01-28-2021 08:58 AM
Hi folks,
I am in the process of replacing some switches in our network. We are going from a 3750X stack to a 9300 stack. These switches are where our servers reside. Majority are ESXi hosts.
I am confused on how to actually configure these ports. On the old 3750's, all ports were access ports. I was able to just enable 802.1q and give them access to our server VLAN by giving these commands:
switchport mode access switchport access vlan 100
After that, clients on VLAN 200 were able to access VLAN 100 server resources.
I attempted to mirror these configurations on the 9300's, except for the trunk ports going to Meraki access switches (those are trunk ports set to allow all with native vlan 100) but this time, I am not able to get my client VLAN 200 to access anything on server VLAN 100.
So the next thing I thought was to make those server ports trunks to allow multiple VLANs to them. I tested this and this seemed to have work, but this brought up other concerns I can't seem to find anywhere.
All servers are on VLAN 100, and they send out data on that corresponding subnet of 10.1.1.0/24. Will this cause any issues with the servers going to clients VLAN 200?
What about STP? Because I currently have the server ports set to access, I have them configured for BPDU guard and portfast. Do I need to keep those commands on those ports? Or should I remove them?
Or maybe I'm way off, and I'm just missing something?
01-28-2021 09:12 AM
Hello,
I am not sure I fully understand your setup. How did Vlan 100 and Vlan 200 communicate on the 3750 switches ? Were these configured as L3 switches ?
The esxi host ports should be configured exactly as you said:
switchport mode access
switchport access vlan x
spanning-tree portfast
01-28-2021 12:49 PM - edited 01-29-2021 05:49 AM
Thanks for the clarification, Georg.
The only difference between the 3750's and the 9300s is that the trunks between them and their access switches.
3750's had those ports set without a native vlan:
interface GigabitEthernet2/1/1 description **Uplink Access-1** switchport trunk encapsulation dot1q switchport mode trunk
The 9300's have a native vlan on the trunk port:
interface Port-channel3 description ***TO ACCESS-1 AND 2*** switchport trunk native vlan 100 switchport mode trunk
And here is a port on the 3750 for one of our ESXi:
interface GigabitEthernet2/0/26 description ESXI01-PRI switchport access vlan 100
This is what I put on my 9300 for the same host:
description ESX01 NIC1 switchport access vlan 100 switchport mode access spanning-tree portfast spanning-tree bpduguard enable
I have L3 interfaces for all my VLANs across all switches.
Is it possible that I'm having issues because I set the mode to access?
01-28-2021 02:06 PM
Are you planning on using vlan 101 as the native vlan? If yes, the native vlan needs to be the same across all switches, if not you don't need that command on the trunk ports.
interface Port-channel3 description ***TO ACCESS-1 AND 2*** switchport trunk native vlan 101 switchport mode trunk
no switchport trunk native vlan
HTH
01-28-2021 02:28 PM
Hello,
you are talking about Vlan 100 ? Where is that configured ? I only see esxi ports with Vlan 101. And where are the Vlan 200 clients ?
--> I have L3 interfaces for all my VLANs across all switches.
Where are the L3 interfaces configured, on which switch ?
Maybe you can draw this out and add a topology drawing.
01-29-2021 05:48 AM
Hey Georg,
Yes, sorry. That was meant to be VLAN 100. Complete typo on my end. I will edit. Here is a diagram.
01-29-2021 08:42 AM
If I am understanding correctly the main question is about communication between vlan 100 and vlan 200. There might be some issues about set up of vlans and trunks (I am wondering about the fact that it seems that in the old network on the trunks the native vlan would have been vlan 1 and in the new network - at least on some devices - the native vlan is 100). But if the issue is communication between vlans I think we also need to get information about where the layer 3 routing is configured. And see if there are any issues about inter vlan routing.
01-28-2021 09:25 AM
if no other VLAN required to pass to Esxi
then your config good to go
switchport mode access switchport access vlan 100
depedns on spanning tree config
if you enabled golablly
spanning-tree mode rapid-pvst
on interface config - add as below :
spanning-tree portfast
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide