Re: 3550 802.1q VLAN Problem.

jason.chin · ‎03-08-2005

Hi, I am having a problem passing 802.1q vlan-tagged packets through a 3550 switch, it works fine with a Catalyst 2900XL but not with the Catalyst 3550. The 2900XL is pretty much default having only an IP Address and a MTU value increase configured.

We provide wireless connectivity to businesses, so assume we wanted to connect a companies North and South branch offices, we would install a wireless device at both the offices. The wireless devices at both the CPs would add a specified 802.1q vlan-tag to any data passing outbound through it and remove the specified 802.1q vlan-tag from any data passing inbound through it. While the packet is still tagged is passes through our Wireless Network which includes passing through multiple Cisco 2900XL switches. The 2900XL passes the 802.1q vlan-tagged packets without any problems however the 3550's do not. Are there any additional configurations I may need to add to allow all vlan to pass through the 3550 Series Switch??

a-vazquez · ‎03-14-2005

To the best of my knowledge, a trunk is a point-to-point link that sends and receives traffic between switches, or between switches and routers. Trunks carry the traffic of multiple VLANs and can extend VLANs across an entire network. 100Base-T and Gigabit Ethernet trunks use Cisco Inter-Switch Link Protocol (ISL), the default protocol, or industry standard IEEE 802.1q, to carry traffic for multiple VLANs over a single link.

IEEE 802.1q trunks impose these limitations on the trunking strategy for a network:

If the native VLAN on one end of the trunk is different from the native VLAN on the other end, Spanning Tree Protocol (STP) loops might result. Therefore, the native VLAN for an 802.1q trunk must be the same on both ends of the trunk link.

Disabling the STP on the native VLAN of an 802.1q trunk without disabling STP on every VLAN in the network can potentially cause STP loops. It is recommended that you leave STP enabled on the native VLAN of an 802.1q trunk, or disable STP on every VLAN in the network. Make sure your network is loop free before disabling STP.

The best practice is to leave STP on so that it can detect loops that might otherwise cause serious network problems

jason.chin · ‎03-14-2005

Hi Anthony, thanks for the response. However im not sure what you are recommending. Is it disable spanning tree for all vlans except the native vlan (VLAN 1). We dont use spanning tree, so its no problem.

aashish.c · ‎03-14-2005

Hi,

When the packets leave site A from switch it gets trunked because the link bewteen switch and wireless bridge has to be a trunk link (assuming switch and AP has multiple vlans). The packets are then sent from A wireless bridge to B wireless bridge witl dot1q tag and again on site B the link between bridge and switch should be trunk link.

packets get un-encapsulated and sent to different vlans.

there is not fucntional difference about trunking between 2900xl and 3550. both works the same way. thin the link between wireless bridge and switch is an access link not trunk link.

It has to be trunk link.

Kindly update for furtehr queries.

Thanks

aashish C

amikat · ‎03-14-2005

Hi,

I am not sure I understand the topology.

You say the 2924XL is set to default. Default port settings with this box are static access (vlan 1), ie. untagged. This seems to be in contradiction with your specification you want dot1d tagged. Cat3550 on the contrary has default dynamic desirable, ie. this will form trunk with trunk, desirable and auto automatically (ie. tagged). Even then the native vlan remains untagged. To set the Cat3550 port to the same setting as Cat2924XL default you should specify "switchport mode access".In any case you should be able to configure the same port setting with Cat3550 as with Cat2924XL. I only hope that your Cat2924XL is not working with "switchport mode multi" which is the mode new Cats do no support.

Best regards,

Antonin

jason.chin · ‎03-15-2005

Hi Antonin, I tried as you recommended, specifying "switchport mode access" but it did not work. I have pasted a "show interface f0/* switchport" copied from the 2924XL:

#show interfaces f0/1 switchport

Name: Fa0/1

Switchport: Enabled

Administrative mode: static access

Operational Mode: static access

Administrative Trunking Encapsulation: isl

Operational Trunking Encapsulation: isl

Negotiation of Trunking: Disabled

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)

Trunking VLANs Enabled: NONE

Pruning VLANs Enabled: NONE

Priority for untagged frames: 0

Override vlan tag priority: FALSE

Voice VLAN: none

Appliance trust: none

#

If I were to replace the 3550 with 2924XL it works perfectly but does not when i swap back. So that rules out my other hardware devices. Basically all we need the 3550 to do is forward all vlan packets on all ports regardless of Vlan ID, our wireless equipment will handle tagging and untagging. If you need anything else to assist me in resolving this issue let me know, a "show run", a "show tech-support", etc.

Regards,

Jason

amikat · ‎03-15-2005

Hi,

Thanks for the reply.

Before we go any further just one thing to be sure. You mentioned in your first post you have changed mtu - does that mean you changed mtu for the default vlan? If so, have you done the same with Cat3550?

Can you please post the "sh vlan" output from both Cat2924XL and Cat3550 and also "sh int" and "sh int switchport" from Cat3550 if possible. Feel free to filter any sensitive information.

Thanks & Regards,

Antonin

jason.chin · ‎03-15-2005

Hi Antonin,

I changed the MTU on the 2924XL with the "mtu 1528" on each Fast Ethernet Interface. On the 3550 I used the "system mtu 1528" Global Command. I have attached the requested information for only 2 interfaces as its basically the same on the other 22.

-Jason

amikat · ‎03-15-2005

Hi,

Thanks for the information provided. I will set up the lab and check when in my office tomorrow.

Is there any reason the ports are set up as half duplex and 10Mbps with Cat3550? Can you please try with "duplex full" and "speed 100".

Thanks & Regards,

Antonin

jason.chin · ‎03-15-2005

Hi, all of our wireless hardware is 10Mbps / Half Duplex.

-Jason

jason.chin · ‎03-15-2005

Hi Antonin, Ive put together a rough diagram of what our wireless network topology looks like. The JPEG attached represents one of our sites which normally connnects about 20 to 50 customers over a radius of a couple miles. We have multiple sites like these all over the country with are interconnected by wireless Backbones. So if a customer's head office is at one end of the country and wants to connect a branch office at the other end of the country its no problem.

-Jason

jason.chin · ‎03-15-2005

Forgot the attachment. :)

amikat · ‎03-15-2005

Hi,

Thanks for the information provided.

One more question to ask before I go for lab setup (sorry to keep you asking): will you please post the IOS version you are using with Cat2924XLs.

Thanks & Regards,

Antonin

jason.chin · ‎03-16-2005

Hi, we are using Version 12.0(5.2)XU on the Cat2924XL.

-Jason

amikat · ‎03-16-2005

Hi,

Thanks for the information provided.

I did a bit of testing. While I am still only guessing how your wireles AP are configured I have found rather significant difference as for the behaviour of Cat2924XL and Cat3550 if the other end is configured as dot1q trunk (even if it operates via vlan1 only). While Cat2924XL is quite happy to connect with static access (default), the Cat3550 refuses to connect with switchport mode access. The reason seems to be STP implementation.

So provided you are not yet tired by suggestions which yield no progress will you please try to configure Cat3550 interfaces like this:

Switch(config)#int fa0/1

Switch(config-if)#sw tr enc dot1q

Switch(config-if)#sw mode tr

Switch(config-if)#sw noneg

Also please make sure you have reloaded the box after applying "system mtu" command.

I am sorry I cannot provide any other suggestion at the moment. Any feedback as for the result will be appreciated.

Best regards,

Antonin