Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
681
Views
4
Helpful
10
Replies

9300 L3 Switch Native VLAN Problem

alexfarias2
Level 1
Level 1

‎07-05-2024 09:30 PM - edited ‎07-07-2024 02:07 PM

Hello guys, hope all is well. I have never gone to the internet and started a thread, but this issue is getting to me.
I have a network with a Core Layer 3 switch doing all the routing. Its a 3650 L3 switch. The rest of the network are 2960 x series switches. I tried upgrading the L3 to a new 9300 48 port L3 switch. But, I'm running into an issue with connectivity. When I deployed the new core switch, the rest of the network couldn't communicate with it. I was able to see the rest of the network through the core with CDP, but not the other way around. The main VLAN is sitting on VLAN 1. I know bad practice but the network was like that already. Anyways, I believe I solved the issue if I just change the native tagging to off on the new switch.

My confusion is: The L3 switch that is already there that I'm trying to move away from, actually has "vlan dot1q tag native" issued on it. How is this possible? If the 2960 around it don't support native vlan tagging. How are they communicating properly with the L3 switch and back and CDP works. The minute I put the exact same config on the new 9300 they fail to communicate and only the new switch is able to see the rest of the network with CDP, but not the other way around.

 

Labels:
10 Replies 10

marce1000
VIP
VIP

‎07-06-2024 12:06 AM

 

  - Your post is a bit fuzzy and misty ; some advices :
           + Abandon the use of  "vlan dot1q tag native" everywhere because in normal networks , you don't need it
           + It's not bad practice 'to have VLAN 1' ; but don't use it for end nodes (users) : that also gives better opportunity to make a structured network and firewalling policies (on the intranet or external). Do not shutdown VLAN 1 on any equipment because it is used for low level negotiating protocols such as VTP
          +    >... around it couldn't not communicate with it = What do you mean by that ?
          +  Check logs on all involved devices ,  such as when connection changes are made , (or new connections between them are put in place)

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

alexfarias2
Level 1
Level 1
In response to marce1000

‎07-06-2024 09:09 PM - edited ‎07-07-2024 01:57 PM

I apologize for the fuzzy, was just looking to why the current network worked when it technically shouldn't have with that vlan dot1q tag native command. I always want to know why as an obsession of mine. By communication, I mean all communications, network connectivity and CDP neighbors. Let me put the configurations while minimizing them. I really appreciate the responses on a fuzzy post. Keep in mind, I'm going to upgrade this network to a practical one. What I'm asking again, is to how are these devices currently communicating, when they shouldn't be due to the "tagging" and "not tagging" on both sides of the trunk". First config is the "core/main switch" where on port 2 it connects to the access switch's port 1. I have posted all config and network diagram on my main post.

-me "anything that will give me more knowledge to pass my upcoming CCNP :D"

0 Helpful

alexfarias2
Level 1
Level 1
In response to marce1000

‎07-06-2024 09:27 PM - edited ‎07-06-2024 10:45 PM

.

0 Helpful

alexfarias2
Level 1
Level 1
In response to marce1000

‎07-07-2024 02:05 PM

I also updated my post to be a bit more clear and more context.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎07-06-2024 12:16 AM

We need to understand here some highlights, OLD switches uses IOS and new switches use IOS XE, some command syntax may be changed due to nature of future proof

The minute I put the exact same config on the new 9300 they fail to communicate.

.

if you could able to provide the configuration of old and new, and show us what is failing, that help to address the issue correctly.

some of the switches using Layer3 may have stuck ARP entries we have observed, that would help clear manually arp on switch (this is one of the suggestion i do here)

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

alexfarias2
Level 1
Level 1
In response to balaji.bandi

‎07-06-2024 09:12 PM

By exact I mean just the relevant configurations, not old commands so no worries. And I posted the configs to Marces reply. Thank you, Bandi any information would be appreciated.

0 Helpful

MHM Cisco World
VIP
VIP

‎07-07-2024 02:27 AM

Can you draw topolgy 
thanks 

MHM

0 Helpful

alexfarias2
Level 1
Level 1
In response to MHM Cisco World

‎07-07-2024 01:54 PM

network diagram.PNG

Preview file
30 KB
Preview file
40 KB
Preview file
39 KB

MHM Cisco World
VIP
VIP
In response to alexfarias2

‎07-08-2024 03:45 PM

Thanks for more info ypu share'

When ypu add vlan native tag in new cat9000 series can ypu share STP.

The vlan1 is use for stp and  stp send tag and untag bpdu in trunk' 

So please share STP for new Core after config native tag

MHM

0 Helpful

alexfarias2
Level 1
Level 1

‎07-07-2024 01:55 PM

network diagram.PNG

Preview file
40 KB
Preview file
30 KB
Preview file
39 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card