03-27-2014 09:54 AM - edited 03-07-2019 06:53 PM
I have just installed a new 2960-XR switch as an access switch in our closet. I after setting up vtp info, assigning it a IP address on my mgmt network and setting up the trunk on the 6509 and 2960 ports, I am able to get a link light on both ends. I can also see a status of up up on both ends of the trunk ports, but I can not ping the 2960 switch from the 6509. I am providing the following configs below: Sh int, Sh int switchport, Sh VLAN Brief, Sh vtp status, and some of the sh running-config for both the 2960 and the 6509.
Cisco 2960-XR Configs
Sh int GigabitEthernet1/0/49
GigabitEthernet1/0/49 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is 5017.ff22.f631 (bia 5017.ff22.f631)
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not set
Full-duplex, 1000Mb/s, link type is auto, media type is 1000BaseSX SFP
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 1000 bits/sec, 1 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
5767 packets output, 423010 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
Sh int GigabitEthernet1/0/49 switchport
Name: Gi1/0/49
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
Sh VLAN Brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Te1/0/2
100 VLAN0100 active Gi1/0/48
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
Sh vtp status (passwords matches the servers)
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : domain
VTP Pruning Mode : Disabled
VTP Traps Generation : Enabled
Device ID : 5017.ff22.f600
Configuration last modified by 0.0.0.0 at 3-26-14 08:19:57
Feature VLAN:
--------------
VTP Operating Mode : Client
Maximum VLANs supported locally : 1005
Number of existing VLANs : 6
Configuration Revision : 5
sh running-config
interface GigabitEthernet1/0/49
switchport mode trunk
end
interface Vlan100
ip address 10.10.100.19 255.255.255.0
!
ip default-gateway 10.10.100.1
ip http server
ip http secure-server
sh int vlan 100
Vlan100 is up, line protocol is up
Hardware is EtherSVI, address is 5017.ff22.f642 (bia 5017.ff22.f642)
Internet address is 10.10.100.19/24
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:37:41, output 00:13:24, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
36 packets output, 2304 bytes, 0 underruns
0 output errors, 2 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
Cisco 6509E Sup2T Configs
Sh int GigabitEthernet2/6
GigabitEthernet2/6 is up, line protocol is up (connected)
Hardware is C6k 1000Mb 802.3, address is 0018.ba40.cae7 (bia 0018.ba40.cae7)
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, media type is 1000BaseSX
input flow-control is off, output flow-control is off
Clock mode is auto
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 101000 bits/sec, 71 packets/sec
13662 packets input, 1015555 bytes, 0 no buffer
Received 13220 broadcasts (13031 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
4408530 packets output, 774121430 bytes, 0 underruns
0 output errors, 0 collisions, 9 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
Sh int GigabitEthernet2/6 switchport
Name: Gi2/6
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Operational Dot1q Ethertype: 0x8100
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Operational Native VLAN tagging: disabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Sh VLAN Brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/1, Gi1/3, Gi1/4, Gi1/5
Gi1/6, Gi2/21, Gi2/22, Gi5/1
Te5/4, Gi7/13
10 VLAN0010 active
12 Vlan_12 active Gi3/3, Gi3/22, Gi3/29, Gi3/30
Gi3/31, Gi8/1, Gi8/3, Gi8/5
Gi8/11, Gi8/19, Gi8/21, Gi8/23
Gi9/24, Gi9/43, Gi9/45
20 hme active
87 VOP active
90 VLAN0090 active Gi3/2, Gi3/9, Gi3/10, Gi3/15
Gi3/18, Gi3/19, Gi3/20, Gi3/21
Gi3/23, Gi3/24, Gi3/25, Gi3/26
Gi3/27, Gi3/28, Gi3/32, Gi3/33
Gi3/34, Gi3/45, Gi3/48, Gi8/2
Gi8/6, Gi8/7, Gi8/8, Gi8/9
Gi8/12, Gi8/13, Gi8/14, Gi8/18
Gi8/20, Gi8/22, Gi8/28, Gi8/29
Gi8/30, Gi9/1, Gi9/2, Gi9/3
Gi9/4, Gi9/5, Gi9/6, Gi9/7
Gi9/8, Gi9/9, Gi9/10, Gi9/11
Gi9/12, Gi9/14, Gi9/16, Gi9/17
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
Gi9/18, Gi9/22, Gi9/23, Gi9/26
Gi9/27, Gi9/28, Gi9/29, Gi9/37
Gi9/40, Gi9/42, Gi9/44, Gi9/46
Gi9/47, Gi9/48
100 Mgmt_Vlan active Gi1/2, Gi3/5, Gi3/6, Gi3/7
Gi3/8, Gi3/11, Gi3/16, Gi3/17
Gi8/25, Gi8/26, Gi8/31, Gi8/32
Gi8/33, Gi8/34, Gi8/38, Gi8/41
Gi8/42, Gi9/32
101 helo active Gi3/1
111 1_Voice active
172 Wifi_Vlan active
192 San_Vlan active Gi2/23, Gi2/24, Gi8/45, Gi8/47
Gi8/48
199 RSPAN_VLAN act/lshut
200 Lab active Gi9/13, Gi9/15
211 Access_&_Pub2 active Gi8/37
222 2_Voice active
333 3_Voice active
880 VLAN0880 active Gi3/38, Gi3/39, Gi3/40, Gi3/42
Po30, Po31
882 VLAN0882 active Gi3/4
890 VLAN0890 active Gi3/35, Gi3/36, Gi3/37, Gi3/41
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
892 VLAN0892 active Gi9/19
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
Sh vtp status
VTP Version : 3 (capable)
Configuration Revision : 81
Maximum VLANs supported locally : 1005
Number of existing VLANs : 24
VTP Operating Mode : Server
VTP Domain Name : domain
VTP Pruning Mode : Disabled (Operationally Disabled)
VTP V2 Mode : Disabled
VTP Traps Generation : Enabled
Configuration last modified by 127.0.0.50 at 3-26-14 21:41:20
Local updater ID is 127.0.0.50 on interface EO0/2 (first interface found)
VTP version running : 1
sh int vlan 100
Vlan100 is up, line protocol is up
Hardware is EtherSVI, address is 0019.0731.c400 (bia 0019.0731.c400)
Internet address is 10.10.100.1/24
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
30 second input rate 30000 bits/sec, 15 packets/sec
30 second output rate 12000 bits/sec, 17 packets/sec
L2 Switched: ucast: 25253010 pkt, 1847622923 bytes - mcast: 0 pkt, 0 bytes
L3 in Switched: ucast: 4758524 pkt, 818095494 bytes - mcast: 0 pkt, 0 bytes
L3 out Switched: ucast: 29029994 pkt, 3239385350 bytes - mcast: 0 pkt, 0 bytes
33965688 packets input, 10158584180 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
33450945 packets output, 3444608246 bytes, 0 underruns
0 output errors, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
sh running-config
interface GigabitEthernet2/6
switchport
switchport mode trunk
switchport nonegotiate
speed nonegotiate
wrr-queue cos-map 2 1 1 2
wrr-queue cos-map 3 5 3 4
wrr-queue cos-map 3 7 6 7
rcv-queue cos-map 1 2 1
rcv-queue cos-map 1 3 2
rcv-queue cos-map 1 4 3
rcv-queue cos-map 1 5 4
rcv-queue cos-map 1 6 5
rcv-queue cos-map 1 7 6
rcv-queue cos-map 1 8 7
interface Vlan100
ip address 10.10.100.1 255.255.255.0
ip nat inside
ip flow monitor NTAmonitor input
ip flow monitor NTAmonitor output
load-interval 30
mls rp ip
03-27-2014 10:29 AM
do you see it at all via cdp ? If not then it's most likely a physical issue. Nothing jumps out as far as the config goes. I would reinput the domain name and make sure there are no blanks or spaces in the name. You could also let the switches try and negotiate the trunk "switchport mode dynamic desirable" and see what happens . You should at least see it via cdp at the very least . To verify the link you could temporarily set up each side as a simple access port in your mgt vlan and see if you can get to it. Also on the 2960 end add "switchport nonegotiate" and see what happens.
03-27-2014 02:36 PM
I see nothing via CDP on either side, and I made sure CDP was enabled globally on both switches. I have tried two switches now with both having the same result of showing the interface up but not being able to ping.
I tried "switchport mode dynamic desirable" on both sides but no joy. So, I placed the config back at "switchmode trunk allowed access vlan", "switchport nonnegotiate", and "speed nonnegotiate".
I also tried setting both sides as access ports, and was able to get the interfaces up once again but, still not able to see either switch via CDP. I made sure spanning-tree portfast was turned on, and assigned each port to the Mgmt VLAN.
I am currnetly connected directly to the 6509 with a fiber patch cable, and am no longer going through any type of patch panel.
I will also add that these switches have x2 SFP 10 Gig uplink connections and are 48 port switches. The only odd thing about them is that they are 48 port switches and there are two additional SFP ports which are labled Tengigabitethernet 1/0/1 -1/0/2. There are also two ports that show up in the CLI called Gigabitethernet 1/0/49 - 1/0/50, which one would assume would be used as 1 Gig uplinks for the SFP ports in place of the ten gig ports if they didn't have ten gig uplinks, which is my case. Is there something that I need to turn off as far as a setting in order to make sure the virtual interface Gigabitethernet 1/0/49 - 1/0/50 are used ?
Unconfigured 2960 switch
interface GigabitEthernet1/0/49
!
interface GigabitEthernet1/0/50
!
interface TenGigabitEthernet1/0/1
!
interface TenGigabitEthernet1/0/2
03-27-2014 07:17 PM
Whats the exact model of 2960 . I think the issue is you have to select whether you are going to use gigabit or 10 gigabit for the uplink . Try the info below on your 2960 uplinks
03-28-2014 06:18 PM
Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 52 WS-C2960XR-48LPD-I 15.0(2)EX1 C2960X-UNIVERSALK9-M
Also, media-type is not an option for this model switch for the interface.
Could this be a STP issue ?
Cisco 6509 Sup2T spanning-tree global settings
spanning-tree mode rapid-pvst
spanning-tree portfast edge default
spanning-tree portfast edge bpdufilter default
Cisco 2960-XR spanning-tree global settings
spanning-tree mode pvst
spanning-tree portfast default
spanning-tree portfast bpdufilter default
I checked the settings on the 6509 and their are no blocked ports, and the port in question in the 6509 is in a forwading state, but it is only forwarding VLAN1.
04-02-2014 03:41 PM
Hi Charles,
If I understand it right, is Gig1/0/49 on the 2960 switch connected to Gig2/6 on the 6500 series switch? If so, I do not see VLAN 100 is allowed & active on both the mentioned trunk ports in the show vlan brief output. You could also confirm the same with the output of show interface Gig1/0/49 trunk on the 2960 switch and show interface Gig2/6 trunk on the 6500 series switch. If VLAN 100 is not allowed on both the trunks, then obviously we will not be able to PING the 2960 switch from the 6500 switch as it is not allowed in the inter-connecting trunk ports and VLAN 100 being the management VLAN in your setup.
However, interface VLAN 100 is up on both the ends because vlan 100 is allowed and is active on Gig1/0/48 in the 2960 switch and on multiple ports except Gig2/6 on the 6500 series switch. The mandatory condition for a SVI to come up is there should be a port on which the VLAN is allowed and active and the physical state of that interface must be up.
Could you issue switchport trunk allowed vlan add 100 on both the interfaces Gi1/0/49 and Gig2/6 and check this again? We might need to check why VTP propagation did not work in your case.
I hope this helps. Also, please let me know if my understanding about this issue is wrong.
Thanks,
Arun
04-03-2014 02:35 PM
So it turns out that I had smartnet support after all for these switches. Which if I didn't I don't know if I would have found the problem. It turns out that the IOS image for this 2960XR was bad.
I setup a trunk connection directly to my 6509 from the 2960 by using the copper connections with a cat5e cable, and the link came up and I was able to ping and pass traffic through the port. So after establishing that the switch was able to pass traffic they had me install the newest IOS image on the switch, which was just one revision up from what was install currently. After installing the new IOS image I tested the uplink connections from the SFP ports and I was then able to pass traffic.
I spent about a week on this issue not even thinking that the problem could be with the IOS, because I would not think Cisco would put out a switch with a bug in the IOS that would not allow traffic to pass through.
Bad IOS Version
--------------------------------
c2960x-universalk9-mz.150-2.EX1
Good IOS Version
--------------------------------
c2960x-universalk9-mz.150-2.EX5
10-02-2014 10:55 PM
c2960x-universalk9-mz.150-2.EX5 is also bugged was unable to ping the Core with Native VLAN and LACP configured. Taking out LACP and Native VLAN and just setting up one arm trunk to the core fixed my issue. Hoping to downgrade to c2960x-universalk9-mz.150-2.EX4
Thanks
Sol
06-02-2014 07:15 AM
Check what speed is the port group on which this port is lying is running. Then try to run this command and change the speed of the port-group to the required one.
switch(config)# hw-module module <module number> port-group <port-group> select gigabitethernet"
sho hw-module module <module number> port-group
Shut no shut the port and then check again.
06-03-2014 01:24 AM
Dear
check the
show vtp password it should be the same
make the core vtp version to 2 so it would be similar to the switch or at least make the switch vtp version to 3
and then check if it work or not
also for Interface vlan 1 tell me what you configure
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide