cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
656
Views
0
Helpful
7
Replies

887VA-W drops all traffic when 'switch mode trunk' enabled

Hamish Marson
Level 1
Level 1

I have an 887VAW. Only 1 interface of the fastethernet ports was connected. Up till now I just need the 1 VLAN (VLAN10), so it was configured as an access port. However needs change.

So I configured fastethernet0 with 

interface FastEthernet0
 switchport access vlan 10
 switchport trunk native vlan 10
 switchport trunk allowed vlan 1,2,101,1002-1005
 no ip address

All good so far... But when I added

interface FastEthernet0
switchport mode trunk

All traffic stopped... Weird I thought, but OK, maybe it has an issue with switching from access to trunk even though VLAN10 is the access plan AND the native when trunked.. so I found a spare port on the switch. Plugged it into FastEthernet1 and added

interface FastEthernet1
switchport trunk allowed vlan 1,2,66,1002-1005
 no ip address

VLAN66 is the new VLAN I want to use. All good so far again... Add

interface FastEthernet1
switchport mode trunk

And bang... Loss of contact on VLAN10 again...

Any ideas? Why the heck does the router stop responding to VLAN10 (Configured as)

interface Vlan10
 ip address 192.168.254.128 255.255.255.0
 ip flow ingress
 ip nat inside
 ip inspect CBAC in
 no ip virtual-reassembly in
 ip route-cache policy
 ip tcp adjust-mss 1452

when one of the ports is changed to a trunk instead of access? 

7 Replies 7

Jon Marshall
Hall of Fame
Hall of Fame

Because you are not allowing vlan 10 on the trunk ie. you need to do -

"switchport trunk allowed vlan add 10"

Jon

VLAN 10 isn't supposed to be ON the trunk...

On fa0 it's the native (Untagged VLAN). Whether it's an access port or a trunk port.

On fa1 it doesn't exist at all.

My issue is not that VLAN 10 doesn't appear TRUNKED on fa0... It's that when I set the switch port fa1 to trunk, the switch stops responding on fa0 for VLAN10 natively/untagged (Even though fa0 SHOULD still be an access port)

H

hi,

What are those ports on the 887VAW connected to?

Thanks

John

**Please rate posts you find helpful**

fa0 is the actual connection to the network. It's currently an access port with VLAN10. The original intent was to change it to a trunk port with VLAN10 as the native and the extra VLANs trunked.

However changing that from access to trunk resulted (immediately) in no response from the 887 on VLAN10 (SVI)... Which was weird, because it shouldn't make any difference. I've done the same thing on various switches (3750's etc) to move from an access port to a trunk port in the past without issues.

I couldn't get that to work. So added the fa1 config... With ONLY VLAN66 on the trunk. Config works fine UNTIL you place fa1 into mode trunk. At which time the switch stops responding to the IP on the SVI VLAN10... VLAN10 though isn't on fa1. And there was no config change made to fa0... The ONLY config in addition to that shown above was to change fa1 from mode access to mode trunk...

Hence my furrowed brow...

I connected in via the console, and I did some more testing...

The issue only seems to appear on the ethernet interfaces. The internal switch connect to the embedded AP still works fine with all configured VLANs (And that's in mode trunk already)

There's nothing logged at the console or in the logs when it stops. It just... stops... No SVI's go down. 

if I change fa0 to a trunk, the 'sh int trunk/ shows the expected trunks on fa1... And shows the correct native VLAN (10). But the router can't ping anything on the ethernet and nothing on the ethernet can ping the VLAN10 SVI IP address

Again, the same if I change fa1... If I change it, save config and reload, it still doesn't respond on the ethernets. Change them all back to access and reload, it works...

Weird...

H

Hello,

what is the purpose of VLAN 10 being the native VLAN ? If it is not even on the trunk, you might as well remove:

switchport trunk native vlan 10

altogether, and leave Vlan 1 as the default native Vlan.

What's that interface connected to?  If you use a trunk, you have to have a matching trunk configuration on the other end of the link.  You should see error messages in the devices on both ends of that link to that effect.

Review Cisco Networking for a $25 gift card