Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1341
Views
0
Helpful
14
Replies

Core switch VLAN Migration

dazza007
Level 1
Level 1

‎05-02-2023 07:54 AM

I have 2 4900Ms, Cisco 1 - trunked to a new Juniper EX4600 and am testing a migration strategy. 

I setup IRBs with IP address on the Junos and trunked to the Cisco - works perfectly!  (IRB's are junos equivalent of interface vlan )

The migration test was to test the transfer, shutdown L3 VLAN on CISCO pair and change IP address on Junos Irb to that what was CISCO standby IP with the equivalent of dhcp relay set on junos

I get a loop...

Firewall > Core 2 > native vlan core 2 > Firewall 

The routing happens on a firewall, routes on the 2 cisco cores are C1 0.0.0.0/0 go to firewall C2 0.0.0.0/0 go to C1 

The l3 vlan is not showing - sh ip route - adding the route manually does nothing. Removed and readded nothing happening no error logs. The migrated VLAN is however under the 172.22.0.0 range that is variably subnetted is this the reason why? I can see that migrated vlan is up with show vlans - Is this the L2 vlan that is still purposely active?

I thought adding a static route would enable the migrated vlan to be routed, very confused! 

Help is very much appreciated

 

 

 

 

 

 

 

Labels:
0 Helpful
14 Replies 14

Flavio Miranda
VIP
VIP

‎05-02-2023 08:01 AM

Hi

 when you say "shutdown L3 VLAN on CISCO "  you really mean shutdowm?  You got into the vlan and run shutdown? 

 If you did, I'd say you did it wrong. If you are migrating the Vlan from Cisco Core to Juniper Core, you can leave the Vlan as layer2 on Cisco and transfer the IP addressing to  Juniper.  Cisco's Cores will act like an access switch for this vlan. 

0 Helpful

dazza007
Level 1
Level 1
In response to Flavio Miranda

‎05-02-2023 08:08 AM

conf t

interface vlan number 

shutdown 

 

Is that correct?

0 Helpful

Flavio Miranda
VIP
VIP
In response to dazza007

‎05-02-2023 08:31 AM

Yes, this is how you shutdown the vlan but I dont believe you need to do that. Just remove the IP address

interface vlan number

 no ip add 

That's it. If you do shutdown, you are admin disabling the vlan and it will be a useless vlan. 

0 Helpful

dazza007
Level 1
Level 1
In response to Flavio Miranda

‎05-03-2023 02:16 AM

Thank you, your help is much appreciated, your advice is invaluable!

I think i have figured it out, all I needed to do was swap IP addresses! 

If I shutdown the vlan as you said it is wrong. 

If I put no ip address the vlan is showing but no traffic can flow as their is no route added. but vlan is up. I added a manual route but there was still a loop between the firewall and the second core.

If I just add a random ip address in the range then vlan range, then vlan routing occurs from laptop (access vlan) > juniper >cisco

 

 

 

0 Helpful

dazza007
Level 1
Level 1
In response to Flavio Miranda

‎05-03-2023 03:32 AM

Thank you, your help is invaluable!

I tried no ip address on the migrated vlan and the vlan appeared in routes but there was no routing (traffic from juniper>core) and I got a route loop again. 

I added a different ip address in the vlan range to the migrated vlan on the cisco and routing resolved. 

I think that the firewall needs its gateway changing  on the migrated vlan changing as without the ip address on the cisco a loop occurs to the second cisco core. (the gateway ip address of the all the vlan routes on the firewall are all the same - an ip address in the firewall vlan - it was inherited and never understood or could find any documentation)

 

0 Helpful

dazza007
Level 1
Level 1

‎05-03-2023 04:08 AM

Posted this 3 times and vanished ignore test 

0 Helpful

dazza007
Level 1
Level 1

‎05-03-2023 04:14 AM

Thanks your advice is invaluable

I setup the migrated vlan with no ip address and the vlan appeared in sh ip route but there was no routing. I manually added the route and still nothing, the loop persisted.

I then added an different Ip address back in the migrated vlan range and routing resolved (+sh arp vlan shows ip addresses)

The routing is on the firewall and it has all its' vlans setup with the same gateway address as an ip in the IP vlan of the firewall. I inherited this and never understood or could find docs why this is so. If shutting down L3 routing on the cisco vlan is having no op address then tech support is needed for the firewall. I can't figure out without a route on the cisco the traffic gets dropped off on the second core. 

Thanks again.

0 Helpful

dazza007
Level 1
Level 1

‎05-03-2023 04:57 AM

test reply 5 times post vanished...

 

0 Helpful

dazza007
Level 1
Level 1

‎05-03-2023 05:56 AM

Test reply number 7 - please ignore

0 Helpful

dazza007
Level 1
Level 1

‎05-03-2023 06:03 AM

test please ignore - posts not appearing

0 Helpful

dazza007
Level 1
Level 1

‎05-03-2023 06:06 AM

Test post number 8 please ignore

 

0 Helpful

MHM Cisco World
VIP
VIP
In response to dazza007

‎05-03-2023 06:27 AM

No I see your post, it OK.
so finally your issue solve with assign different IP. 
thanks for update us 
have a nice day 
MHM

0 Helpful

dazza007
Level 1
Level 1
In response to MHM Cisco World

‎05-03-2023 06:31 AM

Thanks, all my posts came through at once apologies. 

So to close L3 on the old switch what is the correct procedure? 

0 Helpful

dazza007
Level 1
Level 1

‎05-03-2023 01:03 PM

https://community.cisco.com/t5/switching/shut-down-vlan-and-interface-vlan-shutdown/td-p/1945949

I have found where I got the original information from. the post states

conf t

vlan 123

shut

This changes L3 to L2?

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card