Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1271
Views
0
Helpful
3
Replies

L3 switch SVI unable to ping host in vlan.

Geeo124
Level 1
Level 1

‎05-28-2021 08:24 AM

Hello!

 

I am configuring a switch in my homelab that is connected to a Proxmox server. I have made a VLAN for the server (Vlan 200) and I have made an SVI for it with the IP address 10.137.20.1 255.255.255.0. The IP address associated with the proxmox server is 10.137.20.10.

 

The link between the switch and the server is a trunk link, as when I get round to setting up othe server with VM's I imagine I will create other VLANS down the line.

 

As of this moment, the switch is unable to ping the server even though it is plugged into the trunk associated with vlan 200. The same goes for the server -> switch.

 

Can anyone take a look at my configuration? thanks guys.

OAK-SWC-01#show run
Building configuration...

*Mar 1 03:58:53.303: %SYS-5-CONFIG_I: Configured from console by console
Current configuration : 4530 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname OAK-SWC-01
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$vSle$ycN.S2hhZL4EheM7GPIz7.
!
username a-geeo password 7 130A5F1009450D2B29233C35337343
no aaa new-model
switch 1 provision ws-c3750v2-48ps
system mtu routing 1500
ip subnet-zero
ip routing
ip domain-name oakgrove.com
!
!
!
!
crypto pki trustpoint TP-self-signed-3646102912
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3646102912
revocation-check none
rsakeypair TP-self-signed-3646102912
!
!
crypto pki certificate chain TP-self-signed-3646102912
certificate self-signed 01

quit
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet1/0/1
description UPLINK TO FWL 1
no switchport
ip address 10.137.10.2 255.255.255.252
!
interface FastEthernet1/0/2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 200
switchport mode trunk
!
interface FastEthernet1/0/3
!
interface FastEthernet1/0/4
!
interface FastEthernet1/0/5
!
interface FastEthernet1/0/6
!
interface FastEthernet1/0/7
!
interface FastEthernet1/0/8
!
interface FastEthernet1/0/9
!
interface FastEthernet1/0/10
!
interface FastEthernet1/0/11
!
interface FastEthernet1/0/12
!
interface FastEthernet1/0/13
!
interface FastEthernet1/0/14
!
interface FastEthernet1/0/15
!
interface FastEthernet1/0/16
!
interface FastEthernet1/0/17
!
interface FastEthernet1/0/18
!
interface FastEthernet1/0/19
!
interface FastEthernet1/0/20
!
interface FastEthernet1/0/21
!
interface FastEthernet1/0/22
!
interface FastEthernet1/0/23
!
interface FastEthernet1/0/24
!
interface FastEthernet1/0/25
!
interface FastEthernet1/0/26
!
interface FastEthernet1/0/27
!
interface FastEthernet1/0/28
!
interface FastEthernet1/0/29
!
interface FastEthernet1/0/30
!
interface FastEthernet1/0/31
!
interface FastEthernet1/0/32
!
interface FastEthernet1/0/33
!
interface FastEthernet1/0/34
!
interface FastEthernet1/0/35
!
interface FastEthernet1/0/36
!
interface FastEthernet1/0/37
!
interface FastEthernet1/0/38
!
interface FastEthernet1/0/39
!
interface FastEthernet1/0/40
!
interface FastEthernet1/0/41
!
interface FastEthernet1/0/42
!
interface FastEthernet1/0/43
!
interface FastEthernet1/0/44
!
interface FastEthernet1/0/45
!
interface FastEthernet1/0/46
!
interface FastEthernet1/0/47
!
interface FastEthernet1/0/48
switchport access vlan 50
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface Vlan1
no ip address
shutdown
!
interface Vlan50
ip address 10.137.245.1 255.255.255.0
!
interface Vlan200
ip address 10.137.20.1 255.255.255.0
!
ip default-gateway 10.137.10.1
ip classless
ip route 0.0.0.0 0.0.0.0 10.137.10.1
ip route 10.137.245.0 255.255.255.0 10.137.10.1
ip route 10.137.250.0 255.255.255.0 10.137.10.1
ip http server
ip http secure-server
!
!
control-plane
!
!
line con 0
line vty 0 4
login local
transport input ssh
line vty 5 15
login
!
end

Labels:
0 Helpful
3 Replies 3

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎05-28-2021 09:54 AM

Hello @Geeo124 ,

the switch expects to receive and send 802.1Q tagged frames with VLAN Id=200

 

>> interface FastEthernet1/0/2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 200
switchport mode trunk

 

if you want frames to travel untagged you need

on switch side

int fas1/0/2

switchport trunk native vlan 200

 

Hope to help

Giuseppe

 

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Giuseppe Larosa

‎05-28-2021 12:33 PM

We have very little information about this environment and the only thing we know about the server is a name. @Giuseppe Larosa is making an assumption that the server is not expecting to be connected to a trunk and to receive vlan tagged Ethernet frames. So he supplies a solution so that the server receives untagged frames. Since we know nothing about the server I believe that this is a reasonable assumption and the suggested change may very well make the server reachable. But I would step back and ask a question "why is this switch interface configured as a trunk?" In the original post we are told "The link between the switch and the server is a trunk link, as when I get round to setting up othe server with VM's I imagine I will create other VLANS down the line." When they get to setting up other servers with VMs they probably will need additional vlans and probably those VMs will need to do vlan tagging. So the switch ports connecting to those other servers will need to be trunks. But what does that have to do with how this particular server is connected?

 

It would be good to have more information about this server and whether it will use multiple vlans and therefore need to be connected on a trunk. But in the meantime the simple solution is to configure Fa1/0/2 as an access port in vlan 200.

 

HTH

Rick
0 Helpful

fracjackmac
Level 1
Level 1

‎09-24-2022 08:53 PM

Hello @Geeo124,

Your current switch configuration should work as long as you are expecting just the single VLAN.

However, since you haven't included the output from the command show vlan brief or show interface trunk, I can't be certain that you've defined the VLAN needed to enable the SVI.  The vlan configuration can also be found in the vlan.dat file, but that file appears to be a combination of binary and ASCII text, so it isn't easy to read.

If you've included a definition for VLAN 200 within the configuration, for example: OAK-SWC-01(config)#vlan 200, possibly followed by OAK-SWC-01(config-vlan)#name ProxMox_Server, then show interface vlan 200 should indicate that the interface is Up/Up (admin up, line protocol up).  If interface VLAN 200 is not Up/Up, then show vlan brief will not show VLAN 200 and I suggest you try adding the VLAN to the configuration.

If interface vlan 200 is Up/Up, then I suggest that you take a look at the interface configuration on the ProxMox server.

A good source for configuring VLANS on ProxMox servers.

 

A follow on note regarding your current switch config: the common configuration practice for vlans on a trunk interface is to use a subinterface for each vlan.  For example:

  interface FastEthernet1/0/2.200 would be used to easily identify the interface that is being tagged with an 802.1q tag of 200.  Using this configuration practice will make it easier to add additional VLANs to the trunk port in the future as you turn up new VMs on the server.

Note that the base interface, FastEthernet1/0/2 in this case, is typically left unnumbered unless you plan to send untagged / management traffic across the interface.

 

fjm / vrs

@ittybittypacket

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card