Solved: router on a stick issue

sarahr202 · ‎11-10-2012

Hi everybody.

I am trying to set up a simple lab for ip telephony. I need to configure " router on a stick" . CME router is already configured. I am having issue with sw as described below:

SW f0/1---trunk-----f0/0 CME (router)

I created two vlans on Sw.

vlan 2 data vlan

vlan 3 voice vlan

But vlans on sw won't come up

Sw# show ip int brief

VLAN1 unassigned NO unset up up

VLAN2 200.200.200.3 YES manual administratively down down

VLAN3 199.199.199.3 YES manual administratively down down

I tried to use " no shutdown" under vlan 2 and vlan 3 but it did not change anything.

Switch(config)#int vlan 2

Switch(config-subif)#no shutdown

Switch(config-subif)#int vlan 3

Switch(config-subif)#no shutdown

switch# show ip int brief

VLAN1 unassigned NO unset up up

VLAN2 200.200.200.3 YES manual administratively down down

VLAN3 199.199.199.3 YES manual administratively down down

The trunk is up as can be seen below:

Switch#show int f0/1 switchport

Name: Fa0/1

Switchport: Enabled

Administrative mode: trunk

Operational Mode: trunk

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: dot1q

Negotiation of Trunking: Disabled

Access Mode VLAN: 0 ((Inactive))

Trunking Native Mode VLAN: 1 (default)

Trunking VLANs Enabled: ALL

Trunking VLANs Active: 1-3

Pruning VLANs Enabled: 2-1001

Priority for untagged frames: 0

Override vlan tag priority: FALSE

Voice VLAN: none

Appliance trust: none

Self Loopback: No

No matter how many times I used " no shutdown" under int vlan2,int vlan 3," show running-config" always shows " shutdown" under intvlan2,vlan 3.

Below is the " show running-config " and " show version output"

Switch#show version

Cisco Internetwork Operating System Software

IOS (tm) C3500XL Software (C3500XL-C3H2S-M), Version 12.0(5)WC17, RELEASE SOFTWA

RE (fc1)

Compiled Tue 13-Feb-07 15:04 by antonino

Image text-base: 0x00003000, data-base: 0x00352924

ROM: Bootstrap program is C3500XL boot loader

Switch uptime is 31 minutes

System returned to ROM by reload

System image file is "flash:c3500xl-c3h2s-mz.120-5.WC17.bin"

============================================

Switch#show running-config

Building configuration...

Current configuration:

!

version 12.0

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Switch

!

ip subnet-zero

!

interface FastEthernet0/1

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface FastEthernet0/2

switchport access vlan 3

!

interface VLAN1

no ip directed-broadcast

no ip route-cache

!

interface VLAN2

ip address 200.200.200.3 255.255.255.0

no ip directed-broadcast

no ip route-cache

shutdown

!

interface VLAN3

ip address 199.199.199.3 255.255.255.0

no ip directed-broadcast

no ip route-cache

shutdown

!

line con 0

transport input none

stopbits 1

line vty 5 15

!

end

I am completely confused here.

Have a great weekend.

Reza Sharifi · ‎11-10-2012

Hi Sarah,

Did you also create the layer-2 vlans

config t

vlan 2

name test2

vlan 3

name test3

Is there any host connected to the switch that belong to vlan 2 or 3?

HTH

Reza

View solution in original post

acampbell · ‎11-10-2012

Sarah,

Can you try actually adding the vlans

conf t

!

vtp mode trans

!

vlan 2

name data

!

vlan 3

name voice

!

int vlan 2

no shut

!

int vlan 3

no shut

!

end

Regards,
Alex.
Please rate useful posts.

Regards, Alex. Please rate useful posts.

View solution in original post

Reza Sharifi · ‎11-10-2012

Hi Sarah,

Since you are using the switch as a layer-2 device only, than you don't need the SVI interfaces with IP. You are simply truncking the switch to the router to carry vlan 2 and 3. Now on the router where the switch is connected to you need to create sub-interface for each vlan with dot1Q trunking and IP address.

