Solved: I'm not actually using the

sedwards4242 · ‎05-01-2015

I have a Cisco SG300-52P Small Business switch and hopefully I can explain well what's going on. We have a Juniper EX4200 L3 switch that has a bunch of our corporate VLANs (they are routed VLANs) and that allows communication between all of our corporate networks. We have several other L2 Netgear, HP Procurve, etc... on which we have split the ports down the middle and divided them into two broadcast domains by setting them as untagged VLANs. One cable goes from each of the different VLANs on the L2 switches into different VLANs on the L3 switch. As long as STP is disabled this seems to work fine. However, we tried this same scenario on this Cisco Small Business switch and only one of the two untagged VLANs on the Cisco will pass traffic at a time. I believe that whenever the VLAN that is on the default (VLAN 1) is plugged in, the other (the one we created) shuts down but when VLAN 1 is unplugged, the other VLAN immediately starts to work. What seems weird is that the Cisco seems to learn the Juniper's MAC on the VLAN that doesn't work and the Juniper learns the MAC on the one that does work. In other words, the Juniper does not learn the Cisco's MAC on both of the VLANs that the Cisco is plugged into, as it does with the other L2 switches that we have, and the Cisco does not learn the MACs of the Juniper on both of its VLANs. I hope this is making sense and please let me know if there is any way I can further clarify. I'm sure I'm just doing something dumb that I'm overlooking so feel free to slap me in the face. :-)

Thank you in advance for your time!

Dan Miley · ‎05-01-2015

It sounds like there is a layer 2 loop in your network if spanning tree is shutting down the ports. You should be able to do a show spanning-tree on the switch, or look in spanning tree rstp interface status.

are there any other interconnects between devices? Like un-managed hubs, WAPs with bridging, virtual servers with multiple NIC cards?

Show spanning tree on each device might show what is going on, or at least tell you which ports are root ports, which ones are forwarding or blocking. Best practice is to configure your spanning tree if you have more than 1 or 2 switches.

A detail topology showing port numbers, (sanitized) IP addresses, vlans and purpose, trunks with what vlans are tagged, and untagged .

from your description, your network looks like

multiple vlans - layer 3 Juniper swtich - netgearS1 vlan`1 --procurveS2 vlan 1 -- ciscoS3 vlan1

\-- netgearS1 vlan2 - - procurveS2 vlan -- ciscoS3 vlan 2

I'm having trouble visiualizing <<One cable goes from each of the different VLANs on the L2 switches into different VLANs on the L3 switch. >>

are the cables for vlan 1 going to vlan 1 or are the cables for vlan1 going to a different vlan on the other switch?

Can you reduce the complexity and number of interconnects by using trunking?

What are the IPs and default gateway of all devices, L3 switch?

These switches do STP, RSTP and multiple spanning tree, but will not do per vlan spanning tree. so there may be some configuration required on all switches to get the correct root bridge (the Juniper I assume)

View solution in original post

Dan Miley · ‎05-01-2015

It sounds like there is a layer 2 loop in your network if spanning tree is shutting down the ports. You should be able to do a show spanning-tree on the switch, or look in spanning tree rstp interface status.

are there any other interconnects between devices? Like un-managed hubs, WAPs with bridging, virtual servers with multiple NIC cards?

Show spanning tree on each device might show what is going on, or at least tell you which ports are root ports, which ones are forwarding or blocking. Best practice is to configure your spanning tree if you have more than 1 or 2 switches.

A detail topology showing port numbers, (sanitized) IP addresses, vlans and purpose, trunks with what vlans are tagged, and untagged .

from your description, your network looks like

multiple vlans - layer 3 Juniper swtich - netgearS1 vlan`1 --procurveS2 vlan 1 -- ciscoS3 vlan1

\-- netgearS1 vlan2 - - procurveS2 vlan -- ciscoS3 vlan 2

I'm having trouble visiualizing <<One cable goes from each of the different VLANs on the L2 switches into different VLANs on the L3 switch. >>

are the cables for vlan 1 going to vlan 1 or are the cables for vlan1 going to a different vlan on the other switch?

Can you reduce the complexity and number of interconnects by using trunking?

What are the IPs and default gateway of all devices, L3 switch?

These switches do STP, RSTP and multiple spanning tree, but will not do per vlan spanning tree. so there may be some configuration required on all switches to get the correct root bridge (the Juniper I assume)

sedwards4242 · ‎05-01-2015

I'm not actually using the Netgears and Procurves that I mentioned, but I was just using those as an example that my scenario works with those models. I think you are understanding my topology in any case. However, what you said rang a bell and I found out that there actually is a Netgear in between the Cisco and the Juniper and I confirmed that STP is enable on that switch so that may be the culprit. Unfortunately, I won't be able to test that until Monday early in the morning during the off hours but thank you so much for the suggestion! I will report back on Monday morning with the results.

Dan Miley · ‎05-01-2015

cool, I have found documenting the network can be a big step to resolving topology type issue.

if you still need a hand, call into our support center, http://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

please tag helpful posts,

Dan

sedwards4242 · ‎05-04-2015

I am confirming that it indeed was the STP on the Netgear that was causing the issue. Once again, thank you for pointing me in the right direction and I couldn't agree more about getting our network documentation in order!

Connecting two untagged VLANS from two different switches