04-15-2010 12:12 PM - edited 03-06-2019 10:38 AM
I have two campuses. Both with a 6513 switch, both 6513s have multiple VLANs alerady created on them for different reasons. These two campuses are connected with a Metro Ethernet. The port that connects the two switches together is defined as a router port like this
Campus A
interface GigabitEthernet3/1
description Metro Ethernet Campus A
ip address 180.7.151.221 255.255.255.0
Campus B
interface GigabitEthernet3/1
description Metro Ethernet Campus B
ip address 180.7.151.222 255.255.255.0
The Campus A 6513 hs two VLANs that I want to trunk to Campus B. These VLANs are two DMZ VLANs trunked to the 6513 from our ASA firewall.
How would I do that and maintain a layer 3 conection between these two switches?
Something like this????
Campus A
interface GigabitEthernet3/1
no description Metro Ethernet Campus A
no ip address 180.7.151.221 255.255.255.0
vlan 20
name DMZA
!
vlan 50
name DMZB
interface GigabitEthernet3/1
description Trunk Connection
switchport
switchport trunk encapsulation dot1q
switchport access vlan 151
switchport trunk native vlan 151
switchport trunk allowed vlan 20,50,151
switchport mode trunk
interface Vlan151
ip address 180.7.151.221 255.255.255.0
ip pim sparse-dense-mode
Campus B
interface GigabitEthernet3/1
no ip address 180.7.151.222 255.255.255.0
vlan 20
name DMZA
!
vlan 50
name DMZB
interface GigabitEthernet3/1
description Trunk Connection
switchport
switchport trunk encapsulation dot1q
switchport access vlan 151
switchport trunk native vlan 151
switchport trunk allowed vlan 20,50,151
switchport mode trunk
interface Vlan151
ip address 180.7.151.222 255.255.255.0
All help greatly appreciated............
Solved! Go to Solution.
04-15-2010 12:39 PM
srroeder wrote:
Thanks for the quick reply,
I thought that is what I was doing,,,,
remove the layer 3 definitions...
interface GigabitEthernet3/1
no description Metro Ethernet Campus A
no ip address 180.7.151.221 255.255.255.0add the vlans..........
vlan 20
name DMZA
!
vlan 50name DMZB
change the physical port to a layer 2 trunk port.....
interface GigabitEthernet3/1
description Trunk Connection
switchport
switchport trunk encapsulation dot1q
switchport access vlan 151
switchport trunk native vlan 151
switchport trunk allowed vlan 20,50,151
switchport mode trunkcreate a virtual layer 3 port so I can still route.........
interface Vlan151
ip address 180.7.151.221 255.255.255.0
ip pim sparse-dense-modecorrect?? does the switchport config look correct?
Thanks
Sorry, it was because you left the routed config for gi3/1 in your example, i thought you were trying to use them both at the same time.
Your switchport config is not quite correct -
1) you should use a new vlan for your native vlan. By new i mean not used for anything else. You need to create the vlan at L2 but you don't need a L3 vlan interface for this vlan. This is recommended best practice. So lets use vlan 999 as an example. No end devices should be allocated into this vlan.
2) you don't need a "switchport access vlan .." line if the port is going to be a trunk.
So your config for gi3/1 would look like -
interface GigabitEthernet3/1
description Trunk Connection
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport trunk allowed vlan 20,50,151
switchport mode trunk
Jon
04-15-2010 12:20 PM
You can't configure a link as both L3 and a L2 trunk however you can change the link to a trunk and then move the IP addresses assigned to the routed ports to L3 vlan interfaces.
This looks like what you are doing in your config but obviously if you assign the IPs to vlan 151 interface then you must remove it from the physical port ie. gi3/1.
So you would need to remove this config from each switch -
interface GigabitEthernet3/1
no description Metro Ethernet Campus A
no ip address 180.7.151.221 255.255.255.0
the link will now be a L2 trunk link and not a routed link but you can still route across it.
Jon
04-15-2010 12:29 PM
Thanks for the quick reply,
I thought that is what I was doing,,,,
remove the layer 3 definitions...
interface GigabitEthernet3/1
no description Metro Ethernet Campus A
no ip address 180.7.151.221 255.255.255.0
add the vlans..........
vlan 20
name DMZA
!
vlan 50
name DMZB
change the physical port to a layer 2 trunk port.....
interface GigabitEthernet3/1
description Trunk Connection
switchport
switchport trunk encapsulation dot1q
switchport access vlan 151
switchport trunk native vlan 151
switchport trunk allowed vlan 20,50,151
switchport mode trunk
create a virtual layer 3 port so I can still route.........
interface Vlan151
ip address 180.7.151.221 255.255.255.0
ip pim sparse-dense-mode
correct?? does the switchport config look correct?
Thanks
04-15-2010 12:39 PM
srroeder wrote:
Thanks for the quick reply,
I thought that is what I was doing,,,,
remove the layer 3 definitions...
interface GigabitEthernet3/1
no description Metro Ethernet Campus A
no ip address 180.7.151.221 255.255.255.0add the vlans..........
vlan 20
name DMZA
!
vlan 50name DMZB
change the physical port to a layer 2 trunk port.....
interface GigabitEthernet3/1
description Trunk Connection
switchport
switchport trunk encapsulation dot1q
switchport access vlan 151
switchport trunk native vlan 151
switchport trunk allowed vlan 20,50,151
switchport mode trunkcreate a virtual layer 3 port so I can still route.........
interface Vlan151
ip address 180.7.151.221 255.255.255.0
ip pim sparse-dense-modecorrect?? does the switchport config look correct?
Thanks
Sorry, it was because you left the routed config for gi3/1 in your example, i thought you were trying to use them both at the same time.
Your switchport config is not quite correct -
1) you should use a new vlan for your native vlan. By new i mean not used for anything else. You need to create the vlan at L2 but you don't need a L3 vlan interface for this vlan. This is recommended best practice. So lets use vlan 999 as an example. No end devices should be allocated into this vlan.
2) you don't need a "switchport access vlan .." line if the port is going to be a trunk.
So your config for gi3/1 would look like -
interface GigabitEthernet3/1
description Trunk Connection
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport trunk allowed vlan 20,50,151
switchport mode trunk
Jon
04-15-2010 12:43 PM
Thanks for clearing that up.........
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide