Hey,

Switch 3750 config in txt file.

Regards

looks good to me, you have a number of ports in VLAN 50 and some in VLAN 70, and a trunk to your Router, what is the issue?

some tests you could do is ping your router interface from withing VLNA 50 and 70 to see if that works, and see if you can ping betweeen vlans.

cheers

Hey,

I don't know how but i guess ports should be untagged but able to connect to vlan 50,70 through same network it's the way i understand it should work.

Check router & switch config. I don't know how to explain. 

Regards.

Rokas

I am not clear what is the real question you are asking. But clearly it is about a switch with 3 vlans and about tagging the Ethernet frames. So let me explain a few things that I hope will answer your question. And if they do not answer your question then please give clarification about what you are asking.

First let us be clear that tagged frames are sent on a trunk port. When you look at an access port on the switch its frames are always sent without tags. And let us be clear that tagging is applied automatically. It does not take any special configuration to do tagging other than to configure multiple vlans and a trunk that carries multiple vlans.

So if you have a switch that has vlans 1, 50, and 70 and if the switch has a trunk interface that carries 1, 50, and 70 then the switch will automatically apply tags to frames that it forwards over the trunk. The switch will have one vlan for which it sends the frames without tagging (known as the native vlan). By default vlan 1 is treated as the native vlan but that can be changed by a configuration command.

We also need to talk about how vlans communicate with each other. If the switch is operating as a layer 2 switch (IP routing is not enabled) then the switch can forward frames received on an interface to other ports in that vlan. But a layer 2 switch can not forward a frame from a vlan 50 port to a vlan 70 port. For devices in vlan 50 to communicate with other vlans then the frame must be sent to a layer 3 device (could be a layer 3 switch or could be a router) and the layer 3 device can forward from vlan 50 to vlan 70.

Another way of saying this is that if you want a switch to forward traffic between different vlans then that switch must be operating as a layer 3 switch.

HTH

Rick 

Hey rburts ,

This is very helpful thank you for such informative response.

The way you saying it should work is right it should be able to forward traffic between different vlans.

So i'l have to add layer 3 on switch but can i use the same switch? or do i need another device, can you guide through configuring layer 3 switch? 

I understand that i'l have to enable ip routing and set ip address for each vlan.

Regards.

Rokas

Your 3750 should be capable of operating as a layer 3 switch. In global config mode use the command ip routing. Assuming that it is accepted then you need to configure a vlan interface for each vlan and to assign an IP address and subnet mask. That should allow devices in each vlan to communicate with devices in the other vlans.

Note that the devices connected in the vlans will need to have their default gateway set to the IP address in the switch of their vlan.

HTH

Rick

Hey rburts  ,

Alright so i enabled ip routing and added ip addresses and subnet mask on each interface, is this the way it should be i mean about ip address same as router subnet interfaces are set?

interface Vlan1
ip address 10.100.100.1 255.255.255.0
!
interface Vlan50
ip address 10.100.50.1 255.255.255.0
!
interface Vlan70
ip address 10.100.70.1 255.255.255.0

is that enough to forward traffic between different vlans?

Also i don't really understand the note.

Regards.

The vlan configurations look fine. With ip routing enabled the switch should now be doing routing between vlans.

My note is trying to say that for a device in vlan 50 to communicate with a device in the other vlans that you must make sure that its default gateway is set to 10.100.50.1. You must make sure that when the device wants to communicate with a different vlan that it sends the packet to the switch to be forwarded. If the PC in vlan 50 had its default gateway set to 10.100.50.200 it would not be able to communicate with other vlans.

Another way to say that is to say that while the switch is ready to route between vlans that it can not work if the PC does not send its traffic to the switch.

HTH

Rick

00:08:28: %IP-4-DUPADDR: Duplicate address 10.100.100.1 on Vlan1, sourced by 001d.a16f.5b81

on switch i'm getting this issue what should i do?

Regards

Rokas

The IP address 10.100.100.1 is configured as the switch interface. It appears that some other device is also using that address. So the question is why would some other device be using that address? I believe that the answer to that question may be in the config of the router that was in an earlier post. It shows that the router is configured as the DHCP server for these vlans and has 3 DHCP scopes configured for the 3 vlans. I see that you have some exclusions configured

ip dhcp excluded-address 10.100.100.10 10.100.100.50
ip dhcp excluded-address 10.100.70.2 10.100.70.50
ip dhcp excluded-address 10.100.50.2 10.100.50.50

But the exclusions do not include the .1 address used by the switch. If you will add an exclusion for each of the 3 addresses that are used by the switch then I believe that this problem will be solved.

HTH

Rick

Hey rburts  

Yes those ip address are being used by router.

I configured Exlusions on Router and i still getting spam, i also tried to put exlusions on switch still getting same thing.

ip dhcp excluded-address 10.100.100.10 10.100.100.50
ip dhcp excluded-address 10.100.70.2 10.100.70.50
ip dhcp excluded-address 10.100.50.2 10.100.50.50
ip dhcp excluded-address 10.100.100.1
ip dhcp excluded-address 10.100.50.1
ip dhcp excluded-address 10.100.70.1

Regards.

Rokas

I am glad to see that you have added the exclusions for DHCP that have the gateway address. That will prevent one type of problem. Thank you for including a fresh copy of the config of both switch and router. It makes it clear why you are still receiving the error messages. You have configured the same IP address on the interface of the switch and of the router.

ip address 10.100.100.1 255.255.255.0

Only one device can have address 10.100.100.1 and that probably should be the router. The other device must have a different address in that subnet.

HTH

Rick