an access port, a trunk or a layer 3 SVI interface to be up to bring the protocol up. If you have the SVI defined, do a "no shut" on it.
02-07-2013 09:35 AM
There is no physical port assigned to the new management vlan, and the vlan itself is up, but line protocol is not up. I believe my other 3750 works because of the trunks to the 2950s - (kind of seeing them as the physical ports).
Does this need more clarification?
Thanks!
02-07-2013 10:55 AM
Can you do a show vlan and paste the results?
02-07-2013 12:58 PM
The output for that specific vlan is...
222 Management Active
There are not ports assigned to it, so the results are as I would expect them to be. The results on the switch where I can actually access the vlan ip for management look the same. The only difference is the trunks exist with vlan222.
02-07-2013 02:49 PM
Looks like you defined your vlan by initially issuing the command "vlan 222" (correct?)
Can you do a show run int XXXX where XXXX is the interface used for the trunks.
Did you tag a native vlan on the trunk and tag trunks that interface for the user/other vlans?
interface GigabitEthernetXXXXX
description TRUNK PORT TO XXX SWITCH
switchport trunk encapsulation dot1q
switchport trunk native vlan 222( MGT)
switchport trunk allowed vlan 222,100,200,300,400
switchport mode trunk
no shut
pm me your whole show run for both devices
02-07-2013 03:11 PM
As I mentioned earliewr, you need to bring up your SVI in the Management VLAN id 222. the layer 3 interface - not the layer 2 VLAN.
conf t
int vlan 222
ip address
no shut
end
An SVI will not automatically come up when created. It needs to be "no shut".
02-07-2013 07:37 PM
Loren,
In order to get your protocol up then your vlan needs to be active on a physically up port. So add your vlan to the trunk and you should be good. If it is on the truck do a show interest trunk command and make sure it is active and not being pruned. That would be your best method for a management vlan.
Toby
Thanks and please rate any helpful posts.
Sent from Cisco Technical Support Android App
02-07-2013 07:39 PM
Auto correct sucks that command again is
Show interface trunk
Sent from Cisco Technical Support Android App
02-08-2013 03:46 AM
There is no trunk set on this switch. The 3750s are connected via a layer 3 etherchannel and the one that has the 2950s trunked has no issue. So, where there is no trunk and no physical port I can't get the vlan to come up. What if I assigned the management port f0 to the vlan and physically plugged it into another port -- looped?
02-12-2013 05:49 AM
Maybe I need to go about this differently then. If I make the layer 3 etherchannel connection between the two 3750 switches a trunk and allow the management vlan it will allow the management vlan to come up. My question then changes to routing layer 3 routed ports over the trunk. For example at the moment I have a layer 3 routed port on each switch and static routes over the layer3 etherchannel to allow communications.
SW1
int port-channel1
ip 10.11.11.1
int g1/0/1
ip 10.10.10.1
int vlan 222
ip 10.10.222.1
***************************
SW2
int port-channel1
ip 10.11.11.2
int g1/0/48
ip 172.22.22.1
**************************
So, if I make Port-Channel1 a trunk how do I route traffic entering SW2 via 172.22.22.1 to SW1 vlan222 or routed port g1/0/1?
Thanks!
02-12-2013 08:43 PM
Loren,
First your going about this wrong. You don't need to tear apart your L3 port channel just to get a management vlan to come up. Get rid of the management vlan all together (it is only being used to remotely access the switch). Replace that with a loopback interface:
Config t
!
Interface loopback0
IP address x.x.x.x 255.255.255.255
!
This will act as an always up interface. You should never plug a loopback cable into a port just to get a vlan up. When possible use a trunk in your case you don't have any redundant switch to trunk to so use the loopback0 interface instead. Does this help? Is there a specific reason you need that vlan to work? If so pleas e let me know and we can look at other options, but sounds like you just need a management interface and the loopback interface works great for that.
Toby
Sent from Cisco Technical Support Android App
02-13-2013 05:27 AM
Thanks Toby, that's exactly what I needed. I'm used to 2950s where the loopback isn't used.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide