cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

CISCO SWITCHES FOR SMALL and MEDIUM BUSINESS

Introducing the next generation of Cisco Small and Medium Business Switches. Cisco is refreshing its SMB Switch portfolio. Click here  to learn more.


2110
Views
0
Helpful
8
Replies
Highlighted

SG300 Switches and XenServer VLAN problems

Hi folks,

We're setting up a Citrix Cloudstack/XenServer environment and having a heck of a time getting VLAN communication to work with the Cisco SG300-28 switches we've got.  Wondering if someone can look over the following for assistance.

We have 4 hosts that are running physically connected to 2 SG300-28 switches.

The Guest Network NICS are running on XenServer with a VLAN configuration.  As you'll see below our problem lies in that the vm on Host1 (10.1.1.254) cannot communicate to the vm on Host2 (10.1.1.5).

Our SG300-28 is currently in L2 mode with Trunked ports for the NICS.  It's allowed the VLAN 133 as tagged.  Any ideas are welcome.

Here's the host networking:

Capture1.JPG

Here's the guest networking:

Capture2.JPG

here's how our SG300-28 are configured for VLAN traffic  GE1,2,13,14 are the connected ports with VLAN133 being one of the tagged VLANS

Capture3.JPG

8 REPLIES 8
Highlighted
Advocate

Hi Tavis, port 1,2, 13, 14 native vlan is 1. I don't know what your server output means but if you're connecting servers there, it is a native vlan mismatch. I'm also not quite understand why all of these vlan tags everywhere. I think it would better serve to get your basic communication up then configure everything else.

The layer 2 switch is oblivious to IP addresses. So it means the NIC incorrectly set on the server when compared to the port setting of the switch.

So... to start things off... you want vlan 133 to work. This is what to do. Set 1 port for 1u, 133t between switches then ports to be 133 access port for the server. If the server's dont require a VLAN assignment on the NIC to communicate then it will work just fine (like any other layer 2 point to point network). If the NIC requires a VLAN ID, specify the 133 and see if it works.

Once you get vlan 133 to work... you can set all your vlan trunks and tags between switches then assign other ports to be vlan 133 access.

Once you get your basic communication up, you can add vlan tag and untag. Just remember, you won't have any inter-vlan communication without a routing device.

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
Highlighted

Thanks Tom,

Probably didn't give you enough information.

For our purposes we are not routing VLAN133 across 2 switches.  We only want VLAN133 to communicate between ports 1,2,13 and 14.  Cloudstack creates dynamic networks using VLAN 100-299 thus we need to have those VLANS allowed with VLAN 500 for public access on the one interface.  XenServer creates these interfaces on the fly as evidenced above.  We can't just do an untagged 133 alone.

The other switch is used for 2 additional interfaces not referenced above.

With this config we can't get routing between the servers to work at all.

Highlighted

Sorry when I say only VLAN133 that's incorrect.  On port 1,2,13 and 14 we want VLAN 100-299 and VLAN500 to communicate properly as tagged between those ports.  Up till now this has not worked.

Highlighted

In a layer 2 network, you won't have intervlan communication unless you have something that can route the traffic.

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
Highlighted

Does intervlan communication mean between ports for 1 VLAN?  I don't really want routing between VLANS just ports.  VLAN 133 traffic will only communicate with VLAN133 traffic.  Cloudstack has a virtual router if need be.

Highlighted

Okay, if you make each port connecting to these servers as 133 untagged, does it work?

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
Highlighted

no we just tried and it does not work.

Highlighted

Tavis, if that doesn't work, there is an external issue such as firewall or incorrect NIC configuration.

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/