On the CME router

interface f0/0

no sh

interface fa0/0.2

enca dot1q 2

ip address 200.200.200.3 255.255.255.0

no sh

interface fa0/0.3

encap dot1q 3

ip address 199.199.199.3 255.255.255.0

no sh

See also examples in this link:

http://www.cisco.com/en/US/tech/tk389/tk815/technologies_configuration_example09186a00800949fd.shtml

HTH

View solution in original post

Emmanuel Valdez · ‎11-10-2012

Hi Sarah,

Yes you can setup layer 2 VLAN´s into an ISR, in this case your router doesn´t support this feature or you need to add an switch module but it doesn´t matter only tried with this;

On the router on stick

conf t

!

interface GigabitEthernet0/0

description *****Physical port for trunking*****

no ip address

ip virtual-reassembly in

duplex auto

speed auto

!

interface GigabitEthernet0/0.1

description *****Administrative VLAN layer 3*****

encapsulation dot1Q 1 native

ip address x.x.x.x x.x.x.x

ip virtual-reassembly in

no shut

!

interface GigabitEthernet0/0.2

description *****Voice VLAN layer 3*****

encapsulation dot1Q 2

ip address y.y.y.y y.y.y.y

ip virtual-reassembly in

no shut

!

interface GigabitEthernet0/0.3

description *****Data VLAN layer 3*****

encapsulation dot1Q 3

ip address z.z.z.z z.z.z.z

ip virtual-reassembly in

no shut

On the switch layer 2

Conf t

!

vlan 2

name Voice_VLAN_layer_2

!

vlan 3

name Data_VLAN_layer_2

!

Interface GigabitEthernet 0/X

description *****trunk to router on stick*****

switchport trunk encapsulation dot1q

switchport mode trunk

!

If you want to use the VLAN 1 for administration don´t forget to add the ip address on the interface into the switch like this;

interface Vlan1

ip address 172.50.1.2 255.255.255.0

no shut

Tell me if this was useful for you.

Regards.

View solution in original post

Emmanuel Valdez · ‎11-11-2012

Hi Sarah,

If the SVI for VLAN 1 didn´t transition to up up maybe the ip address of the switch is of diferent broadcast domain, can you post the final configuration of the switch and the router? Additional add the command show ip interface brief please.

On the other hand did you add the command ip default-gateway x.x.x.x in the switch?

Where the x.x.x.x is the ip address from the SVI1 in the router.

Regards.

View solution in original post

Reza Sharifi · ‎11-11-2012

Hi Sara,

I just found out 3524 XL is layer 2 switch and can have only one svi active at a time. So that explains why svi won't transition to up and up state.

You are correct, and that one SVI is usually used to manage the switch.

HTH

Reza

View solution in original post

Emmanuel Valdez · ‎11-12-2012

Hi Sarah,

Can you post the "show ip interface brief" and "show cdp neig detail" of both switch and router please.

For setup the IP Phone you had have the port in mode access and pointing the access VLAN for data and voice VLAN for telephony, so you should have the following:

interface FastEthernet0/2

switchport mode access

switchport voice vlan 2

switchport access vlan 1

This configuration make a virtual trunk port wich only pass the data and voice vlan, the access vlan is not display on the config because is the default VLAN.

The switch 3524XL is very old switch and it has many bugs, if you configure all ports f0/2 - f024 for data and voice vlan maybe the switch doesn´t take the configuration, you can probe with the "show vlan" and checking that ports are assigned correctly.

I had this problem with this model many years ago.

Regards.

View solution in original post

Reza Sharifi · ‎11-10-2012

Hi Sarah,

Did you also create the layer-2 vlans

config t

vlan 2

name test2

vlan 3

name test3

Is there any host connected to the switch that belong to vlan 2 or 3?

HTH

Reza

sarahr202 · ‎11-10-2012

Thanks Reza and Alex

I thought the same thing but I remember in order for vlan interface to be active, it should have atleast one port assigned to the corresponding vlan and that port must in Up and Up or it should have a trunk port configured on the switch and trunk port must be in up and up as well

H2-------f0/2(vlan3)-SW---f0/1---trunk---CME router ( also a dhcp server)

|

f0/3(vlan2)

H3

Both h2 and h3 are able to get ip addresses from CME( dhcp server). It tells me the trunk is working properly.

