cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
16113
Views
5
Helpful
9
Replies

Switchport access and trunk on Layer 3 switch problems

franklee3082
Level 1
Level 1

Hello Everyone,

I was building a network design just to practice and I came across an issue I could not understand. Can anyone please help. I have attached an image to clear things up. 

Please let me know if you require further information to answer my question. Thank you 

Francis

1 Accepted Solution

Accepted Solutions

Yes router on a stick. However only vlan 100 is needed as you have ospf between router and multilayer switch.

Please don't forget to rate and select correct answer


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

9 Replies 9

Francesco Molino
VIP Alumni
VIP Alumni

Hi

On your multilayer switch, you have misconfigured interfaces fa0/2 and fa0/3.

On your diagram, these 2 interfaces seems to be trunk interfaces however you have set them with access vlans.

If there are trunks, configs should be:

Interface fa0/2

 switchport trunk encap dot1q

switchport mode trunk

switchport trunk allowed vlan 80 ==> If you are doing this design on GNS3, you need to do switchport trunk allowed vlan 1,80,1001-1005 (add the default and reserved vlans). If you don't want to set specific vlan on the trunk, you can delete this command.

Interface fa0/3

 switchport trunk encap dot1q

switchport mode trunk

switchport trunk allowed vlan 90 ==> If you are doing this design on GNS3, you need to do switchport trunk allowed vlan 1,80,1001-1005 (add the default and reserved vlans). If you don't want to set specific vlan on the trunk, you can delete this command.

On the other switches facing computers, you need to have vlans on the database and configure interfaces facing computers with the below commands:

switchport mode access

switchport access vlan 80 or 90

If you are on GNS3 and the switch between multilayer and PC is confurable, then on the multilayer switch you can configure interfaces like:

interface fa0/2

switchport mode access

switchport access vlan 80

interface fa0/3

switchport mode access

switchport access vlan 90

Hope this is clear.

If this answer helped, please don't forget to choose it as correct answer for other people who are facing same issue and rate it.

Thanks so much


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Hi Franceso, 

thank you for your help. Do I change the int fa0/1 on the multilayer switch to a

interface fa0/1

switchport mode trunk 

switchport trunk allowed vlan all

When I change that to a trunk port, host on vlan 80 and 90 cannot ping the address 192.168.10.3 at the G 0/1 interface on the Router.

But if I change the interface of fa0/1 on the multilayer switch to an access port. Then the host on Vlan 80 and 90 can ping every interfaces in the network. 

Can you please answer why does that happen? Thank you for your times

interface fa0/1

switchport mode access

switchport access vlan 100

regards

Francis

If it works in access and not in trunk mode, this means that next swicth and/or router is not aware about vlan tagging and/or vlan database has not right vlans on it. To answer that, I would need the switch and router configuration, and also a show vlan (on gns3 it should be show vlan-switch) on the switch between your router and multilayer switch


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Hi Francesco,

I have attached an image with the configurations..and also i made a color scheme so its a bit easier to understand.

Thanks

Francis

Ok in trunk mode it will not work because router interface is in default vlan and not answering to your tagged frame. 

If you want that everything works with trunk capabilities, you need to verify that f0/1 and f0/2 are in trunk mode by issuing sh inter trunk (normally yes if I refer to your output).

The router interface should be configured like:

Interface g0/1

Encap dot1q 100

Ip Add 192.168.x.x

On the multilayer switch, you should do :

default Int f0/1 ==> to reset config on this interface otherwise you can do no of access command 

int f0/1

Switch trunk encap dot1q (not for all switches)

Switch mode trunk

Switchpo trunk allowed vlan (vlans you want)

Hope this is  more clear?

Thanks 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Hi Francesco,

I see, so it is a router on a stick configuration? Will have have to configure VLAN 80 and 90 on the router too, so that both Vlan 80 and 90 traffic can traverse the other side of the network.

Interface g0/1

Encap dot1q 80

Ip Add 192.168.x.x

and 

Interface g0/1

Encap dot1q 90

Ip Add 192.168.x.x

I was hoping there would be a different process, I was thinking in actual production environment would it have been implemented, but Thank you so much for your help..it has been great.

regards

Francis

Yes router on a stick. However only vlan 100 is needed as you have ospf between router and multilayer switch.

Please don't forget to rate and select correct answer


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Thank you very much.

regards

Francis

Thanks for rating. 

Can you select the answer as correct answer? Then others can see which one is the correct answer


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
Review Cisco Networking for a $25 gift card