Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2666
Views
0
Helpful
7
Replies

Can't connect Cisco switch to Cisco SG300-28P Switch and pass VLAN traffic

Go to solution
Mark Principato
Level 1
Level 1

‎02-17-2015 08:30 AM

Trying to connect the Cisco SG300-28P switch to another switch and pass VLAN 2 between them.  Not trying to do any trunking.  If I connect a computer to the port on the SG300-28P I am able to access VLAN 2 and pull a DHCP address; however, when I connect another switch to the port and the connect to another port on the other secondary switch I am unable to access VLAN 2 and pull an IP address.  I have verified that the secondary switch (a WS-C3560G-48PS-S) works connected to other 3500s, just not this newer SG300-28P.  Below is the configuration for both, I am omitting areas that shouldn't matter, and can add them if necessary.  Trying to connect port SG300-28P Port 26 to WS-C3560 Port 1.  Again if I plug a computer into port 26 on the SG300-28P I do gain access to VLAN 2 as expected, but not when I connect to port 2 on the secondary switch.

 

Cisco SG300-28P

!
interface vlan 1
 name Internet
!
interface vlan 2
 name LAN
 ip address 172.20.5.11 255.255.0.0
 no ip address dhcp  (this is the VLAN I'm trying to pass)
!
interface vlan 3
 name Private
!
interface vlan 4
 name Nortel
!
interface vlan 101
 name Video_Project
!
interface gigabitethernet26
 description VLAN2-ACCESS-CISCO3500
 switchport mode access
 switchport access vlan 2 (this goes to port 1 on the other switch Cisco 3500 to provide VLAN 2 access)
 

Cisco 3500

!
interface Vlan1
 description NATCO Internet
 no ip address
 no ip route-cache
 no ip mroute-cache
!
interface Vlan2
 description NATCO LAN
 ip address 172.20.5.13 255.255.0.0
 no ip route-cache
 no ip mroute-cache (this is the VLAN I'm trying to pass)

!
interface Vlan3
 description LHPrivate
 no ip address
 no ip route-cache
 no ip mroute-cache
!
interface GigabitEthernet0/1
 switchport access vlan 2 (this is the port that I'm connecting to the SG300-28P)

!
interface GigabitEthernet0/2
 switchport access vlan 2  (this is the port I'm hooking my computer to, and trying to gain access to VLAN 2 off the other switch)

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Michal Bruncko
Level 4
Level 4
In response to Mark Principato

‎02-17-2015 10:00 AM

Hi

yes, STP is the problem here. As you can see from your output from Cisco 3500 switch, port Gi0/1 is in BKN state (The BKN is a shorthand for "Broken").

this is caused by incompatibility of STP versions used between both switches. Small business switches (including SG300 series) are use legacy STP or Rapid STP (your case), but Enterprise models (like Catalyst 3500) is using PVST+ (Per VLAN spanning tree version of STP).

Both versions between switches group are compatible only under certain conditions. The important condition is that both switchports needs to use VLAN 1 as native/access vlan and not any other VLAN number.

This means that in order to make your communication working you have to:

  • disable STP at least on Cisco 3500 switch:
    • on global global (switch(config)# no spanning-tree vlan 2)
    • or per interface basis (switch(config-if)# no spanning-tree vlan 2)
  • change configuration of your link between both switches in following way:
    • change switchport mode to trunk (switchport mode trunk)
    • make VLAN 1 as native vlan (switchport trunk native vlan 1)
    • permt VLAN 2 as tagged vlan on that trunk (switchport trunk allow vlan add 2)

 

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Michal Bruncko
Level 4
Level 4

‎02-17-2015 08:49 AM

Hi

your configuration looks very straightforward and this should work at first look,... but it didn't.

It could be caused by various of reasons mainly related to STP. Please can you provide output for "show span" from both switches?

0 Helpful

Go to solution
Mark Principato
Level 1
Level 1
In response to Michal Bruncko

‎02-17-2015 09:25 AM

Yes, that is what I though easy and straight forward.  I did verify it again using different ports same result.  Below are the results of show span on both switches.

 

SG300-28P Switch

Spanning tree enabled mode RSTP
Default port cost method:  long

  Root ID    Priority    32768
             Address     00:18:0c:00:11:fd
             Cost        200000
             Port        gi7
             Hello Time  2 sec  Max Age 40 sec  Forward Delay 15 sec
  Bridge ID  Priority    32768
             Address     50:17:ff:44:f4:a6
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Number of topology changes 1142 last change occurred 00:12:54 ago
  Times:  hold 1, topology change 55, notification 2
          hello 2, max age 40, forward delay 15

Interfaces
  Name     State   Prio.Nbr    Cost    Sts   Role PortFast       Type
--------- -------- --------- -------- ------ ---- -------- -----------------
   gi1    enabled   128.49    20000    Frw   Desg    No        P2P (STP)  (THIS PORT IS NOW CONNECTED TO THE OTHER SWITCH)
   gi2    enabled   128.50   2000000   Dsbl  Dsbl    No            -
   gi3    enabled   128.51   2000000   Dsbl  Dsbl    No            -
   gi4    enabled   128.52   2000000   Dsbl  Dsbl    No            -
   gi5    enabled   128.53   2000000   Dsbl  Dsbl    No            -
   gi6    enabled   128.54    200000   Frw   Desg   Yes       P2P (RSTP)
   gi7    enabled   128.55    200000   Frw   Root    No        P2P (STP)
   gi8    enabled   128.56   2000000   Frw   Desg   Yes      Shared (RSTP)
   gi9    enabled   128.57   2000000   Frw   Desg   Yes      Shared (RSTP)
  gi10    enabled   128.58   2000000   Frw   Desg   Yes      Shared (RSTP)
  gi11    enabled   128.59    200000   Frw   Desg   Yes       P2P (RSTP)
  gi12    enabled   128.60    200000   Frw   Desg   Yes       P2P (RSTP)
  gi13    enabled   128.61   2000000   Frw   Desg   Yes      Shared (RSTP)
  gi14    enabled   128.62    200000   Frw   Desg   Yes      Shared (RSTP)
  gi15    enabled   128.63    20000    Frw   Desg   Yes       P2P (RSTP)
  gi16    enabled   128.64    200000   Frw   Desg   Yes       P2P (RSTP)
  gi17    enabled   128.65    20000    Frw   Desg   Yes       P2P (RSTP)
  gi18    enabled   128.66   2000000   Frw   Desg   Yes      Shared (RSTP)
  gi19    enabled   128.67    200000   Frw   Desg   Yes       P2P (RSTP)
  gi20    enabled   128.68   2000000   Dsbl  Dsbl    No            -
  gi21    enabled   128.69    20000    Frw   Desg   Yes       P2P (RSTP)
  gi22    enabled   128.70    200000   Frw   Desg   Yes      Shared (RSTP)
  gi23    enabled   128.71   2000000   Dsbl  Dsbl    No            -
  gi24    enabled   128.72   2000000   Dsbl  Dsbl    No            -
  gi25    enabled   128.73   2000000   Dsbl  Dsbl    No            -
  gi26    enabled   128.74   2000000   Dsbl  Dsbl    No            -
  gi27    enabled   128.75    20000    Frw   Desg    No        P2P (STP)
  gi28    enabled   128.76    20000    Frw   Desg    No        P2P (STP)
   Po1    enabled  128.1000   20000    Dsbl  Dsbl    No            -
   Po2    enabled  128.1001   20000    Dsbl  Dsbl    No            -
   Po3    enabled  128.1002   20000    Dsbl  Dsbl    No            -
   Po4    enabled  128.1003   20000    Dsbl  Dsbl    No            -
   Po5    enabled  128.1004   20000    Dsbl  Dsbl    No            -
   Po6    enabled  128.1005   20000    Dsbl  Dsbl    No            -
   Po7    enabled  128.1006   20000    Dsbl  Dsbl    No            -
   Po8    enabled  128.1007   20000    Dsbl  Dsbl    No            -

Cisco 3500 Series

VLAN0002
  Spanning tree enabled protocol ieee
  Root ID    Priority    32770
             Address     0019.30a5.c680
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32770  (priority 32768 sys-id-ext 2)
             Address     0019.30a5.c680
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/1               Desg BKN*4         128.1    P2p *TYPE_Inc (CONNECTED TO THE OTHER SWITCH)

Gi0/2               Desg FWD 4         128.3    P2p

0 Helpful

Go to solution
Mark Principato
Level 1
Level 1
In response to Mark Principato

‎02-17-2015 09:25 AM

I am currently trying port 1 from the SG300 to port 1 on the 3500.  That is what the configuration was when I did the show span.  Just a FYI.  I was testing different ports.

 

0 Helpful

Go to solution
Michal Bruncko
Level 4
Level 4
In response to Mark Principato

‎02-17-2015 10:00 AM

Hi

yes, STP is the problem here. As you can see from your output from Cisco 3500 switch, port Gi0/1 is in BKN state (The BKN is a shorthand for "Broken").

this is caused by incompatibility of STP versions used between both switches. Small business switches (including SG300 series) are use legacy STP or Rapid STP (your case), but Enterprise models (like Catalyst 3500) is using PVST+ (Per VLAN spanning tree version of STP).

Both versions between switches group are compatible only under certain conditions. The important condition is that both switchports needs to use VLAN 1 as native/access vlan and not any other VLAN number.

This means that in order to make your communication working you have to:

  • disable STP at least on Cisco 3500 switch:
    • on global global (switch(config)# no spanning-tree vlan 2)
    • or per interface basis (switch(config-if)# no spanning-tree vlan 2)
  • change configuration of your link between both switches in following way:
    • change switchport mode to trunk (switchport mode trunk)
    • make VLAN 1 as native vlan (switchport trunk native vlan 1)
    • permt VLAN 2 as tagged vlan on that trunk (switchport trunk allow vlan add 2)

 

0 Helpful

Go to solution
Mark Principato
Level 1
Level 1
In response to Michal Bruncko

‎02-17-2015 01:14 PM

Michal,

 

I'm thinking about this, and I'm not sure I can do either solution.  I am testing this out for doing the switch over.  In the live enviroment I have one switch on VLAN 2 going through our telephone network providing access to other switchs on VLAN 2.  All of these switches are functioning correctly Cisco 500 Express or other Catalyst models.  So one switch feeds the Etherent uplink to all the other switches.  So option 2 setting up the VLAN trunking is an option, but cannot be done until we renumber our VLANS on the telephone network to not overlap.  Option 1 doesn't work, because the switch that I need to get working is the SG300, which is connected to our telephone transport that has the one upload switch and provides switch access off that to about 20 other switches (I'm trying to add this one, SG300, to that group)

0 Helpful

Go to solution
Michal Bruncko
Level 4
Level 4
In response to Mark Principato

‎02-17-2015 01:44 PM

I think that there could be third option available: make SG300 switch as root bridge for switching area with decreasing priority for example to 0 (or any lower number than 32768). You can try it within your testing environment to see if it works.
0 Helpful

Go to solution
Mark Principato
Level 1
Level 1
In response to Michal Bruncko

‎02-17-2015 02:52 PM

Michal,

Thank you for your help.  We have a spare switch that I have working already enterprise class.  I'm just going to move everything over to that for a week while we setup the new VLANs throughout our company to setup the VLAN trunks properly through our transport equipment.

If this was going to be a permanent setup I would probably go for changing over to the root bridge; however, this is only going to be temp.

I greatly appreciate the advice and help,

Mark

0 Helpful
Customers Also Viewed These Support Documents