cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
25650
Views
0
Helpful
9
Replies

cant ping from one vlan to another after setting up trunk

ryan_cisco
Level 1
Level 1

Hello.  I am trying to follow this Cisco document here:

http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_example09186a00800ef797.shtml

I have been though the setup a couple of time with no luck pinging one pc to another from vlan 10 to vlan 20.  I posted the running configs and some other information from my router and switch.  I am relatively new to all of this so if you need me to post more information from the hardware let me know and Ill put it up. 

There are no firewalls in place and I know the cables are good because I switched them around to make sure.  Also when I change the ip on my second machine for vlan 10 I can ping from one pc to the other but when I try the same for vlan 20 I get nothing.

Thanks for the help.

**From my 2950 switch**

Current configuration : 2825 bytes

!

version 12.1

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Switch

!

!

ip subnet-zero

!

ip ssh time-out 120

ip ssh authentication-retries 3

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

!

!

!        

interface Port-channel1

switchport trunk native vlan 10

switchport mode trunk

!

interface FastEthernet0/1

!

interface FastEthernet0/2

switchport trunk native vlan 10

switchport mode trunk

channel-group 1 mode on

!

interface FastEthernet0/3

switchport trunk native vlan 10

switchport mode trunk

channel-group 1 mode on

!

interface FastEthernet0/4

!

interface FastEthernet0/5

switchport access vlan 10

!

interface FastEthernet0/6

i

switchport access vlan 10

!

interface FastEthernet0/7

switchport access vlan 10

!

interface FastEthernet0/8

switchport access vlan 10

!

interface FastEthernet0/9

switchport access vlan 10

!

interface FastEthernet0/10

switchport access vlan 10

!

interface FastEthernet0/11

switchport access vlan 10

!

interface FastEthernet0/12

switchport access vlan 10

!

interface FastEthernet0/13

switchport access vlan 10

**output supressed**

interface Vlan1

no ip address

no ip route-cache

shutdown

!

interface Vlan10

ip address 10.10.10.10 255.255.255.0

no ip route-cache

!

ip default-gateway 10.10.10.1

ip http server

!

line con 0

line vty 5 15

!

!

end

**From my 2691**

Current configuration : 1039 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

no network-clock-participate wic 0

ip cef

!

!

!

!

!

!

controller T1 0/0

framing sf

linecode ami

!

!

!

interface Port-channel1

no ip address

hold-queue 0 in

!

interface Port-channel1.10

encapsulation dot1Q 10 native

ip address 10.10.10.1 255.255.255.0

!

interface Port-channel1.20

encapsulation dot1Q 20

ip address 10.10.11.1 255.255.255.0

!

interface FastEthernet0/0

no ip address

duplex auto

speed auto

channel-group 1

!

interface FastEthernet0/1

no ip address

duplex auto

speed auto

channel-group 1

!

interface Serial0/1

no ip address

shutdown

no fair-queue

clock rate 125000

!

interface Serial0/2

no ip address

shutdown

clock rate 125000

!

!

!

!

ip http server

no ip http secure-server

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

line aux 0

line vty 0 4

!

!

end

Router#

FastEthernet0/1 added as member-1 to port-channel1

*Mar  1 05:32:11.643: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

FastEthernet0/0 added as member-2 to port-channel1

*Mar  1 05:32:15.855: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed state to up

*Mar  1 05:32:17.791: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

Router#

**Here is a successful ping to my pc from vlan 10**

Switch#ping 10.10.10.244

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.244, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/202/1004 ms

Switch#

**Here is an unsucessfull ping to my second pc on vlan 20**

Switch#ping 10.10.11.245

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.11.245, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

Switch#

Switch#show vlan brief

VLAN Name                             Status    Ports

---- -------------------------------- --------- -------------------------------

1    default                          active    Fa0/1, Fa0/4, Fa0/27, Fa0/28

                                                Fa0/29, Fa0/30, Fa0/31, Fa0/32

                                                Fa0/33, Fa0/34, Fa0/35, Fa0/36

                                                Fa0/37, Fa0/38, Fa0/39, Fa0/40

                                                Fa0/41, Fa0/42, Fa0/43, Fa0/44

                                                Fa0/45, Fa0/46, Fa0/47, Fa0/48

                                                Gi0/1, Gi0/2

10   VLAN0010                         active    Fa0/5, Fa0/6, Fa0/7, Fa0/8

                                                Fa0/9, Fa0/10, Fa0/11, Fa0/12

                                                Fa0/13, Fa0/14

20   VLAN0020                         active    Fa0/15, Fa0/16, Fa0/17, Fa0/18

                                                Fa0/19, Fa0/20, Fa0/21, Fa0/22

                                                Fa0/23, Fa0/24, Fa0/25, Fa0/26

1002 fddi-default                     act/unsup

1003 token-ring-default               act/unsup

1004 fddinet-default                  act/unsup

1005 trnet-default                    act/unsup

Switch#

9 Replies 9

Richard Burts
Hall of Fame
Hall of Fame

The switch config that you posted is incomplete. There is not anything in the posted config for vlan 20, but the output of show vlan brief shows that there is vlan 20. I can not tell whether there is something in the missing part of the configuration that impacts use of VLAN 10.

It would be helpful if you would post the output of show interface trunk from the switch.

I would expect to see on the switch something like

vlan 10

name

vlan 20

name

I do not know if they are really in the config and just not in what you posted or whether they are not in the config. Can you clarify?

HTH

Rick

HTH

Rick

Here is the show you requested:

Switch#show int trunk

Port        Mode         Encapsulation  Status        Native vlan

Po1         on           802.1q         trunking      10

Port      Vlans allowed on trunk

Po1         1-4094

Port        Vlans allowed and active in management domain

Po1         1,10,20

Port        Vlans in spanning tree forwarding state and not pruned

Po1         1,10,20

Switch#

Hello, as far as I can read from the document you provided, you cannot set up etherchannel on a 2600 router unless you are using the interfaces from an NM-16ESW module.

See the requirements table

Router Platform EtherChannel IEEE 802.1Q Encapsulation
Cisco 1710 router No Yes
Cisco 1751 router No Yes
Cisco 2600 series No1 Yes
Cisco 3600 series No1 Yes
Cisco 3700 series No1 Yes
Cisco 4000-M series (4000-M, 4500-M, 4700-M) No Yes
Cisco 7000 series (RSP2 7000, RSP 7000CI) Yes Yes
Cisco 7100 No Yes
Cisco 7200 series Yes Yes
Cisco 7500 series (RSP1, RSP2, RSP4) Yes Yes
1 An exception to EtherChannel support on Cisco 2600, 3600, and 3700 series routers is when you have installed either the NM-16ESW or NM-36ESW Ethernet Switch Network Module. Each of these modules supports a maximum of six EtherChannels, with up to eight ports in an EtherChannel bundle.

The example is using 7200 and etherchannel is supported on that.

It does support router on a stick kind of configuration but only with a single link.

Hope that helps.

Sent from Cisco Technical Support iPhone App

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Steven Clinton
Level 1
Level 1

Please provide the output of a show ip route, also you will want to change your native vlan from 10, to something that is not so heavily used.

ahmadamr85
Level 1
Level 1

You can't setup an etherchannel between a layer3 device and a layer 2 device, in order to make this setup work just remove the etherchannel configuration and connect one cable to your switch and configure this interface as trunk and configure dot1q on the router on the physical interface rather the logical interface

Interface f0.10
Encapsulation dot1q 10
IP address x.x.x.x y.y.y.y
Interface f0.20
Encapsulation dot1q 20
IP address x.x.x.x y.y.y.y

!
! On the switch
!
Interface f0/24
Switchport encap dot1q
Switchport mode trunk


Sent from Cisco Technical Support iPhone App

Good Day

Can anyone assist me pls. I am struggling to get layer 3 ether-channel to communicate to the management VLAN 60. My ether-channel is up and I can ping my ether-channel IP's but my vlan 60 is still in down state. Here is my configs

 Core 6800 config

int ra te1/2/2 - 3 
description # Link to Distribution 1 Block1 #####
def switchport mode trunk
def switchport trunk native vlan 99
def switchport trunk encapsulation dot1q
no switchport
ip ospf network point-to-point
channel-g 50 mo on
no ip address
!
int po50
no switchport
defa flowcontrol receive on
ip address 10.31.88.3 255.255.255.254
!
vlan 60
name Management
!
int vl 60
ip address 10.31.94.1 255.255.255.224
!
!
!
!
!
!
!

CAT 4500 X configs

int ra te1/2/2 - 3 
description # Link to Core Switch #####
def switchport mode trunk
def switchport trunk native vlan 99
def switchport trunk encapsulation dot1q
no switchport
ip ospf network point-to-point
channel-g 50 mo on
no ip address
!
int po50
no switchport
defa flowcontrol receive on
ip address 10.31.88.4 255.255.255.254
!
vlan 60
name Management
!
int vl 60
ip address 10.31.94.5 255.255.255.224
!

I do not have much experience with 6800 and perhaps the syntax you have posted is correct there. But the syntax that you show on the 4500 does not look right to me.

def switchport mode trunk
def switchport trunk native vlan 99
def switchport trunk encapsulation dot1q

and in my experience when you configure the switch interface as no switchport you have made it into a layer 3 interface and I am not sure that a layer 3 interface can be a member of a port channel.

 

HTH

 

Rick

 

HTH

Rick

I agree with Richard. The config looks wrong. I would strongly advise you to read the basics of ether channeling and also with regards to the switchport and no switchport commands. Im not entirely sure but I also I think your subnetting for vlan 50 is wrong.

Richard, I think the syntax is exact same, it usually runs with SUP2T with normal IOS code.

ruanthekid I will suggest appropriate config for you below - it will get your layer 2 etherchannel operational and also provide point-to-point routing leveraging vlan 50. Your default gateway for your access layer will be closer on the distribution switch rather than the Core. Then let everything route between. Instead of creating a L3 port-channel, I have suggested L2 in the case that you may for whatever reason decide to trunk additional VLANs between the core and distribution. Otherwise you can change the portchannels to operate at L3 and remove the need for VLAN 50.

Richard, Please feel free to peer review :) :

 

Core 6800 config

interface range te1/2/2-3 
description # Link to Distribution 1 Block1 #
switchport mode trunk
switchport trunk native vlan 99
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 50
channel-group 50 mode active
!
int po50
description # Link to Distribution 1 Block1 #
switchport mode trunk
switchport trunk native vlan 99
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 50
!
vlan 50
name Routed_P2P
!
interface vlan 50
ip address 10.31.88.4 255.255.255.254
ip ospf 1 area 0
ip ospf network point-to-point
!
router ospf 1
router-id x.x.x.x
passive-interface default
no passive interface vlan 50

====================================================

Distribution 4500X Config

int ra te1/2/2-3 
description # Link to Core Switch #
switchport mode trunk
switchport trunk native vlan 99
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 50
channel-group 50 mode active
!
int po50
description # Link to Core Switch #
switchport mode trunk
switchport trunk native vlan 99
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 50
!
vlan 50
name Routed_P2P
!
interface vlan 50
ip address 10.31.88.5 255.255.255.254
ip ospf 1 area 0
ip ospf network point-to-point
!
vlan 60
name Management
!
int vl 60
ip address 10.31.94.1 255.255.255.224
ip ospf 1 area 0
!
router ospf 1
router-id x.x.x.x
passive-interface default
no passive interface vlan 50

 

Hope this helps.

Bilal - CCIE #45032

 

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Thank you Bilal and Richard. I will try the commands that you suggested. 

 

regards

ruan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco