cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
63638
Views
25
Helpful
20
Replies

Cisco - VLAN status is up Line Protocol down

mediaos718
Level 1
Level 1

I have a weird issue here: Cisco 3750 vlan status is UP line protocol is down.

- The SVI exists

- The VLAN is int the vlan database

- The vlan is on the trunk port

- The trunk port is up

- I issue shut/no shut

- If I were to put a live interface on the VLAN then it will show UP/UP

 

Yet, the VLAN line protocol is down although the VLAN is on the trunk port.

 

Can anyone help? See config:

Vlan100                10.6.254.2      YES NVRAM  up                  down

 

interface Vlan100

ip address 10.1.254.2 255.255.255.252

 

interface Port-channel100

switchport trunk allowed vlan 100

end

 

Port-channel100 is up, line protocol is up (connected)

 

100  PS_Setup                        active

 

Spanning tree instance(s) for vlan 100 does not exist.

 

Group  Port-channel  Protocol    Ports

------+-------------+-----------+-----------------------------------------------

100    Po100(SU)       LACP      Gi1/0/23(P)

20 Replies 20

Hi,

The VLAN interfaces have to fulfill the following general conditions to be up/up:
* VLAN exists and is in active status on the switch VLAN database.
* VLAN interface exists and is not administratively down.
* At least one L2 (access port or trunk) port exists and has a link up on this VLAN.

In your case, since you do not add any layer 2 access port to the VLAN, you need to check whether the trunk port is in Forwarding state for the VLAN. You can run the following command: show spanning-tree vlan 100

HTH,
Meheretab
HTH,
Meheretab

@Meheretab Mengistu - The VLAN is in the database - The VLAN is not admin down - THe VLAN exist on the trunk port. 

LA-SW1#sh spanning-tree vlan 100

Spanning tree instance(s) for vlan 100 does not exist.

 

LA-SW1#sh int vl 100

Vlan100 is up, line protocol is down

 

LA-SW1#sh vlan 

100  Management                       active

Removing the valan.dat file, erasing the startup-config file then reload, and recreating the vlan 100 would do it too. ;)

johnd2310
Level 8
Level 8

Hi,

 What is the output of the following command:

     show interface Port-channel100 trunk

 

At the bottom of the output what vlan are "Vlans in spanning tree forwarding state and not pruned"

 

Thanks

John

 

**Please rate posts you find helpful**

@johnd2310 - When I do a "Show interface port-channel 100 trunk

The VLAN does not show up. Although the VLAN exists.

Hi,

You may have added the vlan to the port but is the port configured as a trunk port i.e. do you have the following config:

 

interface Port-channel100

   switchport mode trunk

   switchport trunk allowed vlan 100

 

What do you have connected at the other end, switch or server?

 

Thanks

John

**Please rate posts you find helpful**

Philip D'Ath
VIP Alumni
VIP Alumni
If you don't have any access ports in the VLAN, and you are not trunking the VLAN across at least two trunk ports then the switch has no possible place it could forward the tagged packets to. Consequently it can shut it down.

 

 

VIP Purple@Philip D'Ath - The VLAN is on the trunk port.

Moses Fernandes
Level 1
Level 1

Hello,

 

In addition to what others have said. You may also run the the following command on both the connected switchs.

#sh inter trunk (confirm whether you can see the Vlan here, #switchport trunk allowed vlan 100 may/maynot end up putting the Vlan in the trunk).

You should see the Vlan100 in

1) Vlans allowed and active in management domain

2) Vlans in spanning tree forwarding state and not pruned

 

Also to reinstate what others have said. You need to have alteast one live interface in VLAN 100.

 

* Additionally what I'll do is (for testing), Add SVI VLAN 100 on upstream switch and add the same to trunk downstream. It works for me.

 

Regards,

Moses.

The only time the VLAN comes up/up is when I make the trunk port and access as well: see below--->

interface Port-channel100

switchport access vlan 100

switchport trunk allowed vlan 100

end

VLAN turns up/up

Vlan100                10.100.254.1      YES manual up                    up

Hello,

soembody might have mentioned this before, but the point is quite simple:

You need to have an active port in the VLAN for the SVI to be up. Allowing a VLAN on a trunk is not enough, you need to assign the port to that VLAN. So:

switchport trunk allowed vlan 100

doesn't mean anything, the SVI stays down.

switchport access vlan 100

on any active port makes the SVI come up.

I have done this multiple times - This is the first time I am seeing this issues. Based, on experience once the VLAN is part of the trunk then it should be up/up. WIthout the trunk we would then need a live access port that belongs to the VLAN.

Hello,

can you post the working config with an SVI up, no access port in the respective VLAN, and the VLAN just allowed on the trunk ? If possible, post the configs of both switches, so we can lab this. Which switches are you using ?

I do not have example here. This is how I normally monitor a L2 access
switch -- I create and SVI - Trunk the VLAN to the distribution/core switch
- and add a default route that points to the distribution.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco