07-11-2013 10:33 AM - edited 03-07-2019 02:21 PM
Hello!
Im having some issues with a trunk that originates from an WS-C2960G-8TC-L to an CISCO1921/K9. The native VLAN seems to work fine but the other VLANs on the trunk cant be reached. I have created a VLAN interface on the 2960 with an IP address on the subnet of the VLAN. The switch is directly connected to the ISP with an trunk that carries several VLANs and that is working fine. The only issue i have is that i cant reach the switch from the rest of the network. Below you can see all the interfaces on the router and the switch. The switch is connected to GigabitEthernet0/0.
Any help would be useful!
interface GigabitEthernet0/0
description WAN
ip ddns update hostname xxx
ip ddns update dyndns
ip address dhcp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed 1000
!
interface GigabitEthernet0/1.1
encapsulation dot1Q 2000
ip address 10.0.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface GigabitEthernet0/1.2
encapsulation dot1Q 2001
ip address 10.0.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface GigabitEthernet0/1.3
encapsulation dot1Q 2002
ip address 10.0.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface GigabitEthernet0/1.4
encapsulation dot1Q 3001
ip address 10.0.3.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface GigabitEthernet0/1.5
encapsulation dot1Q 4001
ip address 10.0.4.1 255.255.255.0
ip nat inside
ip virtual-reassembly
--------------------------------------------------------
2960 interfaces. The switch is connected to the router via GigabitEthernet0/7
interface GigabitEthernet0/7
description trunk-to-lan
switchport trunk allowed vlan 1,2000,2001
switchport mode trunk
!
interface GigabitEthernet0/8
description telia-to-switch
switchport trunk allowed vlan 1,845
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan2001
description 10.0.1.0/24
ip address 10.0.1.3 255.255.255.0
!
ip default-gateway 10.0.1.1
Solved! Go to Solution.
07-17-2013 06:55 AM
Johan,
The subinterfaces need to be on the physical port connected to the switch. So since the switch is connected to the router's gig 0/0 interface, that's where the subinterfaces need to live. Since the WAN connection is a VLAN on the switch, the physical port is not the "outside" connection, but rather the subinterface is the "outside" connection.
Regards,
Mike
Please remember to rate helpful posts.
07-11-2013 11:09 AM
On the trunk port connected to the router (gi0/7) you only have vlan 2001 which I think is your native vlan and vlan 2000. Can you add vlan 2002, 3001 and 4001 and test again. Or for test purpose, you can delete command
"switchport trunk allowed vlan 1,2000,2001" to allow all vlans for now.
What vlan and port is your PC in?
Also, did you create the layer-2 vlans on the switch?
config t
vlan 4001
exit
vlan 3001
exit
etc...
HTH
07-11-2013 11:31 AM
Thanks for the reply!
The rest of the vlans is not suposed to be members of the trunk. Added them tough but it makes no differens. Our workstations is on the 2000 vlan but even when i trying to ping the vlan interface on the switch from the router it doesent respond. I turned on debug on vlan 2001 to see what is happening. There seems to be an encapsulation error.
*Mar 1 21:52:28.776: IP: s=10.0.1.3 (local), d=10.0.1.1, len 100, local feature, RCLI(7), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Mar 1 21:52:28.785: IP: s=10.0.1.3 (local), d=10.0.1.1, len 100, local feature, Local Clustering(8), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Mar 1 21:52:28.785: IP: tableid=0, s=10.0.1.3 (local), d=10.0.1.1 (Vlan2001), routed via RIB
*Mar 1 21:52:28.785: IP: s=10.0.1.3 (local), d=10.0.1.1 (Vlan2001), len 100, sending
*Mar 1 21:52:28.785: IP: s=10.0.1.3 (local), d=10.0.1.1 (Vlan2001), len 100, output feature, Check hwidb(88), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE .
*Mar 1 21:52:31.805: IP: s=10.0.1.3 (local), d=10.0.1.1 (Vlan2001), len 100, encapsulation failed
When i issue the sh int trunk command everything seems allright.
Gi0/7 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/7 1,2000-2002,3001,4001
Port Vlans allowed and active in management domain
Gi0/7 1,2000-2002,3001,4001
Port Vlans in spanning tree forwarding state and not pruned
Gi0/7 1,2000-2002,3001,4001
07-14-2013 05:30 PM
Can you set the speed to 'auto' on the router? Can you post the 'show interface' output for both ports?
Sent from Cisco Technical Support Android App
07-17-2013 02:10 AM
The speed is set to auto by default on the router. Here is the outgoing port on the router:
GigabitEthernet0/0 is up, line protocol is up
Hardware is CN Gigabit Ethernet, address is ccef.4847.7b80 (bia ccef.4847.7b80)
Description: WAN
Internet address is 78.72.179.109/24
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, media type is RJ45
output flow-control is unsupported, input flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 4769000 bits/sec, 429 packets/sec
5 minute output rate 283000 bits/sec, 298 packets/sec
51067546 packets input, 913684521 bytes, 0 no buffer
Received 24967 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 24531 multicast, 0 pause input
0 input packets with dribble condition detected
50227045 packets output, 920324422 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
16355 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
Outgoing port on the switch:
GigabitEthernet0/7 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is f4ac.c144.9607 (bia f4ac.c144.9607)
Description: trunk-to-lan
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:14, output 00:00:01, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 183000 bits/sec, 175 packets/sec
5 minute output rate 2782000 bits/sec, 249 packets/sec
52980888 packets input, 18602634112 bytes, 0 no buffer
Received 8309 broadcasts (8286 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 8286 multicast, 0 pause input
0 input packets with dribble condition detected
56093864 packets output, 53093842836 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
Everything seems okey in my opinium. Is there some problems maybe with the MTU?
07-17-2013 05:15 AM
Looking at your config again, I don't see any sub-interfaces on Gig 0/0. And typically you would also put the native VLAN in a subinterface as well. You are likely getting the "encapsulation failed" error because the router doesn't put the port into dot1q trunk mode until you add a subinterface with dot1q encapsulation. See below:
interface GigabitEthernet0/0
duplex auto
speed auto
interface GigabitEthernet0/0.1
encapsulation dot1q 1 native
description WAN
ip ddns update hostname xxx
ip ddns update dyndns
ip address dhcp
ip nat outside
ip virtual-reassembly
!
interface GigabitEthernet 0/0.2000
encapsulation dot1Q 2000
ip address 10.0.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface GigabitEthernet0/0.2001
encapsulation dot1Q 2001
ip address 10.0.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
Regards,
Mike
07-17-2013 06:43 AM
So i should also have subinterface´s at the "outside" of the router to make this work? All the vlans have interfaces on the gig0/1 interface witch is on the inside. I shall try this and report back to you.
Thanx!
07-17-2013 06:55 AM
Johan,
The subinterfaces need to be on the physical port connected to the switch. So since the switch is connected to the router's gig 0/0 interface, that's where the subinterfaces need to live. Since the WAN connection is a VLAN on the switch, the physical port is not the "outside" connection, but rather the subinterface is the "outside" connection.
Regards,
Mike
Please remember to rate helpful posts.
07-23-2013 03:35 AM
Thank you Mike! It solved the problem. I thought that the router processed the trafic from the 0/0 to 0/1 interface but now i learned that it didnt. Im not so good in routing but now i know more about subinterfaces and trunking on a router. Its a kind of wierd setup and i suppose its not best practice.
Cheers/ Johan Jongen
07-23-2013 10:33 AM
NP. Glad you got it working.
Regards,
Mike
07-17-2013 07:03 AM
I am confused about the topology of this network. In the original post it seems to say that the ISP is also connected through the switch. And clearly that is on interface Gig0/0. The router interface that is configured for trunking is Gig0/1. Also the router interface is configured for several VLANs that appear that they do not exist on the switch. So perhaps the original poster can give us some clarification about what is connected where in this network.
One of the posts in this thread mentions encapsulation failure. This is almost certainly due to the fact that there was an arp request which got no response. It is not likely that it has anything to do with trunk encapsulation.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide