10-23-2008 04:24 AM - edited 03-06-2019 02:06 AM
Hello
I have a 6509 switch that has a .1q trunk to a 2960G command switch with 2 members. I replaced an unmanaged hub with a new 2960 (non-G) and established a trunk back thru the 2960G ultimately to the 6509. The issue is: I can statically assign the switchport to any other VLAN EXCEPT the VLAN it needs to be onâ¦VLAN 240. The symptoms are more specifically
: Working scenario ( VLAN 210 )
-DHCP client obtains IP address within 3 seconds
-I am able to ping DHCP server on different subnet
:Non-working scenario (VLAN 240)
-DHCP client obtains IP address after >31 seconds (usually get a timeout error on the renew, but then gets and IP in a couple of seconds)
-IPCONFIG /ALL reveals that current lease time and correct DHCP options
-UNABLE to ping default gateway
-arp -a reveals an invalid MAC
Odd thing about this is that the command switch contains primarily VLAN 240 ports. All of the current members of VLAN 240 work fine. When I went to the command switch and enabled 1 more port for 240, I encountered the same problem.
There are no access-lists to prevent this traffic
Any assistance is greatly appreciated.
Larry
10-23-2008 05:31 AM
IP dhcp helper ? Is the dhcp server in another VLAN ? does it need to cross a L3 boundary ?
Spanningtree portfast ? try that on the ports that don't work
Really what we need is a diagram and the configs on all connected ports/vlans at least to better understand.
10-23-2008 06:00 AM
DHCP helper is configured
Portfast is enabled
Trunk ports config:
switchport mode trunk
switchport trunk allowed vlan all
speed 1000
duplex full
workstation port config:
switchport mode access
switchport access vlan 240
speed 100
duplex full
spanning-tree portfast trunk (even removed the 'trunk')
This is a consistent config from workstation on the troubled end to my 6509...as well as all of my other VLANs
6509 config
interface Vlan240
description ********* 240-Building******
ip address 10.173.240.9 255.255.255.0
ip helper-address 10.173.1.35
ip helper-address 10.173.1.36
The ascii diagram looks like this
.1q .1q
6509-----2960G------------2960------WS
g7/4 | g0/1 .1q g0/1
|-------2924XL (access 240)
| xover (port access vlan 240)
|-------Unmanaged Hub
| xover (port access vlan 240)
|-------Unmanaged Hub
the 2924XL is configured exaclty as the 2960 as far as trunking goes. They work fine.
There are like 40 other VLAN 240 ports on the 2960G cluster and they work fine. I even tried making the 2960 member 3 of the cluster to no avail. Also, static address on the workstation has the same effect when in VLAN 240. I can change the VLAN membership and start working in about 15 seconds.
10-23-2008 09:07 AM
Resolved.
Discovered a lingering MAC address from a previous connection attempt when port secuirty was enabled.
clear port-security dynamic fixed it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide