11-13-2020 10:24 AM
Hi,
I am a long way from being an expert, but have read up before posting here
I have an unusual application where a switch connects to a number of endpoints, some belong to vlans, others dont. (lets say we are using vlans 2 & 3) or nothing.
I have a an upstream gateway that needs to receive 2 different physical connections, one with tagged data only (vlans 2 & 3) and one with everything apart from the tagged data (i.e vlans 2 & 3 excluded)
I though this would work, but no !
Interface 1 All traffic except tagged vlans
configure t
int gi1
switchport mode trunk
switchport trunk allowed vlan remove 2, 3
no shut
end
Interface 2 vlans tagged traffic only
configure t
int gi2
switchport mode trunk
switchport trunk allowed vlan remove 1
switchport trunk allowed vlan 2,3
no shut
end
Unfortunately i don't see the tagged traffic appearing on interface 2
Any ideas, pointer, advice welcome
11-13-2020 02:10 PM - edited 11-13-2020 02:11 PM
Just a quick question is this interface 1 and 2 connected? each other?
tagged in cisco world example : ( rest off traffic under by default native vlan 1, if you do not have mentioned any native vlan)
int gi2
switchport mode trunk
switchport trunk allowed vlan 2,3
11-13-2020 02:58 PM
I have a couple of comments and suggestions:
- you say some endpoints belong to vlans others don't Unless a switchport is configured as a trunk or is configured with no switchport (which makes it a routed interface) then every switch port is in some vlan. If no vlan is specified then the port belongs in vlan 1. Can you clarify whether you have some routed interfaces configured or just ports belonging to vlan 1?
- your configuration of the interface for not tagged traffic is much more complicated than it needs to be
int gi1
switchport mode trunk
switchport trunk allowed vlan remove 2, 3
no shut
on the trunk any untagged frames would belong to vlan 1. If this switch had some other vlan (either existing now or added at some point) this trunk would be carrying tagged traffic and your expectation was that only untagged traffic would be carried. Your objective could be achieved simply by configuring this interface as an access port in vlan 1.
- it is interesting that you are not seeing tagged traffic on interface 2. Would you post the output of these commands
show interface status
show interface trunk
11-14-2020 02:41 AM
Thanks for your reply
I have some more testing to do but i think i have got to bottom of the problem.
And yes i can strip our some commands to make things a but neater, thank you
The untagged traffic needs to enter the switch on a Trunk port (this ensures it gets a vlan tag for the native vlan), by default for ports were all access ports.
Hope this helps someone else
Keith
11-14-2020 06:11 AM
Glad all working as expected, that what we have explained. you need to TAG and UNTAG to get in to right VLAN, If not they fall under VLAN 1 Default.
11-14-2020 02:40 AM
Thanks for your reply
I have some more testing to do but i think i have got to bottom of the problem.
The untagged traffic needs to enter the switch on a Trunk port (this ensures it gets a vlan tag for the native vlan), by default for ports were all access ports.
Hope this helps someone else
Keith
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide