Solved: Re: Local VLAN between 2 switches, no internet connection

Marc_Lalonde · ‎02-22-2021

Hello,

I am trying to create a new local VLAN (meaning it will not connect to internet) which will span over 2 switches.

We have 3850 routers and a whole bunch of 2960s but I only need the VLAN on 2 switches.

So I connected to the router and create the VLAN #207 with it's name and left the other values at default.

I thought this would've been enough to "propagate" the VLAN to the switches, but apparently not. When I went on the switches to assign a port to this new VLAN, it also locally created the VLAN.

So to recap:

Created VLAN 207 on router with default parameters by typing
```
conf t
vlan 207
name (name)
end
```
VLAN 207 was created automatically (locally?) on a switch when configuring a port
```
switchport acces vlan 207
```
Same thing on another switch while configuring another port

Is this enough to have these ports talk to each other from switch to switch?

Thanks,

Jon Marshall · ‎02-22-2021

VTP transparent mode means the switch will not update it's vlan database on any received advertisements so it doesn't matter what you add to the router.

When you configured a port in that vlan the switch automatically created the vlan for you although I usually do it the other way ie. create the vlan and then assign the ports.

If all your switches use transparent mode then just remove the vlan off the router, add the vlan to the trunk connecting just those switches you want the vlan on and then assign the port(s) into that vlan.

Jon

View solution in original post

Joseph W. Doherty · ‎02-22-2021

The "normal" way to "share" a VLAN between switches is to use a port (on both switches) configured as a trunk (and also allowing the VLAN, you want, by default all, to use the trunk).

A trunk port allows multiple VLAN to use the link. An alternative approach is to connect two ports, configured as access, for the same VLAN.

Routers, unless they have an on-board switch, don't have VLANs, the same as switches. However, often you can configure an interface, with subinterfaces, one subinterface defined per VLAN, you wish to have a router interface for.

Marc_Lalonde · ‎02-22-2021

Thank you Joseph.

We already have plenty of VLANs that are shared throughout the network. We basically have VLANs numbered with the 3rd parts of 192.168.x.x subnets. (ie: VLAN 207 will have addresses of 192.168.207.x)

What I want is for 2 machines on 2 different switches to be able to talk to each on this subnet. This is why I created the VLAN. These 2 switches have a bunch of shared VLANs that communicate well.

I thought that creating the VLAN on the router (which is in VTP server mode) would have automatically shared the VLAN to the switches (which are in VTP Transparent mode).

What should I do then? Do I remove the VLANs automatically created when I did the "switchport access vlan 207" on the switches?

Jon Marshall · ‎02-22-2021

VTP transparent mode means the switch will not update it's vlan database on any received advertisements so it doesn't matter what you add to the router.

When you configured a port in that vlan the switch automatically created the vlan for you although I usually do it the other way ie. create the vlan and then assign the ports.

If all your switches use transparent mode then just remove the vlan off the router, add the vlan to the trunk connecting just those switches you want the vlan on and then assign the port(s) into that vlan.

Jon

Joseph W. Doherty · ‎02-22-2021

BTW, in addition to what Jon describes, for switches to "use" VTP information they a) need to be connected using trunks, and b) be configured (at least in VTP versions 1 and 2) either as a client or server. Also in these versions (1 and 2), clients and servers both source VTP information, the difference is, only server mode allows manual changes to VLANs.

VTP transparent mode (in version 2 only?) can relay VTP from one connected switch to another connected switch, but the "transparent" switch, itself, will not use VTP information.

Later VTP versions also have an "off" mode where they will both will NOT use VTP information and will NOT relay it.

Lastly, VTP version 3 has more features and works somewhat differently from versions 1 and 2.