cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10899
Views
0
Helpful
8
Replies

3750x VLAN multi-vlan setup?

Alaskanbrewing
Level 1
Level 1

We're currently upgrading our network from a flat layer 2 setup with a mix of HP, Dell, 3com, over to Cisco for the core and some HP for PoE/edge but we're running into trouble swapping in our first Cisco switch, a 3750x which has a bit of learning curve over even the 2900 series.

On our 3750x to be used primarily for our VMWare ESX servers, we have VLANs defined as:

100 = Our main data network (10.0.0.0 255.255.0.0) setup for virtual server access.

101 = VMWare "vmkernal" use only by ESX servers for vMotion, etc.

172 = 2nd data network connected via a port to another HP switch, for access by ESX virtual servers

192 = Public WiFi/Internet for guests/contractors for access points and several virtual machines on our ESX virtual servers.

1001 = "null" VLAN to drop unwanted traffic on the 3750x (recommended for an issue we came across)

Currently all our HP switches are not managed and just set to the native VLAN1 from whomever setup them up originally.

The main problem right now seems to be routing our main data network traffic from our HP switch (not tagged) to the 3750x on a port as our data traffic intended to be VLAN100 for our ESX servers.

Port Gi1/0/1 is used for switch management on native vlan 1

Port Gi1/0/2 - Gi1/0/9 is setup as a etherchannel/trunk for our ESX Servers (2 ports per server, 3 servers currently)

Port Gi1/0/24 is setup as the uplink to our HP switch on the 10.x.x.x network which we need on vlan100

After setting up the 802.1q trunk/etherchannel on the 3750x I've still been unable to manage the VMWare servers setup to use VLAN 100 for management from computers running on our HP switches.

I also have a Cisco 2950 available to use, the HP's tend to be a pain due to the different command line and terminology between them and cisco, plus differences in native vlan setup.

Just seeing a similiar config file would probably help as it seems fairly standard setup, but I'm sure were missing something obvious.

8 Replies 8

MikeyDunn1
Level 1
Level 1

Hey Alaskanbrewing,

Can you post your config for me off of the 3750X?

Thanks,

Mikey

Hi Michael, Here's the current running config.

-----


spanning-tree mode pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
!
!
!
port-channel load-balance src-dst-ip
!
vlan internal allocation policy ascending
!
!
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport trunk native vlan 1001
switchport trunk allowed vlan 100,101,172,192
switchport mode trunk
!
interface Port-channel2
switchport trunk encapsulation dot1q
switchport trunk native vlan 1001
switchport trunk allowed vlan 100,101,172,192
switchport mode trunk
!
interface FastEthernet0
no ip address
no ip route-cache cef
no ip route-cache
shutdown
!
interface GigabitEthernet1/0/1
description Management Uplink
!
interface GigabitEthernet1/0/2
description ESX1
switchport trunk encapsulation dot1q
switchport trunk native vlan 1001
switchport trunk allowed vlan 100,101,172,192
switchport mode trunk
spanning-tree portfast trunk
channel-group 1 mode on
!
interface GigabitEthernet1/0/3
description ESX1
switchport trunk encapsulation dot1q
switchport trunk native vlan 1001
switchport trunk allowed vlan 100,101,172,192
switchport mode trunk
spanning-tree portfast trunk
channel-group 1 mode on
!
interface GigabitEthernet1/0/4
description ESX2
switchport trunk encapsulation dot1q
switchport trunk native vlan 1001
switchport trunk allowed vlan 100,101,172,192
switchport mode trunk
spanning-tree portfast trunk
channel-group 1 mode on
!
interface GigabitEthernet1/0/5
description ESX2
switchport trunk encapsulation dot1q
switchport trunk native vlan 1001
switchport trunk allowed vlan 100,101,172,192
switchport mode trunk
spanning-tree portfast trunk
channel-group 1 mode on
!
interface GigabitEthernet1/0/6
description ESX3
switchport trunk encapsulation dot1q
switchport trunk native vlan 1001
switchport trunk allowed vlan 100,101,172,192
switchport mode trunk
spanning-tree portfast trunk
channel-group 1 mode on
!
interface GigabitEthernet1/0/7
description ESX3
switchport trunk encapsulation dot1q
switchport trunk native vlan 1001
switchport trunk allowed vlan 100,101,172,192
switchport mode trunk
spanning-tree portfast trunk
channel-group 1 mode on
!
interface GigabitEthernet1/0/8
switchport trunk encapsulation dot1q
switchport trunk native vlan 1001
switchport trunk allowed vlan 100,101,172,192
switchport mode trunk
spanning-tree portfast trunk
channel-group 1 mode on
!
interface GigabitEthernet1/0/9
switchport trunk encapsulation dot1q
switchport trunk native vlan 1001
switchport trunk allowed vlan 100,101,172,192
switchport mode trunk
spanning-tree portfast trunk
channel-group 1 mode on
!
interface GigabitEthernet1/0/10
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 100,101,172,192
switchport mode trunk
spanning-tree portfast trunk
channel-group 2 mode on
!
interface GigabitEthernet1/0/11
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 100,101,172,192
switchport mode trunk
spanning-tree portfast trunk
channel-group 2 mode on
!
interface GigabitEthernet1/0/12
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 100,101,172,192
switchport mode trunk
spanning-tree portfast trunk
channel-group 2 mode on
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
description HP - Port48 Uplink
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 100
switchport mode trunk
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface Vlan1
ip address 10.0.0.4 255.255.0.0
!
ip default-gateway 10.0.0.254

When you send any packets through your HP switch, it strips all VLAN tagging off of the packets. Your configuration looks correct, but I would recommand swapping that HP out with the 2950, allow the VLAN databases to replicate and configure your trunk ports accordingly.

I hope this points you in the right direction.

Thanks,

Mikey

I happen to have an HP switch and a 3750 (not X, but same effect) on my workbench, so I tried your trunking config with the Cisco port configured as 802.1q trunk with native vlan 100, and the HP switch with a default config, untagged on port 1, and I seem to have no trouble forwarding traffic across the link. Obviously it's not an ideal scenario but it does work.

I think the issue with reaching your ESX servers is actually with your EtherChannel configurations. You mentioned that ports 2-9 are serving multiple ESX servers with 2 NICs each. Yet you have all of those ports configured under a single channel-group. You need a unique port-channel for each server. Also make sure in your vSwitch configuration you have your load balancing policy set to "Route based on IP hash".

Great, I really appreciate the confirmation on our setup.

I'll likely try both your suggestions, I was intending to use the 2950 for data only connections/uplinks anyway to free up more PoE ports.

I'll try the one ESX server per EtherChannel. I do have the Cisco and vSwitch setup for Route based on IP Hash, so I know that part is fine.

Alaskanbrewing
Level 1
Level 1

Quick update, as I stripped out much of the config last friday.

I removed the native vlan 1001 from the etherchannel setup, removed the allowed vlan's, removed the 2nd switch port that was being used for management (untagged upllink from our data network) since it was a duplicate of the untagged data network being used to deliver our connection I wanted on vlan 100.

At the moment the management and data is still running over an uplink from our HP switch as untagged. Couldn't seem to get the untagged data to work as VLAN100 over to the etherchannels.

Changed the following and vlan 100 is working:

interface GigabitEthernet1/0/24

description Public Uplink

switchport access vlan 100

switchport trunk native vlan 2

vlan2 is a dummy vlan

So you're basically using an access port instead of a trunk port. Here, "switchport trunk native vlan 2" has no effect because the port is not in trunk mode (no "switchport mode trunk" defined)...the default mode for ports is access, so the only statement that takes effect is "switchport access vlan 100". A "show interface G1/0/24 switchport" will confirm you are in access mode.

This will work since you're only putting one VLAN across it, just be careful as it has implications when dealing with spanning-tree.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco