Can ping VLAN on switch but device does not get IP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-25-2019 07:44 AM - edited 06-25-2019 07:46 AM
Hi
I have just moved my WAP I was testing. I defined the vlan on the core and gave it l3 routing. Defined the vlan manually on the switch and put the switchport to native port for vlan 90. I can ping the native vlan from the switch but the device does not get an IP !
I configured this on another switch in testing and it worked perfectly, so confused why I am having trouble.
The only thing I can see is that when I issue show vlan , vlan 90 is not showing up on the port.
Switchport Config WAP
Building configuration...
Current configuration : 124 bytes
!
interface GigabitEthernet1/0/10
description ***Unifi WAP***
switchport trunk native vlan 90
switchport mode trunk
end
#sh running-config interface vlan 90
Vlan config edge switch vlan 90
Building configuration...
Current configuration : 70 bytes
!
interface Vlan90
no ip address
ip helper-address <dhcp svr>
end
Uplink Port to core
#sh running-config interface te1/0/1
Building configuration...
Current configuration : 220 bytes
!
interface TenGigabitEthernet1/0/1
description **UPLINK**
switchport trunk allowed vlan 51,90,100-110,115,301-312,410,510-512,598,599
switchport trunk allowed vlan add 700,710-713,911,912
switchport mode trunk
end
finally edgeswitch
#sh interfaces trunk
Port Mode Encapsulation Status Native vlan
Gi1/0/10 on 802.1q trunking 90
Te1/0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi1/0/10 1-4094
Te1/0/1 51,90,100-110,115,301-312,410,510-512,598-599,700,710-713,911-912
Port Vlans allowed and active in management domain
Gi1/0/10 1,3,5-6,51,90-91,100-107,109-110,115,215,301-306,312,322,410-411,510-512,599-600,700,710-714,911-912
Te1/0/1 51,90,100-107,109-110,115,301-306,312,410,510-512,599,700,710-713,911-912
Port Vlans in spanning tree forwarding state and not pruned
Gi1/0/10 1,3,5-6,51,90-91,100-107,109-110,115,215,301-306,312,322,410-411,510-512,599-600,700,710-714,911-912
Te1/0/1 51,100-107,109-110,115,301-306,312,410,510-512,599,700,710-713,911-912
As you can see vlan 90 is not assigned to a port!
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Te1/0/2
3 VLAN0003 active
5 VLAN0005 active
6 **LEGACY_ADMIN** active
51 Wireless_MGT active Gi1/0/6, Gi1/0/17, Gi1/0/18, Gi1/0/20, Gi1/0/22, Gi1/0/34, Gi1/0/37, Gi1/0/42, Gi1/0/43, Gi1/0/44, Gi1/0/45, Gi1/0/47
Gi1/0/48
90 VLAN0090 active
91 VLAN0091 active
100 iLO active
101 iSCSI active
102 HYPER-V_MGT active
103 DOMAIN_CONTROLLERS active
104 TS_SERVERS active
105 MAIL_SERVER active
106 MIS_SERVERS active
107 FILE_PRINT_BKP active
109 HYPER-V_FAILOVER active
110 TMG active
115 DMZ active
215 VLAN0215 active
- Labels:
-
LAN Switching
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-25-2019 08:05 AM
Hello,
the ip helper-address has to be configured under a L3 interface with a valid IP address or DHCP relay function cannot work.
you have
interface Vlan90
>>>>no ip address
ip helper-address <dhcp svr>
end
either you shut interface vlan 90 on this switch or you provide it a valid IP address in the correct subnet.
trunk port are not listed in the show vlan output
you need to check allowed vlan with
show interface trunk
look at last section VLANs allowed and in STP forwarding state.
Hope to help
Giuseppe
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2019 05:23 AM
Thank you
I was copying on my second edgeswitch what I had working on the first switch I set the AP up with.
So the vlan on the core is
interface Vlan90
description ***Unifi APs***
ip address 172.22.90.1 255.255.255.0
ip helper-address 172.22.76.5
!
I shutdown the vlan interface on the edgeswitch and still nothing.
The sh int trunk from the problematic edgeswitch is included, this is the only difference that the vlan is not showing up on the uplink Te1/0/1 in the "Port Vlans in spanning tree forwarding state and not pruned" as well as not showing up in sh vlan
Something I have fundamentally got wrong here.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2019 05:25 AM
Thank you for the assistance. This is the setup on the first switch I got the WAP working on VLAN 90
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/0/18, Te1/0/2, Te2/0/1, Te2/0/2
3 VLAN0003 active
5 VLAN0005 active
6 **LEGACY_ADMIN** active
51 Wireless_MGT active Gi1/0/4, Gi1/0/5, Gi1/0/13, Gi1/0/21, Gi1/0/35
#sh running-config interface vlan 90
Building configuration...
Current configuration : 70 bytes
!
interface Vlan90
no ip address
ip helper-address 172.22.76.5
end
#sh run
#sh running-config int
#sh running-config interface gi1/0/18
Building configuration...
Current configuration : 125 bytes
!
interface GigabitEthernet1/0/18
description **AP TEST PORT**
switchport trunk native vlan 90
switchport mode trunk
end
90 VLAN0090 active Gi1/0/16, Gi1/0/17, Gi1/0/19
91 VLAN0091 active
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2019 06:30 AM - edited 06-26-2019 06:33 AM
Hello dazza007,
>> The sh int trunk from the problematic edgeswitch is included, this is the only difference that the vlan is not showing up on the uplink Te1/0/1 in the "Port Vlans in spanning tree forwarding state and not pruned" as well as not showing up in sh vlan
---> Vlan 90 does not exist in vlan database of edge switch
so do the following
a) create L2 Vlan 90
config t
vlan 90
name DATA90
exit
check again using
show vlan 90
and show interface trunk
now vlan 90 should exist be active and in the list of permitted Vlans not pruned and in STP forwarding state
(wait a minute to make STP in Vlan 90 to converge before issueing show interface trunk)
at this point if you want you can also add an SVI inteface Vlan 90 with appropriate different IP address
interface vlan 90
ip address 172.22.90.2 255.255.255.0
ip helper-address 172.22.76.5
no shut
!
check show interface vlan 90 it should be up/up
Hope to help
Giuseppe
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2019 08:43 AM
I agree that the configuration of vlan 90 having no ip address and having an ip helper-address configured is quite odd and will not work as seems intended. If the original poster on purpose has not assigned an IP address (which may be ok) then he should remove the helper-address from that interface since it is doing nothing.
There seems some concern about vlan 90 not having any ports assigned. Based on the limited information provided so far I believe that this is the correct behavior. What we have seen so far suggests that the WAP is connected on a trunk port with the native vlan set as vlan 90. So any frame sent untagged from the WAP will be processed in vlan 90. For a vlan to have a port assigned there must be at least one access port assigned to vlan 90 and that port must have an active device connected to it. What we have seen so far suggests that no port with an active device is assigned to vlan 90 and so the vlan not having any port assigned is the expected behavior.
I would like to see an explanation of this topology. The WAP is connected to some switch on a trunk port. What is that switch connected to?
One interesting test would be on the device that has vlan 90 configured with an IP address and with an ip helper-address configured to do show mac address table and look to see if the mac address of the WAP shows up.
HTH
Rick
Rick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2019 01:37 PM
thank you,Indeed the wap needs a trunk to pass the traffic through untagged on a native vlan 90.
I setup this config, set vlan on core with l3 routing ip address and helper, tagged ports on core and tagged ports on first switch uplink and wap port with vlan 90 and set a vlan manually on edgeswitch the worked. so when transferring all settings to a second switch I was confused.
The unifi radius assigned vlans setup requires native vlan on wap port and uplink port.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2019 01:31 PM
indeed thank you
I removed the vlan 90 on the edge switch and created it as you said and got "VTP VLAN configuration not allowed when device is in CLIENT mode."
I thought that the vlan is on the core switch? Evidently I have completely misunderstood!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-15-2019 05:52 AM
I have added the vlan 90 to the edgeswitch with an IP Address and a
Vlan 90 is now in STP forwarding state and not pruned. :)
Port Vlans in spanning tree forwarding state and not pruned
Gi1/0/10 1,3,5-6,51,90-91,100-107,109-110,115,215,301-306,312,322,410-411,510-512,599-600,700,710-714,911-912
Te1/0/1 51,100-107,109-110,115,301-306,312,410,510-512,599,700,710-713,911-912
Can get mac address of device on edgeswtich but no ip address from core... using sh ip arp | include <mac>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2019 05:12 AM
Ok solved my issue by switching switch..
On another switch I set the port to trunk native and uplink to allow vlan 90
Did not create vlan on this switch, this came via vtp from core
Now how do I figure out why the switch is not getting the vlan information from the core ?
There are 20 odd other WAPs, phones and computers connected on this switch that is causing me problems that seem get their vlan information from the core..
