cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6871
Views
30
Helpful
97
Replies

CISCO 6509 VLANS

par13
Level 1
Level 1

I have created three vlans

VLAN 100

VLAN 200

VLAN 300

The cisco 3550 are configure with each respective vlan 100, 200, and 300.

As soon as I plug the switch on the fiber module, I notices the switch been added to the proper VLAN. I have execute the command sh vlan 100, and it shows the switches configure for vlan 100. The same thing for vlan 200 and 300.

However, I notices some switches were added to the wrong vlans. Is there a command or configuration that I am doing that is causing this issue?

Thanks

97 Replies 97

Jerry Ye
Cisco Employee
Cisco Employee

Hi Pedro,

What do you mean by "some switches were added to the wrong vlans"?

What is your topology? And what VTP mode are you using on all the switches?

Regards,

jerry

Yes, the vlans are configure as this:

VLAN 100 172.31.181.128/26

VLAN 200 172.31.181.192/26

VLAN 300 172.31.13.0/24

Each switch,from the different networks, connect to the core router thru fiber connection.

I have been creating the vlans on the

cisco switches using the script. Follow, I have included a sample configuration for each of the vlan configuration (VLAN 100, 200, and 300)

---------------------------

VLAN 100

---------------------------

ip domain-name lv.psu.edu

ip ssh version 2

!

int range f0/1 - 24

description academic

switchport access vlan 100

switchport mode access

!

interface GigabitEthernet0/1

description Trunk to Cisco6509 router

switchport trunk encapsulation dot1q

switchport mode trunk

no shut

!

interface GigabitEthernet0/2

switchport mode dynamic desirable

!

interface Vlan1

ip address 172.31.181.194 255.255.255.192

no shut

!

interface Vlan100

description Academic

no ip address

no ip route-cache

no shut

--------------------------------

VLAN 200

--------------------------------

ip domain-name lv.psu.edu

ip ssh version 2

!

int range f0/1 - 24

description Administrative

switchport access vlan 200

switchport mode access

!

interface GigabitEthernet0/1

description Trunk to Cisco6509 router

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet0/2

switchport mode dynamic desirable

no shut

!

interface Vlan1

no shut

!

interface Vlan200

description Administrative

ip address 172.31.181.130 255.255.255.192

no shut

ip classless

ip http server

ip http secure-server

--------------------------------

VLAN 300

--------------------------------

ip domain-name lv.psu.edu

ip ssh version 2

!

int range f0/1 - 24

description Wireless

switchport access vlan 300

switchport mode access

no shut

!

interface GigabitEthernet0/1

description Trunk to Cisco6509 router

switchport trunk encapsulation dot1q

switchport mode trunk

no shut

!

interface GigabitEthernet0/2

switchport trunk encapsulation dot1q

switchport mode trunk

no shut

!

interface Vlan1

ip address 172.31.13.3 255.255.255.0

no shut

!

interface Vlan300

description Academic

no ip address

no ip route-cache

no shut

!

ip classless

But, I'm not sure if it would work better to use vtp at each switch, or after configuring vtp server on cisco 6509, every switch will self join the appropiate vlan.

Hi Pedro,

I see that you are using Vlan 1 for management and not going configure IP addresses on interface Vlan100, Vlan200, and Vlan300. If this is the case, there is not need for interface Vlan100, etc on these switches.

So which switch is getting the wrong Vlan? Which command give you that impression, can you post the output of that also? Also, if you would post the output of the following three (3) commands on all the 3550's and the 6500's, it will be great:

show vtp status

show vlan

show int trunk

Regards,

jerry

Jerry,

I will be doing this as soon as I get to work this morning.

1) DO you recommend using Manual VLAN script or creating them on each switch VTP Database?

2) As far switch vlan adding themselves to VLANS on CISCO 6509, when running the command sh vlan 100, it shows the vlan number and on the right hand, a list of fiber ports that I'm assumming are switches with pre-configure vlans.

Is this assumption correct?

Thanks

Hi Pedro,

It is upto you which method you prefer, as long as they are correct.

From you description of the output, sound like the ports are assigned to the VLAN someone configured before. The only pre-configurated VLAN is really VLAN1 where it cannot be deleted.

HTH,

jerry

Jerry,

As you can see, I am including the information you have requested.

One issue we are having with the cisco 6509, the vlan are been set to native vlan 1. However, the switches are configured with 100,200 and 300, respectively.

How can I set on cisco 6509 to put this vlan 100,200 and 300 in the correct native vlan, instead of cisco deciding to pu them on native vlan 1?

Thanks

CISCO 6509 --- Server

Console> (enable) sh vtp domain

Domain Name Domain Index VTP Version Local Mode

Password

-------------------------------- ------------ ----------- ----------- --

--------

lv.psu.edu 1 2 server -

Vlan-count Max-vlan-storage Config Revision Notifications

---------- ---------------- --------------- -------------

8 1023 0 disabled

Last Updater V2 Mode Pruning PruneEligible on Vlans

--------------- -------- -------- -------------------------

0.0.0.0 disabled disabled 2-1000

Console> (enable) sh vtp statistics

VTP statistics:

summary advts received 109

subset advts received 58

request advts received 0

summary advts transmitted 1320

subset advts transmitted 200

request advts transmitted 51

No of config revision errors 0

No of config digest errors 51

VTP pruning statistics:

Trunk Join Transmitted Join Received Summary advts received from GVRP

PDU

non-pruning-capable device

Received

-------- ---------------- ------------- --------------------------- ----

------

3/4 0 0 0 0

3/6 0 0 0 0

4/4 0 0 0 0

15/1 0 0 0 0

16/1 0 0 0 0

Console> (enable)

Console> (enable) sh vlan

VLAN Name Status IfIndex Mod/Ports, Vlans

---- -------------------------------- --------- ------- ----------------

--------

1 default active 199 1/1-2

2/1-2

3/1-3

4/2-3,4/5-16

6/1-8,6/10,6/15-

48

7/1-32,7/34-48

100 academic active 205 3/5,3/7-16

200 admin active 204 7/33

300 wireless active 206 4/1

6/9,6/11-14

1002 fddi-default active 200

1003 token-ring-default active 203

1004 fddinet-default active 201

1005 trnet-default active 202

VLAN Type SAID MTU Parent RingNo BrdgNo Stp BrdgMode Trans1

Trans2

---- ----- ---------- ----- ------ ------ ------ ---- -------- ------ --

----

1 enet 100001 1500 - - - - - 0 0

100 enet 100100 1500 - - - - - 0 0

200 enet 100200 1500 - - - - - 0 0

300 enet 100300 1500 - - - - - 0 0

1002 fddi 101002 1500 - - - - - 0 0

1003 trcrf 101003 1500 - - - - - 0 0

1004 fdnet 101004 1500 - - - - - 0 0

1005 trbrf 101005 1500 - - - ibm - 0 0

VLAN MISTP-Inst DynCreated RSPAN

---- ---------- ---------- --------

1 - static disabled

100 - static disabled

200 - static disabled

300 - static disabled

1002 - static disabled

1003 - static disabled

1004 - static disabled

1005 - static disabled

VLAN AREHops STEHops Backup CRF 1q VLAN

---- ------- ------- ---------- -------

1003 7 7 off

Console> (enable)

-------------------------

CISCO 6509- Router

-------------------------

SRVRM-6509-MSFC1#sh run

Building configuration...

Current configuration : 3547 bytes

!

! Last configuration change at 08:52:47 EDT Thu Jul 9 2009

! NVRAM config last updated at 17:08:29 EDT Wed Jul 8 2009

!

version 12.1

service timestamps debug datetime msec localtime

service timestamps log datetime msec localtime

service password-encryption

!

hostname SRVRM-6509-MSFC1

!

boot system bootflash:c6msfc2-psv-mz.121-13.E3.bin

boot bootldr bootflash:c6msfc2-boot-mz.121-13.E3.bin

no logging console

enable secret 5 $1$k3j8$vSFg2vXjmUMrtU/pxlCTX/

enable password 7 08121C430B0B0005424A

!

clock timezone EST -5

clock summer-time EDT recurring 2 Sun Mar 2:00 1 Sun Nov 2:00

clock calendar-valid

ip subnet-zero

!

!

!

!

!

!

interface Loopback0

ip address 10.5.12.1 255.255.255.255

!

interface Vlan1

description Management VLAN

ip address 172.31.181.189 255.255.255.192

no ip redirects

standby 1 ip 172.31.181.129

standby 1 priority 120

standby 1 preempt

!

interface Vlan100

description Lab 214 VLAN

ip address 146.186.50.253 255.255.255.0

no ip redirects

standby 1 ip 146.186.50.1

standby 1 priority 120

standby 1 preempt

!

interface Vlan200

description LAB 200 VLAN

ip address 146.186.27.253 255.255.255.0

ip helper-address 146.186.27.3

no ip redirects

standby 1 ip 146.186.27.1

standby 1 priority 120

standby 1 preempt

!

interface Vlan300

description Wireless Lan

ip address 172.31.13.254 255.255.255.0

no ip redirects

standby 1 ip 172.31.13.1

standby 1 priority 120

standby 1 preempt

Console> (enable) sh vlan 1

VLAN Name Status IfIndex Mod/Ports, Vlans

---- -------------------------------- --------- ------- ------------------------

1 default active 199 1/1-2

2/1-2

3/1-3

4/2-16

6/1-8,6/10,6/15-48

7/1-32,7/34-48

15/1

16/1

VLAN Type SAID MTU Parent RingNo BrdgNo Stp BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ ------ ---- -------- ------ ------

1 enet 100001 1500 - - - - - 0 0

VLAN MISTP-Inst DynCreated RSPAN

---- ---------- ---------- --------

1 - static disabled

Console> (enable) sh trunk

* - indicates vtp domain mismatch

Port Mode Encapsulation Status Native vlan

-------- ----------- ------------- ------------ -----------

3/2 auto n-dot1q trunking 1

3/3 auto dot1q trunking 1

4/3 auto n-dot1q trunking 1

4/4 auto n-dot1q trunking 300

4/6 auto dot1q trunking 200

15/1 nonegotiate isl trunking 1

16/1 nonegotiate isl trunking 1

Port Vlans allowed on trunk

-------- ---------------------------------------------------------------------

3/2 1-1005,1025-4094

3/3 1-1005,1025-4094

4/3 1-1005,1025-4094

4/4 1-1005,1025-4094

4/6 1-1005,1025-4094

15/1 1-1005,1025-4094

16/1 1-1005,1025-4094

Port Vlans allowed and active in management domain

-------- ---------------------------------------------------------------------

Console> (enable) sh trunk

* - indicates vtp domain mismatch

Port Mode Encapsulation Status Native vlan

-------- ----------- ------------- ------------ -----------

3/2 auto n-dot1q trunking 1

3/3 auto dot1q trunking 1

4/3 auto n-dot1q trunking 1

4/4 auto n-dot1q trunking 300

4/6 auto dot1q trunking 200

15/1 nonegotiate isl trunking 1

16/1 nonegotiate isl trunking 1

Port Vlans allowed on trunk

-------- ---------------------------------------------------------------------

3/2 1-1005,1025-4094

3/3 1-1005,1025-4094

4/3 1-1005,1025-4094

4/4 1-1005,1025-4094

4/6 1-1005,1025-4094

15/1 1-1005,1025-4094

16/1 1-1005,1025-4094

Port Vlans allowed and active in management domain

-----------------------------------

CISCO 3550

___________________________________

Cisco 3550

-----------------

LV-126B-AD-181-130#sh vtp

% Incomplete command.

LV-126B-AD-181-130#sh vtp st

LV-126B-AD-181-130#sh vtp status

VTP Version : 2

Configuration Revision : 10

Maximum VLANs supported locally : 1005

Number of existing VLANs : 8

VTP Operating Mode : Client

VTP Domain Name : lv.psu.edu

VTP Pruning Mode : Enabled

VTP V2 Mode : Enabled

VTP Traps Generation : Disabled

MD5 digest : 0xD2 0xD9 0xE9 0xBA 0xA1 0x35 0xF7 0xBE

Configuration last modified by 172.31.13.4 at 3-1-93 00:07:39

LV-126B-AD-181-130#sh trunk

^

% Invalid input detected at '^' marker.

LV-126B-AD-181-130#sh vlan

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Gi0/2

100 academic active

200 administrative active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8

Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/19, Fa0/20

Fa0/21, Fa0/22, Fa0/23, Fa0/24

300 wireless active

1002 fddi-default act/unsup

1003 trcrf-default act/unsup

1004 fddinet-default act/unsup

1005 trbrf-default act/unsup

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------

1 enet 100001 1500 - - - - - 0 0

100 enet 100100 1500 - - - - - 0 0

200 enet 100200 1500 - - - - - 0 0

300 enet 100300 1500 - - - - - 0 0

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------

1002 fddi 101002 1500 - - - - - 0 0

1003 trcrf 101003 4472 1005 3276 - - srb 0 0

1004 fdnet 101004 1500 - - - ieee - 0 0

1005 trbrf 101005 4472 - - 15 ibm - 0 0

VLAN AREHops STEHops Backup CRF

---- ------- ------- ----------

1003 0 0 off

Remote SPAN VLANs

------------------------------------------------------------------------------

Primary Secondary Type Ports

------- --------- ----------------- ------------------------------------------

LV-126B-AD-181-130#sh int trunk

Port Mode Encapsulation Status Native vlan

Gi0/1 on 802.1q trunking 200

Port Vlans allowed on trunk

Gi0/1 1-4094

Port Vlans allowed and active in management domain

Gi0/1 1,100,200,300

Port Vlans in spanning tree forwarding state and not pruned

Gi0/1 1,100,200,300

LV-126B-AD-181-130#

Hi Pedro,

This is my observation:

1) Your 6500 is running as VTP server, and you've configured SVI for Inter-VLAN routing

2) Your 3550's are running as VTP client and L2

When you have VTP clients and attaching them to the VTP server, VTP server will copy its VLAN database into the clients when the revision number of the server is higher than the clients. (Just a side note, when the client's revision number is higher than the server, it will override the server's VLAN database, be careful with this!!!).

So I am assuming your concern is you don't want, example, VLAN 100 and 300 apprear on your switch - LV-126B-AD-181-130's VLAN database? If this is the case, you have to make all the switches as VTP transparent mode and configure each VLAN manually, and prune them manually. There is another solution, you might want to consider, where you can turn on VTP pruning, just use the command set vtp prun on you VTP server, 6500's CatOS. It will prune the traffic out of the trunk link.

HTH,

jerry

Jerry,

How come the vlans are showing, on the server, as native vlan 1.

How can I change this information?

Console> (enable) sh trunk

* - indicates vtp domain mismatch

Port Mode Encapsulation Status Native vlan

-------- ----------- ------------- ------------ -----------

3/2 auto n-dot1q trunking 1

3/3 auto dot1q trunking 1

4/3 auto n-dot1q trunking 1

4/4 auto n-dot1q trunking 300

4/6 auto dot1q trunking 200

15/1 nonegotiate isl trunking 1

16/1 nonegotiate isl trunking 1

Hi Pedro,

That is the native VLAN for the trunk port, default is VLAN 1. You can change it by using set trunk x/x 100 where x/x is your port and 100 is your VLAN number. You have to change both side of the trunk to match, otherwise the switches will complain about native VLAN mismatch. You have to be careful when you are changing this, native VLAN mismatch can cause a spanning tree loop.

HTH,

jerry

can you send me a simple configuration for configuring the cisco 6509 to allow communication between 3550's and the router.

thanks

HI Pedro,

I don't have any switches with CatOS handy, but the configuration is very similar (with the set command):

C6500

vlan 100

vlan 200

interface FastEthernet3/1

description TO_3550_1

switchport trunk encapsulation dot1q

switchport trunk native vlan 100

switchport mode trunk

interface FastEthernet3/2

description TO_3550_2

switchport trunk encapsulation dot1q

switchport trunk native vlan 100

switchport mode trunk

interface Vlan100

ip address 10.1.100.1 255.255.255.0

interface Vlan200

ip address 10.1.200.1 255.255.255.0

3550_1

interface FastEthernet0/1

description TO_C6500 3/1

switchport trunk encapsulation dot1q

switchport trunk native vlan 100

switchport mode trunk

interface range FastEthernet 0/2 - 24

switchport access vlan 100

switchport mode access

interface Vlan100

description 3550_1 management

ip address 10.1.100.4 255.255.255.0

3550_2

interface FastEthernet0/1

description TO_C6500 3/2

switchport trunk encapsulation dot1q

switchport trunk native vlan 200

switchport mode trunk

interface range FastEthernet 0/2 - 24

switchport access vlan 200

switchport mode access

interface Vlan100

description 3550_2 management

ip address 10.1.200.4 255.255.255.0

HTH,

jerry

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco