not sure how it has 20 10gb interfaces when module shows 12

steve-garlinge · ‎07-03-2024

Hi,

I'm familiar with switches from HPE, Juniper and Dell but not cisco. I cannot figure how to add the multigig ports to a vlan.

Background

Cisco WS-C3850-12X48U

1 Virtual Ethernet interface
40 Gigabit Ethernet interfaces
20 Ten Gigabit Ethernet interfaces
2 Forty Gigabit Ethernet interfaces

Very latest OS - Gibraltar 16.12.11

not sure how it has 20 10gb interfaces when module shows 12

Standard Gig ports are seen as Gi 1/0/1 > 36

10gb multigig ports are shown as Te1/0/37 > 48

WebGui > config > vlan shows only the Gi ports, the Te1 are not listed.

CLI - not sure of the command to add the multigig ports to a vlan.

History

Factory reset switch

Terminal cable, configure mode enabled Web UI interface (which keeps stopping saying incorrect password even though the account works fine in CLI - was hoping the firmware update would fix this bug - nope)

Created VLANs in terminal - thats as far as I got.

Wanting multigig port 48 to be connected to firewall with ALL vlans being presented. Usually with HPE Aruba / Dell, have primary as say 1 and ALL other vlans as tagged.

I'm hoping someone can point me in the right direction, I suspect im either missing something very obvious.

Steve.

marce1000 · ‎07-03-2024

>....WebGui > config > vlan shows only the Gi ports, the Te1 are not listed.
- In general use the CLI instead for all tasks you currently need : it's easy , simple and quicker.
To see the list of current interfaces available use the CLI command : show interface status
To assign a particular interface to a vlan : config # interface Te1/0/37
switchport access vlan 20

That in bold only being an example ; adapt interface name and vlan name accordingly ,
These devices are better managed through the CLI only

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

steve-garlinge · ‎07-03-2024

Thank you that makes sense. What about adding an interface to a vlan group. I've created a vlan group for all vlans for the connection to the firewall / router. I've seen loads of commands same as yours but not for a vlan group?

Think in CISCO terms it has to be a trunk port, which isn't the same as with Aruba Dell. Its just a port with multiple vlans. I guess I need to change port type to a trunk for say Te1/0/48 then assign the vlan group to that port. Just not sure of the commands.

marce1000 · ‎07-03-2024

>....need to change port type to a trunk for say Te1/0/48 then assign the vlan group to that port. Just not sure of the commands.
Yes , in essence that is correct , a slight correction , in Cisco terms you only add individual vlans to a trunk port , as such there is no concept of vlan groups have a look at : https://community.cisco.com/t5/networking-knowledge-base/how-to-define-the-vlans-allowed-on-a-trunk-link/ta-p/3131083
for examples ,

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

steve-garlinge · ‎07-03-2024

Thanks. just done that, made a slight error need to remove vlan 5 from access see below. Just need native 1 and allow all. Trying to remove the bold access vlan 5 using command

switchport trunk access vlan remove 5 (doesn't like access)

core-switch#show int Te1/0/48 switchport
Name: Te1/0/48
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 5 (cctv)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: disabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: 5,7,30,42,77,99,102,200
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

marce1000 · ‎07-03-2024

- You can also use the command show interfaces Te1/0/48 trunk
To get a list of the current vlans allowed or configured on the trunk link ,

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Giuseppe Larosa · ‎07-03-2024

Hello @steve-garlinge ,

you are very close for removing a VLAN from a trunk use

switchport trunk allowed vlan remove 5

or

no switchport access vlan 5

if this command is present in

show run int te1/0/48

Hope to help

Giuseppe

steve-garlinge · ‎07-03-2024

Tried your command to remove this is the output

core-switch(config)#int Te1/0/48
core-switch(config-if)#switchport trunk allowed vlan remove 5
core-switch(config-if)#end
core-switch#show run int te1/0/48
Building configuration...

Current configuration : 366 bytes
!
interface TenGigabitEthernet1/0/48
description Firewall 10gb
switchport access vlan 5
switchport trunk allowed vlan 7,30,42,77,99,102,200
switchport mode trunk
auto qos trust
macro description cisco-switch
spanning-tree link-type point-to-point
service-policy input AutoQos-4.0-Trust-Cos-Input-Policy
service-policy output AutoQos-4.0-Output-Policy
end

steve-garlinge · ‎07-03-2024

core-switch#show int Te1/0/48 trunk

Port Mode Encapsulation Status Native vlan
Te1/0/48 on 802.1q other 1

Port Vlans allowed on trunk
Te1/0/48 none

Port Vlans allowed and active in management domain
Te1/0/48 none

Port Vlans in spanning tree forwarding state and not pruned
Te1/0/48 none
core-switch#

Shows no vlans are actually allowed. Wonder what I've done wrong?

marce1000 · ‎07-03-2024

- Try : show running-config int Te1/0/48 (again) ,

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

MHM Cisco World · ‎07-03-2024

Two issue in your post'

One why SW show extra port' that I can asnwer it

Second why the vlan not appear' this I can answer you need to add vlan by

Vlan x

That it

MHM

Giuseppe Larosa · ‎07-04-2024

Hello @steve-garlinge ,

check with show int te1/0/48 switchport

in previous output the port was down

Hope to help

Giuseppe

steve-garlinge · ‎07-04-2024

Hi. Port was down as preconfiguring the switch away from the server room.

steve-garlinge · ‎07-03-2024

Thanks everyone got it all working.

Cisco WS-C3850-12X48U VLAN

not sure how it has 20 10gb interfaces when module shows 12