Solved: 3750x Management LAN/IP Connectivity

loren.anuszewski · ‎02-07-2013

I have created a management vlan on my network of 2950 and 3750 switches. One 3750 has a trunk to each of the 2950 switches which includes the management VLAN. On that 3750 the vlan and line protocol are both up even though there is no specific port assigned to the vlan; I believe the trunk connections allow the vlan line protocol to come up. On another 3750 stack I have my VLAN defined with no ports designated or trunks; the VLAN is up however the line protocol is down. Is there an easy solution for this?

Thanks!

tobyarnett · ‎02-12-2013

Loren,

First your going about this wrong. You don't need to tear apart your L3 port channel just to get a management vlan to come up. Get rid of the management vlan all together (it is only being used to remotely access the switch). Replace that with a loopback interface:
Config t
!
Interface loopback0
IP address x.x.x.x 255.255.255.255
!

This will act as an always up interface. You should never plug a loopback cable into a port just to get a vlan up. When possible use a trunk in your case you don't have any redundant switch to trunk to so use the loopback0 interface instead. Does this help? Is there a specific reason you need that vlan to work? If so pleas e let me know and we can look at other options, but sounds like you just need a management interface and the loopback interface works great for that.

Toby

Sent from Cisco Technical Support Android App

-Toby

Please don't forget to rate any helpful post.

_____________________________________
There are no great limits to growth because there are no limits of human intelligence, imagination, and wonder.
- Ronald Reagan

View solution in original post

Marvin Rhoads · ‎02-07-2013

I'm not quite following - on the non-working 3750 do you have an SVI created?

You need an access port, a trunk or a layer 3 SVI interface to be up to bring the protocol up. If you have the SVI defined, do a "no shut" on it.

loren.anuszewski · ‎02-07-2013

There is no physical port assigned to the new management vlan, and the vlan itself is up, but line protocol is not up. I believe my other 3750 works because of the trunks to the 2950s - (kind of seeing them as the physical ports).

Does this need more clarification?

Thanks!

Duong Nguyen · ‎02-07-2013

Can you do a show vlan and paste the results?

loren.anuszewski · ‎02-07-2013

The output for that specific vlan is...

222 Management Active

There are not ports assigned to it, so the results are as I would expect them to be. The results on the switch where I can actually access the vlan ip for management look the same. The only difference is the trunks exist with vlan222.

Duong Nguyen · ‎02-07-2013

Looks like you defined your vlan by initially issuing the command "vlan 222" (correct?)

Can you do a show run int XXXX where XXXX is the interface used for the trunks.

Did you tag a native vlan on the trunk and tag trunks that interface for the user/other vlans?

interface GigabitEthernetXXXXX

description TRUNK PORT TO XXX SWITCH

switchport trunk encapsulation dot1q

switchport trunk native vlan 222( MGT)

switchport trunk allowed vlan 222,100,200,300,400

switchport mode trunk

no shut

pm me your whole show run for both devices

Marvin Rhoads · ‎02-07-2013

As I mentioned earliewr, you need to bring up your SVI in the Management VLAN id 222. the layer 3 interface - not the layer 2 VLAN.

conf t

int vlan 222

ip address

no shut

end

An SVI will not automatically come up when created. It needs to be "no shut".

tobyarnett · ‎02-07-2013

Loren,

In order to get your protocol up then your vlan needs to be active on a physically up port. So add your vlan to the trunk and you should be good. If it is on the truck do a show interest trunk command and make sure it is active and not being pruned. That would be your best method for a management vlan.

Toby

Thanks and please rate any helpful posts.

Sent from Cisco Technical Support Android App

-Toby

Please don't forget to rate any helpful post.

_____________________________________
There are no great limits to growth because there are no limits of human intelligence, imagination, and wonder.
- Ronald Reagan

tobyarnett · ‎02-07-2013

Auto correct sucks that command again is

Show interface trunk

Sent from Cisco Technical Support Android App

-Toby

Please don't forget to rate any helpful post.

_____________________________________
There are no great limits to growth because there are no limits of human intelligence, imagination, and wonder.
- Ronald Reagan

loren.anuszewski · ‎02-08-2013

There is no trunk set on this switch. The 3750s are connected via a layer 3 etherchannel and the one that has the 2950s trunked has no issue. So, where there is no trunk and no physical port I can't get the vlan to come up. What if I assigned the management port f0 to the vlan and physically plugged it into another port -- looped?

loren.anuszewski · ‎02-12-2013

Maybe I need to go about this differently then. If I make the layer 3 etherchannel connection between the two 3750 switches a trunk and allow the management vlan it will allow the management vlan to come up. My question then changes to routing layer 3 routed ports over the trunk. For example at the moment I have a layer 3 routed port on each switch and static routes over the layer3 etherchannel to allow communications.

SW1

int port-channel1

ip 10.11.11.1

int g1/0/1

ip 10.10.10.1

int vlan 222

ip 10.10.222.1

***************************

SW2

int port-channel1

ip 10.11.11.2

int g1/0/48

ip 172.22.22.1

**************************

So, if I make Port-Channel1 a trunk how do I route traffic entering SW2 via 172.22.22.1 to SW1 vlan222 or routed port g1/0/1?

Thanks!

tobyarnett · ‎02-12-2013

Loren,

First your going about this wrong. You don't need to tear apart your L3 port channel just to get a management vlan to come up. Get rid of the management vlan all together (it is only being used to remotely access the switch). Replace that with a loopback interface:
Config t
!
Interface loopback0
IP address x.x.x.x 255.255.255.255
!

This will act as an always up interface. You should never plug a loopback cable into a port just to get a vlan up. When possible use a trunk in your case you don't have any redundant switch to trunk to so use the loopback0 interface instead. Does this help? Is there a specific reason you need that vlan to work? If so pleas e let me know and we can look at other options, but sounds like you just need a management interface and the loopback interface works great for that.

Toby

Sent from Cisco Technical Support Android App

-Toby

Please don't forget to rate any helpful post.

_____________________________________
There are no great limits to growth because there are no limits of human intelligence, imagination, and wonder.
- Ronald Reagan

loren.anuszewski · ‎02-13-2013

Thanks Toby, that's exactly what I needed. I'm used to 2950s where the loopback isn't used.