cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1956
Views
0
Helpful
7
Replies

Cisco 3560G as Layer 3 device for Bellsouth Metro E

kbrown001
Level 1
Level 1

We are replacing old frame relay lines that connect my companies 4 facilities with metro E so it looks like this (presumably)

My cisco reseller and bellsouth told me that the cisco 3560g was a layer 3 switch and would fine for the metro (hopefully they were right)

                                      subnet D

                                           |

                                           |

                                         rtr d 

                                           |

                                           |

subnet A  ---- rtr A -------metro E -----------rtr B ----- Subnet B
                                           |
                                           |
                                         rtr c
                                           |
                                           |
                                       subnet C

Subnet A 150.50.1.x /24

Subnet B 150.50.2.x /24

Subnet C 150.50.3.x /24

Subnet D 150.50.5.x /24

The metro line at each site is a fiber that comes in and Bellsouth has told me that the traffic needs to be "tagged" and that it is on their VLAN339

We don't need seperate VLANS so I can just use vlan1 for everything internal.

I've been working on trying to get Site A and Site B talking for about a week now and I can't figure out what i'm doing wrong/missing.

I was hoping somebody here might have some thoughts on what i'm doing wrong.

----------------------------------------------------------------

Site A config

Current configuration : 2216 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname AdminMetroESwitch
!
enable secret 5 $1$2D7p$RPFdRIf98eP0qK2YUIP5J1
!
no aaa new-model
system mtu routing 1500
ip subnet-zero

ip routing
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1
description To Metro E
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,339
switchport mode trunk
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
!
interface GigabitEthernet0/24
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface Vlan1
description internal
ip address 150.50.1.3 255.255.255.0
!
interface Vlan339
description metro
ip address 150.50.25.1 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 150.50.1.1 <--- Internet Router at Site A
ip route 150.50.2.0 255.255.255.0 150.50.25.2

ip http server
!
!
control-plane
!
!
line con 0
password 7 122E040317192C173D387479
login
line vty 0 4
password 7 122E040317192C173D387479
login
line vty 5 15
password 7 0231054F0E142F325B5D5948
login
!
end

-------------------------------------------------------------

Config for Site 2

Current configuration : 2216 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname MaintMetroSwitch
!
enable secret 5 $1$2D7p$RPFdRIf98eP0qK2YUIP5J1
!
no aaa new-model
system mtu routing 1500
ip subnet-zero

ip routing
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1
description To Metro E
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 339
switchport mode trunk
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
!
interface GigabitEthernet0/24
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface Vlan1
description internal
ip address 150.50.2.3 255.255.255.0
!
interface Vlan339
description metro
ip address 150.50.25.2 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 150.50.1.1 <--- internet router at main office
ip route 150.50.1.0 255.255.255.0 150.50.25.1

ip http server
!
!
control-plane
!
!
line con 0
password 7 122E040317192C173D387479
login
line vty 0 4
password 7 122E040317192C173D387479
login
line vty 5 15
password 7 0231054F0E142F325B5D5948
login
!
end

-------------------------------------------------------------------

at both sites

sho int g0/1 UP, UP

sho int vlan1 UP,UP

sho int vlan339 DOWN,DOWN

can't ping/communicate back and forth as of this config.

What am i missing?

1 Accepted Solution

Accepted Solutions

I apologize, apparently I missed the part in your original description where the provider requires the packets to be tagged.  To tag the packets you will need to configure gig 0/0 as a trunk as you had it. 

interface GigabitEthernet0/1

description To Metro E

switchport access vlan 339

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 339

switchport mode trunk

!

The only changes I would make is only allow vlan 339 (remove 1) and add switchport access vlan 339.

This will bring int vlan 339 up, and it will also tag packets leaving G0/1 with vlan 339.

View solution in original post

7 Replies 7

Timothy Stewart
Cisco Employee
Cisco Employee

I suspect the issue is with the trunking.  I do not think you need to configure a trunk for the metroE.  Instead, you should make the gig port a access port and place it into vlan 339.  Additionally, you need to either use  a routing protocol or setup static routes.  Here's what I believe your configurations should look like:

Site A config:

--------------------

interface GigabitEthernet0/1

description To Metro E

switchport mode access

switchport access vlan 339

!

interface Vlan1
description internal
ip address 150.50.1.3 255.255.255.0
!
interface Vlan339
description metro
ip address 150.50.25.1 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 150.50.1.1 <--- Internet Router at Site A
ip route 150.50.2.0 255.255.255.0 150.50.25.2

Site B config:

-------------------

interface GigabitEthernet0/1

description To Metro E

switchport mode access

switchport access vlan 339

!

interface Vlan1
description internal
ip address 150.50.2.3 255.255.255.0
!
interface Vlan339
description metro
ip address 150.50.25.2 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 150.50.25.1 <--- internet router at main office - needs to point to direct neighbor
ip route 150.50.1.0 255.255.255.0 150.50.25.1

ip http server

Let us know if this works.


Tim

So i made the changes you suggested.

VLAN339 did change to UP/UP

G0/1 is UP/UP

however vlan1 is UP/DOWN

i do have the static routes in the switches (ip route 150.50.1.0 255.255.255.0 150.50.25.1 in switch 2 for example) and sho ip route indicates that subnet 150.50.25.0 is connected (C) through vlan339

i was at site 2 and i tried to ping 150.50.25.1 (vlan339 interface) and 150.50.1.3 (vlan1 interface) at site 1 and it did not work.  still appears there is some sort of communication issue.

I apologize, apparently I missed the part in your original description where the provider requires the packets to be tagged.  To tag the packets you will need to configure gig 0/0 as a trunk as you had it. 

interface GigabitEthernet0/1

description To Metro E

switchport access vlan 339

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 339

switchport mode trunk

!

The only changes I would make is only allow vlan 339 (remove 1) and add switchport access vlan 339.

This will bring int vlan 339 up, and it will also tag packets leaving G0/1 with vlan 339.

Ok, after a lot of driving back and forth today we have communication.

Here are the configs, it DID need to be a trunk link but i was missing one line in the config for int g0/1

Site A config

Current configuration : 2216 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname AdminMetroESwitch
!
enable secret 5 $1$2D7p$RPFdRIf98eP0qK2YUIP5J1
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1
description To Metro E
switchport access vlan 339 <--------- This is what was missing before
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 339
switchport mode trunk
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
!
interface GigabitEthernet0/24
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface Vlan1
description internal
ip address 150.50.1.3 255.255.255.0
!
interface Vlan339
description metro
ip address 150.50.25.1 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 150.50.1.1 <--- Internet Router at Site A
ip route 150.50.2.0 255.255.255.0 150.50.25.2

ip http server
!
!
control-plane
!
!
line con 0
password 7 122E040317192C173D387479
login
line vty 0 4
password 7 122E040317192C173D387479
login
line vty 5 15
password 7 0231054F0E142F325B5D5948
login
!
end
------------------------------------------------------

Site B config

Current configuration : 2216 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname MaintMetroSwitch
!
enable secret 5 $1$2D7p$RPFdRIf98eP0qK2YUIP5J1
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1
description To Metro E
switchport access vlan 339 <--------- This is what was missing before
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 339
switchport mode trunk
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
!
interface GigabitEthernet0/24
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface Vlan1
description internal
ip address 150.50.2.3 255.255.255.0
!
interface Vlan339
description metro
ip address 150.50.25.2 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 150.50.25.1 <--- Internet Router at Site A
ip route 150.50.1.0 255.255.255.0 150.50.25.1

ip http server
!
!
control-plane
!
!
line con 0
password 7 122E040317192C173D387479
login
line vty 0 4
password 7 122E040317192C173D387479
login
line vty 5 15
password 7 0231054F0E142F325B5D5948
login
!
end
--------------------------------------------------------------------------------

         So here is a diagram of the test environment

                               Laptop 150.50.1.10
                                              |
                                              |
                                VLAN1 150.50.1.3
                                   Site A Switch
                              VLAN339 150.50.25.1
                                              |
                                              |
                       BELLSOUTH METRO VLAN339
                                              |
                                              |
                              VLAN339 150.50.25.2
                                   Site B Switch
                                VLAN1 150.50.2.3
                                              |
                                              |
                               Laptop 150.50.2.10

---------------------------------------------------------------------------------

So when everything was plugged in I could ping from laptop to laptop, router to router, laptop to router, router to
laptop.  It all seemed to be working great then all the sudden i notice in the hyperterm console window that
vlan339 suddenly changed line protocol to DOWN.... then a few seconds later it came back up.

ok no big deal, so i continue testing, again it goes down.... 20 seconds later back up.

1 minute later it goes down again... then back up.

Does that sound like an issue with Bellsouth's service?  or is there something in the switch config thats causing confusion/loops/storms whatever?

Glad it's working, well at least somewhat working Is the vlan interface flapping every minute, or is it some what random?  Is the gig0/1 also flapping?  Can you attach a show interface gig 0/1, show interface vlan 339, and a example of a few interface flaps from the show log?  The show interface will help us determine what is causing the flaps.


Thanks


Tim

Well i did testing all day friday and more today and i think the problem was with the service provider because i have not been able to re-create the problem since it happened.  I ran continual pings for hours all while i was dialing in and out of the switches via console/telnet/remotely and had no interuption of service at all.  The provider is finishing installation of their termination equipment at our other 2 facilities in the next week or so so i'll let you know what happens once i get all 4 metro switches up and running.  but it appears that you saved the day for me with the switchport access vlan 339 line in the interface config so thanks again!!

so all the sites are now up on metro (A, B, C, and D.)  Everything is working properly no communication issues to speak of.  However I did notice one thing after a few weeks of operation.  The port on the switches at the sites that is connected to bellsouths equipment (which is port 1 on all of them) is alternating between blinking green and blinking amber/green.  I checked the interface and I am getting a good amount of collisions on ALL the metro ports at all sites.  About half of the collisions are Late collisions as well but i am not seeing any excessive collision warnings.  I did notice that the duplex auto-sensing is setting the port to Half duplex instead of full.  I tried force setting it to Full but then the link went down so i guess it needs to be at half.  Should I just disregard the collisions since there are no problems being caused by them or is there some issue that needs to be taking care of.  Its just the metro ports with collisions, no internal ports anywhere are showing collisions.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: