Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Networking
- Switching
- Re: C9606R VLAN trunk problem
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
4428
Views
0
Helpful
10
Replies
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-13-2021 03:22 AM
I have a new C9606R switch
I start configuration from scratch
Building configuration...
Current configuration : 22363 bytes
!
! Last configuration change at 10:10:42 UTC Tue Jul 13 2021
!
version 17.3
service timestamps debug datetime msec
service timestamps log datetime msec
service internal
service call-home
platform punt-keepalive disable-kernel-core
!
hostname MAIN-CORE
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
no logging console
!
no aaa new-model
boot system bootflash:packages.conf
power redundancy-mode combined
!
ip name-server 172.30.7.220 172.30.4.252
ip dhcp excluded-address 10.30.1.254
ip dhcp excluded-address 172.30.7.0 172.30.7.240
ip dhcp excluded-address 172.30.6.250 172.30.6.254
ip dhcp excluded-address 172.30.4.250 172.30.4.254
ip dhcp excluded-address 172.30.5.200 172.30.5.254
ip dhcp excluded-address 172.30.8.200 172.30.8.254
ip dhcp excluded-address 172.30.3.140 172.30.3.254
ip dhcp excluded-address 172.30.4.18 172.30.4.19
!
ip dhcp pool webuidhcp
!
ip dhcp pool IPT
network 10.30.0.0 255.255.254.0
option 150 ip 10.1.1.224 10.1.1.233 10.1.1.222
default-router 10.30.1.254
!
ip dhcp pool VLAN3
network 172.30.3.0 255.255.255.0
default-router 172.30.3.252
dns-server 172.30.3.252 212.119.64.2 212.119.64.3
lease 7
!
ip dhcp pool VLAN4
network 172.30.4.0 255.255.255.0
default-router 172.30.4.254
dns-server 172.30.7.220 172.21.7.222 172.16.103.30 172.16.103.31 172.16.103.32
!
ip dhcp pool VLAN5
network 172.30.5.0 255.255.255.0
default-router 172.30.5.254
dns-server 172.30.7.220 172.21.7.222 172.16.103.30 172.16.103.31 172.16.103.32
!
ip dhcp pool VLAN6
network 172.30.6.0 255.255.255.0
default-router 172.30.6.252
dns-server 172.30.7.220 172.21.7.222 172.16.103.30 172.16.103.31 172.16.103.32
!
!
!
login on-success log
!
!
!
!
!
!
!
no device-tracking logging theft
!
crypto pki trustpoint TP-self-signed-47127993
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-47127993
revocation-check none
rsakeypair TP-self-signed-47127993
!
crypto pki trustpoint SLA-TrustPoint
enrollment pkcs12
revocation-check crl
!
!
crypto pki certificate chain TP-self-signed-47127993
certificate self-signed 01
3082032C 30820214 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
2F312D30 2B060355 04031324 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 34373132 37393933 301E170D 32313032 32343036 34313535
5A170D33 31303232 34303634 3135355A 302F312D 302B0603 55040313 24494F53
2D53656C 662D5369 676E6564 2D436572 74696669 63617465 2D343731 32373939
33308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 0A028201
0100C059 7E879E0A 6B1FC423 A2131B8F FEC1F46C 6ABA0883 27947D4A D35EC78D
F9BF2973 1FE4C3B4 C20227C8 9954F16F 96D3DDD3 E7FF111A DDE5BCB0 F90F9E72
D9455E2C 6D03468D 5AFFE465 F4EA2055 DD53ED35 5C542182 FD4DAA9C 39752E88
90FDE7C3 02AFDBDC AA005C49 91B67F2A CAFFBC93 25819CEB 92947783 939EA957
FC695AB0 41B0A0A7 D5A24F3F 70F23593 5341D575 06264021 1E773C18 F7D3830A
AA4213BC 47E76D51 3965C5CE 9B59BCD0 19AC1F97 F6DFB44C D3F43DD1 87389A92
FE6A53C5 99A1C64B CB8146F1 E84CE8F8 6D0D1513 FA310DC7 0BC76B92 D3C956BA
5029706A 21E237FB 91C52BE7 803F7D48 663F90B9 AABB8115 23A72EC2 33E07193
B0530203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14EA00E8 577E58E0 0F2E5B5A F85AA32B FD434DB7 47301D06
03551D0E 04160414 EA00E857 7E58E00F 2E5B5AF8 5AA32BFD 434DB747 300D0609
2A864886 F70D0101 05050003 82010100 14F0AF6C 59CB58A7 984EF513 3D2030FD
BE966B3C EDF5493E 68F1E0A2 C2F5B646 B546F3A3 544DE28D C3B85152 C8FC1829
7B5ED334 4F66177A 12114547 E131D8A0 508E3E6C 85EEB22A 473A3F64 99992081
73577778 AC1F3992 CD8FE4A6 8B4927FA 0CFC9AE7 A51C01A6 8A66EAB0 A2C8B987
2336639B 33876251 98FC9A84 05C5B2CA C9F9C2D9 D53FF455 8CA6667C 54090ECA
5ED1745D C3517311 5A7CE271 D21A9969 0DEF668C 4AE0EC6C 0C035AF8 3C4DD41D
47120039 959E0FB3 CDA5EFEE EE7BCECC 3B177E3D 7E53CAC2 1F24EEDE 6ADDE49A
CA91DE69 E7121636 216312A9 05AC682E 04332AB8 4EE3719F B2A380C3 8D09590E
9B2E0F42 6F93DEA4 4E7F431E C129C54B
quit
crypto pki certificate chain SLA-TrustPoint
certificate ca 01
30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030
32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363
6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934
3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305
43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720
526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030
82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D
CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520
1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE
4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC
7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188
68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7
C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191
C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44
DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201
06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85
4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500
03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905
604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B
D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8
467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C
7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B
5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678
80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB
418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0
D697DF7F 28
quit
!
!
license boot level network-advantage addon dna-advantage
!
!
diagnostic bootup level complete
!
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree vlan 1-1005 priority 24576
memory free low-watermark processor 290488
!
username steen privilege 15 password 0 hermagdon
!
redundancy
mode sso
!
!
!
!
!
!
transceiver type all
monitoring
!
!
class-map match-any system-cpp-police-ewlc-control
description EWLC Control
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic
class-map match-any system-cpp-default
description EWLC Data, Inter FED Traffic
class-map match-any system-cpp-police-sys-data
description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any system-cpp-police-l2lvx-control
description L2 LVX control packets
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
description MCAST END STATION
class-map match-any system-cpp-police-high-rate-app
description High Rate Applications
class-map match-any system-cpp-police-multicast
description MCAST Data
class-map match-any system-cpp-police-l2-control
description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-data
description ICMP redirect, ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-stackwise-virt-control
description Stackwise Virtual OOB
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
description Routing control and Low Latency
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
class-map match-any system-cpp-police-dhcp-snooping
description DHCP snooping
class-map match-any system-cpp-police-ios-routing
description L2 control, Topology control, Routing control, Low Latency
class-map match-any system-cpp-police-system-critical
description System Critical and Gold Pkt
class-map match-any system-cpp-police-ios-feature
description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed
!
policy-map system-cpp-policy
!
!
!
!
!
!
!
!
!
!
!
!
interface Port-channel1
switchport trunk native vlan 7
switchport mode trunk
switchport nonegotiate
!
interface Port-channel2
switchport trunk native vlan 7
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
negotiation auto
!
interface FortyGigabitEthernet1/0/1
descrtion *** Connected to Servers ***
switchport trunk native vlan 7
switchport mode trunk
!
interface FortyGigabitEthernet1/0/2
description *** Connected to Servers ***
switchport trunk native vlan 7
switchport mode trunk
!
interface FortyGigabitEthernet1/0/3
switchport trunk native vlan 7
switchport mode trunk
!
interface FortyGigabitEthernet1/0/4
switchport trunk native vlan 7
switchport mode trunk
!
interface FortyGigabitEthernet1/0/5
!
interface FortyGigabitEthernet1/0/6
!
interface FortyGigabitEthernet1/0/7
!
interface FortyGigabitEthernet1/0/8
interface TwentyFiveGigE2/0/1
switchport trunk native vlan 7
switchport mode trunk
!
interface TwentyFiveGigE2/0/2
switchport trunk native vlan 7
switchport mode trunk
!
interface TwentyFiveGigE2/0/3
switchport trunk native vlan 7
switchport mode trunk
!
interface TwentyFiveGigE2/0/4
switchport trunk native vlan 7
switchport mode trunk
!
interface TwentyFiveGigE2/0/5
switchport trunk native vlan 7
switchport mode trunk
!
interface TwentyFiveGigE2/0/6
switchport trunk native vlan 7
switchport mode trunk
!
interface TwentyFiveGigE2/0/7
switchport trunk native vlan 7
switchport mode trunk
!
interface TwentyFiveGigE2/0/8
switchport trunk native vlan 7
switchport mode trunk
!
interface TwentyFiveGigE2/0/9
!
interface TwentyFiveGigE2/0/10
!
interface TwentyFiveGigE2/0/11
!
interface TenGigabitEthernet0/1
vrf forwarding Mgmt-vrf
no ip address
negotiation auto
!
interface Vlan1
no ip address
shutdown
!
interface Vlan2
description *** FireWall Routing ***
ip address 172.30.2.254 255.255.255.0
!
interface Vlan3
description *** Access Points VLAN ***
ip address 172.30.3.254 255.255.255.0
!
interface Vlan4
description *** Manager VLAN 4 ***
ip address 172.30.4.254 255.255.255.0
ip helper-address 172.30.7.220
!
interface Vlan5
description *** Employee VLAN 5 ***
ip address 172.30.5.254 255.255.255.0
ip helper-address 172.30.7.220
!
interface Vlan6
description *** IT Department VLAN 6 ***
ip address 172.30.6.254 255.255.255.0
ip helper-address 172.30.7.220
!
interface Vlan7
description *** Management VLAN 7 ***
ip address 172.30.7.100 255.255.255.0
ip ospf network point-to-point
ip policy route-map Managment
!
interface Vlan10
description this vlan use for IPT
ip address 10.30.1.254 255.255.254.0
!
router ospf 100
network 10.30.0.0 0.0.1.255 area 0
network 172.30.2.0 0.0.0.255 area 0
network 172.30.3.0 0.0.0.255 area 0
network 172.30.4.0 0.0.0.255 area 0
network 172.30.5.0 0.0.0.255 area 0
network 172.30.6.0 0.0.0.255 area 0
network 172.30.7.0 0.0.0.255 area 0
default-information originate
!
ip default-gateway 10.1.1.1
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 172.30.7.254
!
!
ip access-list extended Deny_SSH_TELNET
10 permit ip any any
!
ip access-list extended 106
10 deny ip 172.30.6.0 0.0.0.255 190.120.0.0 0.0.255.255
20 deny ip 172.30.6.0 0.0.0.255 172.30.3.0 0.0.0.255
30 deny ip 172.30.6.0 0.0.0.255 172.30.4.0 0.0.0.255
40 deny ip 172.30.6.0 0.0.0.255 172.30.5.0 0.0.0.255
50 deny ip 172.30.6.0 0.0.0.255 172.30.7.0 0.0.0.255
60 deny ip 172.30.6.0 0.0.0.255 10.30.0.0 0.0.1.255
70 deny ip 172.30.6.0 0.0.0.255 10.250.0.0 0.0.1.255
80 deny ip 172.30.6.0 0.0.0.255 172.17.2.172 0.0.0.3
90 deny ip 172.30.6.0 0.0.0.255 172.16.100.0 0.0.3.255
100 deny ip 172.30.6.0 0.0.0.255 192.168.100.0 0.0.0.255
110 deny ip 172.30.6.0 0.0.0.255 172.30.12.0 0.0.0.255
120 deny ip 172.30.6.0 0.0.0.255 172.30.20.0 0.0.0.255
130 deny ip 172.30.6.0 0.0.0.255 172.30.25.0 0.0.0.255
140 deny ip 172.30.6.0 0.0.0.255 172.30.30.0 0.0.0.255
150 deny ip 172.30.6.0 0.0.0.255 172.30.35.0 0.0.0.255
160 deny ip 172.30.6.0 0.0.0.255 172.30.40.0 0.0.0.255
170 deny ip 172.30.6.0 0.0.0.255 172.30.45.0 0.0.0.255
180 deny ip 172.30.6.0 0.0.0.255 172.30.50.0 0.0.0.255
190 deny ip 172.30.6.0 0.0.0.255 172.30.55.0 0.0.0.255
200 deny ip 172.30.6.0 0.0.0.255 172.30.60.0 0.0.0.255
210 deny ip 172.30.6.0 0.0.0.255 172.30.65.0 0.0.0.255
220 permit ip 172.30.6.0 0.0.0.255 any
ip access-list extended 107
10 deny ip 172.30.7.0 0.0.0.255 190.120.0.0 0.0.255.255
20 deny ip 172.30.7.0 0.0.0.255 172.30.2.0 0.0.0.255
30 deny ip 172.30.7.0 0.0.0.255 172.30.3.0 0.0.0.255
40 deny ip 172.30.7.0 0.0.0.255 172.30.4.0 0.0.0.255
50 deny ip 172.30.7.0 0.0.0.255 172.30.5.0 0.0.0.255
60 deny ip 172.30.7.0 0.0.0.255 172.30.6.0 0.0.0.255
70 deny ip 172.30.7.0 0.0.0.255 172.30.12.0 0.0.0.255
80 deny ip 172.30.7.0 0.0.0.255 172.30.20.0 0.0.0.255
90 deny ip 172.30.7.0 0.0.0.255 172.30.25.0 0.0.0.255
100 deny ip 172.30.7.0 0.0.0.255 172.30.30.0 0.0.0.255
110 deny ip 172.30.7.0 0.0.0.255 172.30.35.0 0.0.0.255
120 deny ip 172.30.7.0 0.0.0.255 172.30.40.0 0.0.0.255
130 deny ip 172.30.7.0 0.0.0.255 172.30.45.0 0.0.0.255
140 deny ip 172.30.7.0 0.0.0.255 172.30.50.0 0.0.0.255
150 deny ip 172.30.7.0 0.0.0.255 172.30.55.0 0.0.0.255
160 deny ip 172.30.7.0 0.0.0.255 172.30.60.0 0.0.0.255
170 deny ip 172.30.7.0 0.0.0.255 172.30.65.0 0.0.0.255
180 deny ip 172.30.7.0 0.0.0.255 10.30.0.0 0.0.1.255
190 deny ip 172.30.7.0 0.0.0.255 10.250.0.0 0.0.1.255
200 deny ip 172.30.7.0 0.0.0.255 172.17.2.172 0.0.0.3
210 deny ip 172.30.7.0 0.0.0.255 172.16.100.0 0.0.3.255
220 deny ip 172.30.7.0 0.0.0.255 192.168.100.0 0.0.0.255
230 permit ip 172.30.7.0 0.0.0.255 any
!
route-map empl permit 10
!
route-map IT permit 10
match ip address 106
set ip next-hop 172.30.6.252
!
route-map Employee permit 10
match ip address 105
set ip next-hop 172.30.5.252
!
route-map Wserver permit 10
match ip address 102
set ip next-hop 172.30.2.252
!
route-map Manager permit 10
match ip address 104
set ip next-hop 172.30.4.252
!
route-map Managment permit 10
match ip address 107
set ip next-hop 172.30.7.254
!
route-map AccessP permit 10
match ip address 103
set ip next-hop 172.30.3.252
!
!
snmp-server community public RW
snmp-server location Jeddah
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps vtp
snmp-server enable traps cpu threshold
snmp-server enable traps flash insertion
snmp-server enable traps flash removal
snmp-server enable traps entity
snmp-server enable traps envmon fan shutdown supply temperature
snmp-server enable traps config
snmp-server enable traps hsrp
snmp-server enable traps syslog
snmp-server enable traps bgp
!
control-plane
service-policy input system-cpp-policy
!
!
line con 0
exec-timeout 0 0
password hermagdon
login local
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password hermagdon
login local
transport input telnet ssh
line vty 5 15
privilege level 15
password hermagdon
login
transport input telnet ssh
!
call-home
! If contact email address in call-home is configured as sch-smart-licensing@cisco.com
! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications.
contact-email-addr sch-smart-licensing@cisco.com
profile "CiscoTAC-1"
active
destination transport-method http
!
!
!
!
!
!
endThere is a nother switch with ip 172.30.7.4 connected to Twe 2/0/1
Device ID Local Intrfce Holdtme Capability Platform Port ID
NWC-STNADBY-S.mewa
Twe 2/0/1 173 S I WS-C2960X Ten 1/0/2But I fail to ping it
Also can not ping the C9606R switch (172.30.7.100) it self
And there are servers connected to ports Twe2/0/2 and Twe2/0/3
Twe2/0/1 connected trunk full 10G SFP-10GBase-SR Twe2/0/2 connected trunk full 10G SFP-10GBase-SR Twe2/0/3 connected trunk full 10G SFP-10GBase-SR Twe2/0/4 notconnect 1 full 10G SFP-10GBase-SR Twe2/0/5 notconnect 1 full 10G SFP-10GBase-SR
Can not ping them please help ??
Solved! Go to Solution.
Labels:
- Labels:
-
Catalyst 6000
1 Accepted Solution
Accepted Solutions
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-15-2021 05:48 AM
Hello @am.steen ,
you need to enable CEF on the SVI
>> so remove the command no ip route-cache this is conceptually wrong
interface Vlan7 description Management VLAN 7 ip address 172.30.7.4 255.255.255.0 no ip route-cache !
also verify the state of interface with
show interface vlan7
on the Catalyst 9600 for sake of simplicity remove under SVI VLAN 7 the route-map for PBR as it can affect the ping tests.
Catalyst 9600
int vlan 7
no ip policy route-map Managment
Verify that SVI Vlan 7 is up/up and try again as no hosts is answering to this device the PBR is the first suspect.
By the way, each device in subnet should have the correct default gateway so this PBR is not needed.
Hope to help
Giuseppe
10 Replies 10
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-13-2021 03:39 AM
Interface VLAN is there but where is the VLAN database in the config?
conf t vlan 2 vlan 3 vlan 4 vlan 5 vlan 6 vlan 7 vlan 10 end
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-13-2021 06:42 AM
I do that and now I can ping the switch 172.30.7.100
But can not ping the other switch connected to it 172.30.7.4
MAIN-CORE#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay
Device ID Local Intrfce Holdtme Capability Platform Port ID
STNADBY-S
Twe 2/0/1 160 S I WS-C2960X Ten 1/0/2
Total cdp entries displayed : 1Also I have HP Blade Servers connected to interface TwentyFiveGigE2/0/2 and interface TwentyFiveGigE2/0/3
And Can not Ping Them
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-13-2021 03:32 PM
Provide more info about the 2960X.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-13-2021 11:30 PM
This is code on it
sh run Building configuration... Current configuration : 4303 bytes ! ! Last configuration change at 06:25:32 UTC Wed Jul 14 2021 ! version 15.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname NWC-STNADBY-S ! boot-start-marker boot-end-marker ! ! username steen privilege 15 secret 5 $1$FQFb$68HdVzuB7Wu8Lnu6Az05e1 no aaa new-model switch 1 provision ws-c2960xr-24pd-i system mtu routing 1500 ! ! ! ! ! ! ip domain-name mewa ! ! ! ! ! ! ! ! spanning-tree mode rapid-pvst spanning-tree extend system-id ! ! ! ! vlan internal allocation policy ascending ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0 no ip address shutdown ! interface GigabitEthernet1/0/1 description Connect to USER switchport access vlan 4 switchport mode access switchport voice vlan 10 mls qos trust device cisco-phone mls qos trust cos spanning-tree portfast edge spanning-tree bpdufilter enable spanning-tree bpduguard enable ! interface GigabitEthernet1/0/2 description Connect to USER switchport access vlan 4 switchport mode access switchport voice vlan 10 mls qos trust device cisco-phone mls qos trust cos spanning-tree portfast edge spanning-tree bpdufilter enable spanning-tree bpduguard enable ! interface GigabitEthernet1/0/3 description Connect to USER switchport access vlan 5 switchport mode access switchport voice vlan 10 mls qos trust device cisco-phone mls qos trust cos spanning-tree portfast edge spanning-tree bpdufilter enable spanning-tree bpduguard enable ! interface GigabitEthernet1/0/4 description Connect to USER switchport access vlan 4 switchport mode access switchport voice vlan 10 mls qos trust device cisco-phone mls qos trust cos spanning-tree portfast edge spanning-tree bpdufilter enable spanning-tree bpduguard enable ! interface GigabitEthernet1/0/5 description Connect to USER switchport access vlan 7 switchport mode access switchport voice vlan 10 mls qos trust device cisco-phone mls qos trust cos spanning-tree portfast edge spanning-tree bpdufilter enable spanning-tree bpduguard enable ! interface GigabitEthernet1/0/6 switchport access vlan 7 switchport mode access switchport voice vlan 10 mls qos trust device cisco-phone mls qos trust cos spanning-tree portfast edge spanning-tree bpdufilter enable spanning-tree bpduguard enable ! interface GigabitEthernet1/0/7 ! interface GigabitEthernet1/0/8 ! interface GigabitEthernet1/0/9 ! interface GigabitEthernet1/0/10 ! interface GigabitEthernet1/0/11 ! interface GigabitEthernet1/0/12 ! interface GigabitEthernet1/0/13 ! interface GigabitEthernet1/0/14 ! interface GigabitEthernet1/0/15 ! interface GigabitEthernet1/0/16 ! interface GigabitEthernet1/0/17 ! interface GigabitEthernet1/0/18 ! interface GigabitEthernet1/0/19 ! interface GigabitEthernet1/0/20 ! interface GigabitEthernet1/0/21 ! interface GigabitEthernet1/0/22 ! interface GigabitEthernet1/0/23 ! interface GigabitEthernet1/0/24 description Connect to ITC switchport mode trunk ! interface GigabitEthernet1/0/25 ! interface GigabitEthernet1/0/26 ! interface TenGigabitEthernet1/0/1 description *** Connected to MAIN-CORE *** switchport trunk native vlan 7 switchport mode trunk ! interface TenGigabitEthernet1/0/2 description *** Connected to MAIN-CORE *** switchport trunk native vlan 7 switchport mode trunk ! interface Vlan1 no ip address shutdown ! interface Vlan7 description Management VLAN 7 ip address 172.30.7.4 255.255.255.0 no ip route-cache ! ip default-gateway 172.30.7.100 no ip forward-protocol nd ! no ip http server ip http authentication local no ip http secure-server ! ! ! snmp-server community public RO snmp-server location Makkah Region snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart snmp-server enable traps tty snmp-server enable traps config snmp-server enable traps entity snmp-server enable traps cpu threshold snmp-server enable traps syslog snmp-server enable traps vtp snmp-server enable traps flash insertion removal snmp-server enable traps envmon fan shutdown ! line con 0 login local line vty 0 4 privilege level 15 password 7 060E0A33414F0E1D0A19 logging synchronous login transport input telnet ssh line vty 5 15 privilege level 15 password 7 020E0149060708254340 login transport input telnet ssh ! ! end
show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay
Device ID Local Intrfce Holdtme Capability Platform Port ID
SEP88908D734451 Gig 1/0/1 167 H P M IP Phone Port 1
MAIN-CORE Ten 1/0/2 133 R S I C9606R Twe 2/0/1
Total cdp entries displayed : 2also ca not ping core 172.30.7.100 from the 2960X.Sw
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-14-2021 04:32 AM
Any suggestion ??
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-14-2021 03:30 PM
Same as the 9606: Where is the VLAN database in the 2960X?
conf t vlan 7 end
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-15-2021 12:46 AM
I already do that but it is not pinging
This is from 2960X
NWC-STNADBY-S#show interface TenGigabitEthernet1/0/1 switchport
Name: Te1/0/1
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 7 (VLAN0007)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
NWC-STNADBY-S#show interface TenGigabitEthernet1/0/2 switchport
Name: Te1/0/2
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 7 (VLAN0007)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
NWC-STNADBY-S#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/0/7, Gi1/0/8, Gi1/0/9
Gi1/0/10, Gi1/0/11, Gi1/0/12
Gi1/0/13, Gi1/0/14, Gi1/0/15
Gi1/0/16, Gi1/0/17, Gi1/0/18
Gi1/0/19, Gi1/0/20, Gi1/0/21
Gi1/0/22, Gi1/0/23, Gi1/0/24
Te1/0/1
4 VLAN0004 active Gi1/0/1, Gi1/0/2, Gi1/0/4
5 VLAN0005 active Gi1/0/3
7 VLAN0007 active Gi1/0/5, Gi1/0/6
10 VLAN0010 active Gi1/0/1, Gi1/0/2, Gi1/0/3
Gi1/0/4, Gi1/0/5, Gi1/0/6
20 VLAN0020 active
30 VLAN0030 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
4 enet 100004 1500 - - - - - 0 0
5 enet 100005 1500 - - - - - 0 0
7 enet 100007 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
30 enet 100030 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
NWC-STNADBY-S#
NWC-STNADBY-S#sh interface TenGigabitEthernet1/0/1 trunk Port Mode Encapsulation Status Native vlan Te1/0/1 on 802.1q other 7 Port Vlans allowed on trunk Te1/0/1 none Port Vlans allowed and active in management domain Te1/0/1 none Port Vlans in spanning tree forwarding state and not pruned Te1/0/1 none NWC-STNADBY-S#sh interface TenGigabitEthernet1/0/2 trunk Port Mode Encapsulation Status Native vlan Te1/0/2 on 802.1q trunking 7 Port Vlans allowed on trunk Te1/0/2 1-4094 Port Vlans allowed and active in management domain Te1/0/2 1,4-5,7,10,20,30 Port Vlans in spanning tree forwarding state and not pruned Te1/0/2 1,4-5,7,10,20,30 NWC-STNADBY-S#
And this is from 9606
MAIN-CORE#show interface TwentyFiveGigE2/0/1 switchport
Name: Twe2/0/1
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 7 (VLAN0007)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Vepa Enabled: false
App Interface: false
Appliance trust: none
MAIN-CORE#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fo1/0/1, Fo1/0/2, Fo1/0/3
Fo1/0/4, Fo1/0/5, Fo1/0/6
Fo1/0/7, Fo1/0/8, Fo1/0/9
Fo1/0/10, Fo1/0/11, Fo1/0/12
Fo1/0/13, Fo1/0/14, Fo1/0/15
Fo1/0/16, Fo1/0/17, Fo1/0/18
Fo1/0/19, Fo1/0/20, Fo1/0/21
Fo1/0/22, Fo1/0/23, Fo1/0/24
Hu1/0/25, Hu1/0/26, Hu1/0/27
Hu1/0/28, Hu1/0/29, Hu1/0/30
Hu1/0/31, Hu1/0/32, Hu1/0/33
Hu1/0/34, Hu1/0/35, Hu1/0/36
Hu1/0/37, Hu1/0/38, Hu1/0/39
Hu1/0/40, Hu1/0/41, Hu1/0/42
Hu1/0/43, Hu1/0/44, Hu1/0/45
Hu1/0/46, Hu1/0/47, Hu1/0/48
Twe2/0/2, Twe2/0/3, Twe2/0/4
Twe2/0/5, Twe2/0/6, Twe2/0/7
Twe2/0/8, Twe2/0/9, Twe2/0/10
Twe2/0/11, Twe2/0/12, Twe2/0/13
Twe2/0/14, Twe2/0/15, Twe2/0/16
Twe2/0/17, Twe2/0/18, Twe2/0/19
Twe2/0/20, Twe2/0/21, Twe2/0/22
Twe2/0/23, Twe2/0/24, Twe2/0/25
Twe2/0/26, Twe2/0/27, Twe2/0/28
Twe2/0/29, Twe2/0/30, Twe2/0/31
Twe2/0/32, Twe2/0/33, Twe2/0/34
Twe2/0/35, Twe2/0/36, Twe2/0/37
Twe2/0/38, Twe2/0/39, Twe2/0/40
Twe2/0/41, Twe2/0/42, Twe2/0/43
Twe2/0/44, Twe2/0/45, Twe2/0/46
Twe2/0/47, Twe2/0/48
2 VLAN0002 active
3 VLAN0003 active
4 VLAN0004 active
5 VLAN0005 active
6 VLAN0006 active
7 VLAN0007 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
2 enet 100002 1500 - - - - - 0 0
3 enet 100003 1500 - - - - - 0 0
4 enet 100004 1500 - - - - - 0 0
5 enet 100005 1500 - - - - - 0 0
6 enet 100006 1500 - - - - - 0 0
7 enet 100007 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
MAIN-CORE#show int TwentyFiveGigE2/0/1 trunk
Port Mode Encapsulation Status Native vlan
Twe2/0/1 on 802.1q trunking 7
Port Vlans allowed on trunk
Twe2/0/1 1-4094
Port Vlans allowed and active in management domain
Twe2/0/1 1-7
Port Vlans in spanning tree forwarding state and not pruned
Twe2/0/1 1-7
MAIN-CORE#Still not pinging Please help
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-15-2021 04:27 AM
Is VLAN 7 even "up/up"?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-15-2021 05:48 AM
Hello @am.steen ,
you need to enable CEF on the SVI
>> so remove the command no ip route-cache this is conceptually wrong
interface Vlan7 description Management VLAN 7 ip address 172.30.7.4 255.255.255.0 no ip route-cache !
also verify the state of interface with
show interface vlan7
on the Catalyst 9600 for sake of simplicity remove under SVI VLAN 7 the route-map for PBR as it can affect the ping tests.
Catalyst 9600
int vlan 7
no ip policy route-map Managment
Verify that SVI Vlan 7 is up/up and try again as no hosts is answering to this device the PBR is the first suspect.
By the way, each device in subnet should have the correct default gateway so this PBR is not needed.
Hope to help
Giuseppe
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-15-2021 07:01 AM
You are completely Right
I do not know how to thank you, you save my Day.
Thanks Again
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Customers Also Viewed These Support Documents