Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4014
Views
0
Helpful
22
Replies

L2 Switch to L3 Switch

Go to solution
jasongr33nway
Level 1
Level 1

‎11-22-2017 08:49 AM - edited ‎03-08-2019 12:50 PM

I have two 3850s (Stacked) at our DR site. Everything is working fine from our OPS site to our DR site. There are a few more devices we need to add to our DR site and our 3850s are out of INTs. I visited yesterday and trunked a L2 (2960-s) switch to one of the 3850s. My issue is, I cannot pass any traffic from the L2 switch to any of the SVIs on the 3850 unless I create and SVI on the L2 switch for each SVI on the 3850. I thought I would be able to trunk the L2, add vlans and pass traffic over the trunk without creating SVIs on the L2 switch.

 

3850:
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan7
 description DR-Hotsite vlan
 ip address 10.7.254.1 255.255.0.0
 ip helper-address 10.6.240.11
 no ip proxy-arp
!
interface Vlan12
 description dr-voice-vlan
 ip address 10.12.254.1 255.255.0.0
 no ip proxy-arp
!
interface Vlan57
 description SJ RPA-WAN Vlan 57
 ip address 10.5.7.254 255.255.255.0
 no ip proxy-arp
!
interface Vlan108
 description DR ISCSI Vlan 108
 ip address 10.108.254.1 255.255.0.0
 no ip proxy-arp
!
interface Vlan109
 description DR ISCSI Vlan 109
 ip address 10.109.254.1 255.255.0.0
 no ip proxy-arp
!
interface Vlan252
 description L2_MANAGEMENT_INT
 ip address 10.8.252.1 255.255.255.0
!
interface Vlan614
 ip address 172.16.188.2 255.255.255.252
 no ip proxy-arp

 

C3850-STACK-DR-M0-1#sh int gi 2/0/23 switchport
Name: Gi2/0/23
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

 

C3850-STACK-DR-M0-1#sh int trunk

Port        Mode             Encapsulation  Status        Native vlan
Gi1/0/14    on               802.1q         trunking      1
Gi1/0/18    on               802.1q         trunking      1
Gi1/0/20    on               802.1q         trunking      1
Gi2/0/19    on               802.1q         trunking      1
Gi2/0/23    on               802.1q         trunking      1
Po1         on               802.1q         trunking      1

Port        Vlans allowed on trunk
Gi1/0/14    614
Gi1/0/18    7,12
Gi1/0/20    7,12,800
Gi2/0/19    7,12,800
Gi2/0/23    1-4094
Po1         7,12,800

Port        Vlans allowed and active in management domain
Gi1/0/14    614
Gi1/0/18    7,12
Gi1/0/20    7,12,800
Gi2/0/19    7,12,800
Gi2/0/23    1,7,10,12,57,108-109,614,800,900
Po1         7,12,800

Port        Vlans in spanning tree forwarding state and not pruned
Gi1/0/14    614
Gi1/0/18    7,12
Gi1/0/20    7,12,800
Gi2/0/19    7,12,800
Gi2/0/23    1,7,10,12,57,108-109,614,800,900
Po1         7,12,800

 

2960:

DR_2960-S(config)#do sh int gi 1/0/47 switchport
Name: Gi1/0/47
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

 

DR_2960-S#sh int trunk

Port        Mode             Encapsulation  Status        Native vlan
Gi1/0/47    on               802.1q         trunking      1

Port        Vlans allowed on trunk
Gi1/0/47    1-4094

Port        Vlans allowed and active in management domain
Gi1/0/47    1,7,10,12,57,108-109,252,614,800,900

Port        Vlans in spanning tree forwarding state and not pruned
Gi1/0/47    1,7,10,12,57,108-109,252,614,800,900

 

 

 

Labels:
0 Helpful
22 Replies 22

Go to solution
BradEast1
Level 3
Level 3
In response to jasongr33nway

‎11-22-2017 12:34 PM

Your 4500 is receiving a /30 advertisement for that network when it's configured as a /16 on your 3850.
0 Helpful

Go to solution
jasongr33nway
Level 1
Level 1
In response to BradEast1

‎11-22-2017 01:16 PM

No it is showing up as /30 in sh ip route

 

C        172.16.188.0/30 is directly connected, Vlan614
L        172.16.188.2/32 is directly connected, Vlan614

 

interface Vlan614
 ip address 172.16.188.2 255.255.255.252
 no ip proxy-arp

0 Helpful

Go to solution
BradEast1
Level 3
Level 3
In response to jasongr33nway

‎11-22-2017 01:29 PM

Sorry, got my networks mixed up. We've got the 10.7.0.0/16 network on the 2960, right?
0 Helpful

Go to solution
jasongr33nway
Level 1
Level 1
In response to BradEast1

‎11-22-2017 01:41 PM

No worries. Yes, that is correct.

 

Every single device on the 10.7 can get across MPLS, except that switch.

0 Helpful

Go to solution
BradEast1
Level 3
Level 3
In response to jasongr33nway

‎11-22-2017 01:44 PM

!A means "Administratively Prohibited". Possible ACL on that device?

0 Helpful

Go to solution
jasongr33nway
Level 1
Level 1
In response to BradEast1

‎11-22-2017 01:57 PM

Its possible. I have no idea what that device is. I have no access to it. Ill find out what it is before looking any further.

 

Thank you both for your help!

0 Helpful

Go to solution
jasongr33nway
Level 1
Level 1
In response to BradEast1

‎11-30-2017 12:39 PM

I was able to find that device is a vendors router. I was able to get them to shut down that interface. I still had the same issue trying to pass traffic over the WAN from the L2 device.

0 Helpful

Go to solution
jasongr33nway
Level 1
Level 1
In response to BradEast1

‎11-22-2017 11:39 AM

Trying to traceroute to 172.16.188.1

 

DR_2960-S#traceroute 172.16.188.1
Type escape sequence to abort.
Tracing the route to 172.16.188.1
VRF info: (vrf in name/id, vrf out name/id)
  1 10.7.254.5 !A  *  !A
DR_2960-S#ping 10.7.254.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.7.254.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/202/1002 ms

 

I have no idea what that .5 is

0 Helpful
Customers Also Viewed These Support Documents