09-06-2011 08:42 AM
Hi,
I've got an SG300-10P switch and am trying to use it to create a testing environment for a Fiber Test set. What I would like to do is get two hosts, A & B, plugged into ports 1 and 3 on the switch, to talk to each other, but forcing the traffic to be routed through the two Combo ports 9 & 10. Please see the attached diagram.
I've attempted to configure two VLAN's, 10 and 20. Vlan 10 is used for traffic between Ports 1 and 9, Vlan 20 is used for traffic between Ports 3 and 10.
I don't really care whether the traffic is tagged or untagged as it passes between ports 9 and 10.
I've tried various combinations of tagged/untagged ports, PVID's, etc. As a first test I've bypassed the Fiber Test set and simply created a direct connection between ports 9 and 10. I am unable to get the traffic from Host A to Host B to get routed through ports 9 and 10 (I ping each host from the other and get no response).
Any ideas for how to achieve this?
Thanks,
Maurice Lampell
Solved! Go to Solution.
09-06-2011 10:00 PM
Hi Maurice,
I did suggest to make sure you are at the current version of firmware 1.1.1.8.
The current version of firmware has a supported CLI.
This CLI running configuration is reflected in the GUI and conversely, changes made to the GUI are reflected immediately in the CLI.
Please check the administration guide as to how to upgrade the firmware.
regards Dave
09-06-2011 09:16 AM
Hi Maurice,
I am a bit perplexed. Your diagram is pretty darn good by the way. I have copied it below.
Is the ports 9 and 10 unntagged for the appropriate VLANs, that's what the diagram indicates?
Is VLAN1 excluded on both ports 9 and 10 ?
It seems to me that both VLAN10 and VLAN20 are transmitting untagged frames to the" fiber test equipment". Therefore as far as the fiber test equipment is concerned it has to assume that HOST A and HOST B are in the same IP network.
But, for Host A and Host B to commucate with eachother, I would have to think that they would have to be in the same IP network, is that the case ?
Also; MiniGBIC interface is a combination port, shared with one other RJ-45 interface. When the MiniGBIC is active, the adjacent RJ-45 port is disabled.
dave
09-06-2011 09:29 AM
David,
Thanks for responding.
Host A and B are on the same subnet (e.g. 192.168.2.2 and 192.128.2.4). The VLAN's are meant to be an artifact to prevent the two hosts from talking directly to each other between ports 1 & 3.
I've tried this test with a fiber between the two mini-GBIC's, and I've also switched that out for an ethernet cable between the standard ethernet connectors on ports 9 & 10.
Host A and B are going to send untagged frames. The frames will get tagged upon entering the switch. It doesn't matter to me whether the frames between ports 9 and 10 are tagged or untagged, as long as Host A and B are able to talk to each other.
I have VLAN1 from ports 1,3,9 and 10.
Here is my Port VLAN membership:
g1, General, 10, 10U
g3, General, 20, 20U
g9, General, 20, 10U,20U (I tried setting the PVID to 10, but it reverts to 20)
g10, General, 20, 10U,20U
I'm wondering if either my fiber or ethernet cables need to be crossover cables...
Thanks,
Maurice
09-06-2011 09:42 AM
Hi
Make sure you have the new 1.1 firmware on your switch. This new firmware also gives you a supported CLI interface as well.
What about trying the following VLAN configuration.
It will be easier during the firmware upgrade, resetting the unit to factory defaults.
This is good as then it makes it easier to try the following VLAN configuration.
Ports 1 and 9 VLAN Interface set to Access mode . untagged vlan 10
ports 3 and 10 VLAN Interface set to Access mode, untagged vlan 20
Yep fiber has to be crossed over transmit from one SFP going to RX or the other SFP .
Copper ports are OK as they have auto-MDI-MDIX.
regards Dave
09-06-2011 10:20 AM
David,
Many thanks for the follow up.
I tried the configuration you suggested, using an ethernet cable between 9
and 10, but I could not get my ping to go from Host A to Host B.
Here is my Port Vlan membership:
g1, Access, 10, 10U
g3, Access, 20, 20U
g9, Access, 10, 10U
g10, Access, 20, 20U
Any chance you could try this simple test on your end?
Thanks!
Maurice
On Tue, Sep 6, 2011 at 12:43 PM, dhornste <
09-06-2011 11:27 AM
Hi Maurice,
Here is my config which did work .
The SG300 is sometimes too smart for it's own good.
It has all sorts of discovery protocols and Spanning tree enabled by default, stuff you wouldn't see in a dumber switch, so congratulations for your good purchase in gettting a really smart managed switch.
I think the problem is the switch saw Spanning tree BPDU coming back in and assumed a loop.
ok here is a working configuration from my SG300-10P running 1.1.0.72.. pinging worked perfectly using SM SFP's in port 9 and 10 and SM crossed over fiber.
switch38cbaf#sh ver
SW version 1.1.0.72 ( date 15-Jun-2011 time 16:43:49 )
Boot version 1.0.0.4 ( date 08-Apr-2010 time 16:37:57 )
HW version V01
switch38cbaf#show run
no cdp run
no spanning-tree
interface range gi9-10
spanning-tree link-type point-to-point
exit
vlan database
vlan 10,20
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
no lldp run
hostname SG300-10
no snmp-server server
interface gigabitethernet1
switchport mode access
switchport access vlan 10
exit
interface gigabitethernet2
switchport mode access
exit
interface gigabitethernet3
switchport mode access
switchport access vlan 20
exit
interface gigabitethernet4
switchport mode access
exit
interface gigabitethernet5
switchport mode access
exit
interface gigabitethernet6
switchport mode access
exit
interface gigabitethernet7
switchport mode access
exit
interface gigabitethernet8
switchport mode access
exit
interface gigabitethernet9
switchport mode access
switchport access vlan 10
exit
interface gigabitethernet10
switchport mode access
switchport access vlan 20
exit
interface vlan 10
name ten
exit
interface vlan 20
name twenty
exit
switch38cbaf#sh mac address-table
Aging time is 300 sec
Vlan Mac Address Port Type
-------- --------------------- ---------- ----------
1 f4:ac:c1:38:cb:af 0 self
10 00:1a:6b:3c:ea:c1 gi1 dynamic
10 f0:de:f1:03:c0:d4 gi9 dynamic
20 00:1a:6b:3c:ea:c1 gi10 dynamic
20 f0:de:f1:03:c0:d4 gi3 dynamic
switch38cbaf#
switch38cbaf(config)#do sh cdp
Global CDP information:
CDP is globally disabled
CDP log duplex mismatch is globally enabled
CDP log voice VLAN mismatch is globally enabled
CDP log native VLAN mismatch is globally enabled
Mandatory TLVs validation is disabled
Sending CDPv2 advertisements is enabled
Sending Appliance TLV is enabled
Device ID format is MAC Address
Sending CDP packets every 60 seconds
Sending a holdtime value of 180 seconds
CDP packets handling mode is bridging
switch38cbaf(config)#
switch38cbaf(config)#do show spann
Spanning tree disabled (BPDU flooding) mode RSTP
Default port cost method: long
09-06-2011 09:09 PM
David:
Thanks again for the time you took to look into this.
I disabled spanning tree protocol via the GUI and now I'm able to ping
across the twisted pair fibers.
Strangely, I can only ping in one direction (host a to host b, regardless of
whether hosts a/b are plugged into ports 1/3 or 3/1). I'm wondering if I
have an outgoing firewall turned on on host b...
In any case, it looks like you are showing me the CLI for the Cisco
SG300-10P. Is access to the CLI a standard part of the product?
If so, how is it done? Also if so, does the switch remain consistent between
the CLI and the GUI?
Thanks again!
Maurice
On Tue, Sep 6, 2011 at 2:28 PM, dhornste <
09-06-2011 10:00 PM
Hi Maurice,
I did suggest to make sure you are at the current version of firmware 1.1.1.8.
The current version of firmware has a supported CLI.
This CLI running configuration is reflected in the GUI and conversely, changes made to the GUI are reflected immediately in the CLI.
Please check the administration guide as to how to upgrade the firmware.
regards Dave
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide