09-22-2007 10:44 PM
Hi all.
Im trying to learn the basics of vlans and trunking. Im trying to do it by-the-book, just to get a grip on how it all works but i keep failing on this simple task : (. I have a Cisco freshly resetted 2940 with 3 VLANs:
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/9, Gi0/1
10 external active
20 internal active Fa0/7
30 guests active Fa0/8
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
So, for example i want vlan 30 (port 8) to be able to surf thru the gateway (port 1, vlan 10). That would mean that port 1 has to be a trunk port (?). I set it up:
(conf t - int fast 0/1)
switchport access
switchport mode trunk
switchport mode trunk allowed vlans 10,20,30
Here i allow all vlans just to make sure i don't do any easy misstakes. But when i ping from port 8 i can't get out thru the gateway, somethings is wrong or missing.
When i take a look at the vlans i see that one is shutdown, when i try to make it no shutdown the other goes down, like this:
00:35:42: %LINK-3-UPDOWN: Interface Vlan10, changed state to up
00:35:43: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up
Switch(config-if)#interface vlan 30
Switch(config-if)#no shu
Switch(config-if)#
00:35:53: %LINK-3-UPDOWN: Interface Vlan30, changed state to up
00:35:53: %LINK-5-CHANGED: Interface Vlan10, changed state to administratively down
00:35:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan30, changed state to down
00:35:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to down
What am i doing wrong? I have active links on VLAN 10 and VLAN 30, they should both be able to stay active?
All help are greatly apreciated!
thx.
Oh, my conf:
Switch#sh run
Building configuration...
Current configuration : 1165 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
ip subnet-zero
!
vtp mode transparent
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
vlan 10
name external
!
vlan 20
name internal
!
vlan 30
name guests
!
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/2
switchport access vlan 10
!
interface FastEthernet0/3
switchport access vlan 10
!
interface FastEthernet0/4
switchport access vlan 10
!
interface FastEthernet0/5
switchport access vlan 10
!
interface FastEthernet0/6
switchport access vlan 10
!
interface FastEthernet0/7
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/8
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/9
!
interface GigabitEthernet0/1
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
interface Vlan10
no ip address
no ip route-cache
shutdown
!
interface Vlan30
no ip address
no ip route-cache
!
ip http server
!
line con 0
line vty 5 15
!
!
end
Switch>sh inventory
NAME: "Switch", DESCR: "Cisco Catalyst c2940 switch with 8 10/100 BaseTX ports, 1 100BASE-FX SM uplink po
rts and 1 SFP (Small Form Factor Plugable) Module slot"
09-23-2007 08:43 AM
Piero
The first and most important thing to understand here is that your switch is a layer 2 switch. Several of your issues are directly related to this fact.
- a layer 2 switch can have only a single active VLAN interface. This is sometimes confusing because the switch can have several active VLANs but a VLAN interface is a layer 3 interface and a layer 2 switch can have only a single layer 3 interface (which is only for management purposes). This explains why when you no shut one VLAN interface the other VLAN interface goes shutdown.
- a layer 2 switch can forward multiple VLANs (and does not need any interface vlan x to do this) but a layer 2 switch can not forward between VLANs and you need a layer 3 device to do intervlan routing. This explains why you ping from porrt 8 but do not get anywhere. There is no layer 3 intervlan routing in what you have told us.
- a layer 2 switch with multiple VLANs will connect to the layer 3 device (could be a router or could be a layer 3 switch) via a trunk port. So your trunk port on your layer 2 switch needs to be the port that connects to the layer 3 device.
HTH
Rick
09-24-2007 06:28 AM
many thx for the excellent answer! I will go on with layer 3 device on the trunk port.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide