12-18-2012 12:44 PM
We have an existing network with a Catalyst 4510 core switch and departmental 3560 switches connected via fiber. Due to company restructure we can no longer afford to buy new 3560's when anything goes wrong so this week I purchased an SG200-26 which I'm trying to get onto the network.
This is a legacy network which I didn't setup so my Cisco skills are somewhat limited (another reason for the SG200's hopefully), anyway have been looking at the configs on the existing switches and trying to match settings in the SG200 setup however not getting anywhere! I have the config from the dead switch so I can show what needs to be achieved, wondering if anyone had experience in downgrading their environment in a similar way and if there was anyone that could assist?
Solved! Go to Solution.
12-18-2012 01:54 PM
Peter, the good thing is, it looks like the config is pretty compliant to the SX200. It doesn't look like you guys made anything too special on the 3560.
Here's a snippit from your config
interface FastEthernet0/18
description nortel phone
switchport access vlan 32
switchport trunk encapsulation dot1q
switchport trunk native vlan 32
switchport trunk allowed vlan 16,32
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard enable
This particular port config looks like it embodies most of your work you have cut out for you.
I will use the device emulator to give an example
https://www.cisco.com/assets/sol/sb/Nikola_GUI/SG_200-50P_v1_1/config/home_sx200.htm
This is about everything you can match up based off that port config. The switch doesn't have a bpdu guard so the closest you can do is bpdu filtering. The purpose of globally configured BPDU Guard is to disable (err-disable) all portfast-enabled ports should they ever receive BPDU frames. While BPDU Filter is to prevent the switch from sending BPDU frames on ports that are enabled with portfast.
It also looks like on the config your vlan 1 is inactive and your vlan 254 is the management vlan. If this is the case, you may want to change the default vlan of the switch to 254.
Don't forget to save the running config to the start up config.
I hope this is enough "translation". Let me know if you have any other questions.
-Tom
Please mark answered for helpful posts
12-18-2012 12:49 PM
Hi Peter, this is quite a "step down". The one piece of advise I will give to you is this- The SX200 switch does not support VTP or PVST. It also does not behave the same in terms of VLANS. On a Catalyst switch, if you define the link as a trunk, all VLANs will pass. However, on the small business switches, you must make all the VLANs on the links. Another problem I've seen is some times there are only tag packets originating from the upstream which will get discarded by the SX200 on a trunk link due to ingress filtering. So there are a few obstacles to be addressed in certain situations.
If you'd like to post the config, we can try to sort through it.
-Tom
Please mark answered for helpful posts
12-18-2012 12:58 PM
Tom
Thanks for the fast response, I realize this is a big drop, however we are essentially in receivership and the operations need to keep running so I'm trying to do so on a VERY limited budget. I'll attach the config for my dead 3560 to my original post as a text document (looks like I can't do it here), for simplicity all that is required now are the corporate and public VLANs and maybe the phone one (not as important).
Peter
12-18-2012 01:54 PM
Peter, the good thing is, it looks like the config is pretty compliant to the SX200. It doesn't look like you guys made anything too special on the 3560.
Here's a snippit from your config
interface FastEthernet0/18
description nortel phone
switchport access vlan 32
switchport trunk encapsulation dot1q
switchport trunk native vlan 32
switchport trunk allowed vlan 16,32
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard enable
This particular port config looks like it embodies most of your work you have cut out for you.
I will use the device emulator to give an example
https://www.cisco.com/assets/sol/sb/Nikola_GUI/SG_200-50P_v1_1/config/home_sx200.htm
This is about everything you can match up based off that port config. The switch doesn't have a bpdu guard so the closest you can do is bpdu filtering. The purpose of globally configured BPDU Guard is to disable (err-disable) all portfast-enabled ports should they ever receive BPDU frames. While BPDU Filter is to prevent the switch from sending BPDU frames on ports that are enabled with portfast.
It also looks like on the config your vlan 1 is inactive and your vlan 254 is the management vlan. If this is the case, you may want to change the default vlan of the switch to 254.
Don't forget to save the running config to the start up config.
I hope this is enough "translation". Let me know if you have any other questions.
-Tom
Please mark answered for helpful posts
12-19-2012 01:47 AM
Tom
Thanks for the comprehensive response, np with the switch config instructions, wrt the vlans and trunking I have broken down the 3560 config into the 6 different ethernet port 'categories' (see below);
Eth/1-5, 8-9, 11-12 access vlan 32
Eth/6 access vlan 16
Eth/7 access vlan 32, native vlan 32, allowed vlan 16,32
Eth/10 native vlan 254, allowed vlan 1,32,64,254 (trunk)
Eth/13-18 access vlan 32, native vlan 32, allowed vlan 16,32 (trunk)
Eth/19-24 access vlan 64
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
My questions from this and using your instructions are;
If all goes well I should be able to test this morning, will let you know how that goes.
Thanks again.
Peter
12-19-2012 03:19 AM
Tom
A couple of 'issues' I've come across so far this morning;
Based on these two issues I can only appear to set to either 16UP,32T OR 16T,32UP any thoughts???
Peter
12-19-2012 04:16 AM
Hi Peter, try changing the port mode from trunk to General.
-Tom
Please mark answered for helpful posts
12-19-2012 11:48 AM
Tom
I made the deadline to get the office up and running by 9AM this morning, had half an hour to spare!
I ended up setting the ports 16UP,32T and it went into production, seemingly without issues, prior to me seeing your last response. It's a remote office and following an hour of testing I left and hopefully won't be back there for a few months.
I'll probably get another switch in now to play with and will try changing the port mode then. Thanks for your assistance you definitely saved the day!
Peter
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide