Solved: Migrating from NEXUS 9K to SG350XG

TheGoob · ‎03-01-2024

Hello..

With a lot of help I was fortunate to get my whole system [ISR - FPR -NEXUS] configured with
my NAT and ACL's and so on/so forth.
I love the Nexus, and I plan on getting to know it better with some more advanced features,
best I can do in a home scenario that is, but [and I was warned about this] the Nexus is LOUD
as a fleet of M35A2's and my wife is wanting to smash it.
So, I intend on moving everything to the SG350XG, and having the running-configs side to side,
though I know the OS's are quite different, I feel it was/is a pretty simple transition;
And yet, naturally, it is not.

The SG350XG's sole purpose, as was on the Nexus, is this.

vlan 2-7, local on-board SMB routing, and then outbound route for Internet [0.0.0.0 0.0.0.0 172.16.2.1]
Not sure about getting too involved with higher level configuration as only thing that changed from
a working scenario to a non- working scenario is Nexus to SG350XG.
With the following config file, I believe I have done this correctly but the vlans do not even
communicate let alone grab the internet.
DHCP Servers are on ISR and each vlan on SG350 has a 'dhcp relay address 172.16.1.1', as it does, working,
on Nexus.

Mind you I did not come here the second it did not work, as always, I do pride myself in finding solutions
but when I can not, I am also wise enough to stop and ask for help.
For now here is the SG350XG configuration, if the Nexus one is needed to compare to a working environment,
I can post that as well.

v2.5.9.54 / RCBS3.1_930_871_120
!
vlan database
vlan 2-7
!
ip dhcp relay address 172.16.1.1
ip dhcp relay enable
bonjour interface range oob
!
interface vlan 2
 ip address 192.168.1.1 255.255.255.0
 ip dhcp relay enable
!
interface vlan 3
 ip address 192.168.2.1 255.255.255.0
 ip dhcp relay enable
!
interface vlan 4
 ip address 192.168.3.1 255.255.255.0
 ip dhcp relay enable
!
interface vlan 5
 ip address 192.168.4.1 255.255.255.0
 ip dhcp relay enable
!
interface vlan 6
 ip address 192.168.6.1 255.255.255.0
 ip dhcp relay enable
!
interface vlan 7
 ip address 192.168.5.1 255.255.255.0
 ip dhcp relay enable
!
interface TenGigabitEthernet1/0/2
 switchport access vlan 2
 switchport trunk native vlan 2
!
interface TenGigabitEthernet1/0/3
 switchport access vlan 3
 switchport trunk native vlan 3
!
interface TenGigabitEthernet1/0/4
 switchport access vlan 4
 switchport trunk native vlan 4
!
interface TenGigabitEthernet1/0/5
 switchport access vlan 5
 switchport trunk native vlan 5
!
interface TenGigabitEthernet1/0/6
 switchport access vlan 6
 switchport trunk native vlan 6
!
interface TenGigabitEthernet1/0/7
 switchport access vlan 7
 switchport trunk native vlan 7
!
interface TenGigabitEthernet1/0/8
 switchport access vlan 4
 switchport trunk native vlan none
!
interface TenGigabitEthernet1/0/12
 description link_to_fpr
 ip address 172.16.2.2 255.255.255.0
 no switchport
 switchport access vlan none
 switchport trunk native vlan none
!
interface oob
 ip address 10.0.9.1 255.255.255.0
 no ip address dhcp
!
ip default-gateway 172.16.2.1

liviu.gheorghe · ‎03-01-2024

Another thing I noticed and I would remove it from your configuration - on all interfaces TenGigabitEthernet1/0/2 - TenGigabitEthernet1/0/8 you have configured switchport trunk native vlan x , I would remove it.

Also remove ip default-gateway 172.16.2.1 command.

Enter the ip routing and ip route 0.0.0.0 /0 172.16.2.1 from the command line again. Verify that you have your connected routes and the default route correctly in the routing table.

Don't forget to save the config,

Regards, LG
*** Please Rate All Helpful Responses ***

View solution in original post

balaji.bandi · ‎03-01-2024

Some part not clear here is - 172.16.1.1 is your DHCP Server (that know how to reach 172.16.2.2 and other subnet you mentioned in the config.

as suggested change the Default to ip routing.

if the port belong to Access VLAN, you do not need to have Trunk on each port with access vlan, access vlan is good enough to serve single vlan.

check the DHCP config of your product and verification :

https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-small-business-300-series-managed-switches/smb5567-configure-dynamic-host-configuration-protocol-dhcp-relay-set.html

Routed interface and vlan config :

https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-small-business-300-series-managed-switches/smb5653-configure-port-to-vlan-interface-settings-on-a-switch-throug.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

liviu.gheorghe · ‎03-01-2024

Hello @TheGoob ,

In my opinion, your switch is not configured for ip routing.

Enter the command ip routing and then add a static default route pointing to 172.16.2.1:

ip route 0.0.0.0 /0 172.16.2.1

Hope this helps.

Regards, LG
*** Please Rate All Helpful Responses ***

TheGoob · ‎03-01-2024

My friend, in all truth, within the GUI it was indeed checked IP ROUTING, but I did it via CLI anyway.
I can’t explain it. When I plug in my Linux machine 1 vlan at a time, I can ping google etc. when I plug them all in, it all shuts down. They are all plugged in Nexus and works fine, but on this SG, it goes back. Truly I feel the OS is corrupt, cause as I showed it’s all configured right. It’s not a big deal, the nexus works and I'm fortunate for that. I was just trying to get a less energy draining more quiet device.

liviu.gheorghe · ‎03-01-2024

Another thing I noticed and I would remove it from your configuration - on all interfaces TenGigabitEthernet1/0/2 - TenGigabitEthernet1/0/8 you have configured switchport trunk native vlan x , I would remove it.

Also remove ip default-gateway 172.16.2.1 command.

Enter the ip routing and ip route 0.0.0.0 /0 172.16.2.1 from the command line again. Verify that you have your connected routes and the default route correctly in the routing table.

Don't forget to save the config,

Regards, LG
*** Please Rate All Helpful Responses ***

balaji.bandi · ‎03-01-2024

Some part not clear here is - 172.16.1.1 is your DHCP Server (that know how to reach 172.16.2.2 and other subnet you mentioned in the config.

as suggested change the Default to ip routing.

if the port belong to Access VLAN, you do not need to have Trunk on each port with access vlan, access vlan is good enough to serve single vlan.

check the DHCP config of your product and verification :

https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-small-business-300-series-managed-switches/smb5567-configure-dynamic-host-configuration-protocol-dhcp-relay-set.html

Routed interface and vlan config :

https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-small-business-300-series-managed-switches/smb5653-configure-port-to-vlan-interface-settings-on-a-switch-throug.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Ruben Cocheno · ‎03-01-2024

@TheGoob

i think that you missing two commands

config t

ip routing

ip route 0.0.0.0 0.0.0.0 172.16.2.1 metric 1

Tag me to follow up.
Please mark it as Helpful and/or Solution Accepted if that is the case. Thanks for making Engineering easy again.
Connect with me for more on Linkedin https://www.linkedin.com/in/rubencocheno/

TheGoob · ‎03-01-2024

Hello All

I can not say what fixed it, though I do believe it was the fact that the interfaces had 'switchport trunk native vlan x' but I do not want to say for sure. I did indeed do the ip routing and gateway etc, and did not work and then did the removal of switchport.. BUT with that said, I tested so fast between maybe it did not have time to apply. Either way, now all works as it should. I do think it was the switchport nonsense but either way, all the suggestions are put onto notes. TY