==============================================================================

Both vlans 2 and 3 are configured as shown below:

Switch#show vlan

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7,

Fa0/8, Fa0/9, Fa0/10, Fa0/11,

Fa0/12, Fa0/13, Fa0/14, Fa0/15,

Fa0/16, Fa0/17, Fa0/18, Fa0/19,

Fa0/20, Fa0/21, Fa0/22, Fa0/23,

Fa0/24, Gi0/1, Gi0/2

2 VLAN0002 active Fa0/3

3 VLAN0003 active Fa0/2

Even though ports are f0/3 and f0/2 are in up and up and hosts connected to them are able to acquire ip addresses from CME router but int vllan2 and vlan3 are stills shown as " administratively shut down"

acampbell · ‎11-10-2012

Sarah,

Can you try actually adding the vlans

conf t

!

vtp mode trans

!

vlan 2

name data

!

vlan 3

name voice

!

int vlan 2

no shut

!

int vlan 3

no shut

!

end

Regards,
Alex.
Please rate useful posts.

Regards, Alex. Please rate useful posts.

Emmanuel Valdez · ‎11-10-2012

Hello Sarah;

The principal function of a router on stick is to control all the layer 3 VLAN´s traffic and route it, and the switch behind him will have the layer 2 VLAN´s, so if you want to make a correct lab for IP Telephony you have to configure the 3 layer VLAN´s on the router, the 3 layer interfaces that you are configuring are called SVI and they are configured into a switch layer 3 or a router with switch ports module so you will have the following configuration to setup your switch and router on stick:

On the router on stick

conf t

!

vlan 2

name Voice_VLAN_layer_2

!

vlan 3

name Data_VLAN_layer_2

!

interface GigabitEthernet0/0

description *****Physical port for trunking*****

no ip address

ip virtual-reassembly in

duplex auto

speed auto

!

interface GigabitEthernet0/0.1

description *****Administrative VLAN layer 3*****

encapsulation dot1Q 1 native

ip address x.x.x.x x.x.x.x

ip virtual-reassembly in

no shut

!

interface GigabitEthernet0/0.2

description *****Voice VLAN layer 3*****

encapsulation dot1Q 2

ip address y.y.y.y y.y.y.y

ip virtual-reassembly in

no shut

!

interface GigabitEthernet0/0.3

description *****Data VLAN layer 3*****

encapsulation dot1Q 3

ip address z.z.z.z z.z.z.z

ip virtual-reassembly in

no shut

On the switch layer 2

Conf t

!

vlan 2

name Voice_VLAN_layer_2

!

vlan 3

name Data_VLAN_layer_2

!

Interface GigabitEthernet 0/X

description *****trunk to router on stick*****

switchport trunk encapsulation dot1q

switchport mode trunk

!

Now you have to connect the interface GigabitEthernet 0/X from your switch (it depends of your switch model) to the interface GigabitEthernet 0/0 from your router, when you make this all the layer 3 VLAN´s come up, it is a requirement to come up a layer 3 VLAN´s (or subinterface) that minimum one port in a specific VLAN has the up up status so when you setup a trunk port all the layer 3 VLAN´s permitted on these port come up.

I hope this information will be useful for you.

Best regards.

sarahr202 · ‎11-10-2012

Thanks Molina

On the router on stick

conf t

!

vlan 2

name Voice_VLAN_layer_2

!

vlan 3

name Data_VLAN_layer_2

!

I don't think we can configure vlans on a router as you described above. Router simply rejects such commands

example:

CME(config)#vlan 2

^

% Invalid input detected at '^' marker.

thanks

Reza Sharifi · ‎11-10-2012

Hi Sarah,

Since you are using the switch as a layer-2 device only, than you don't need the SVI interfaces with IP. You are simply truncking the switch to the router to carry vlan 2 and 3. Now on the router where the switch is connected to you need to create sub-interface for each vlan with dot1Q trunking and IP address.

On the CME router

interface f0/0

no sh

interface fa0/0.2

enca dot1q 2

ip address 200.200.200.3 255.255.255.0

no sh

interface fa0/0.3

encap dot1q 3

ip address 199.199.199.3 255.255.255.0

no sh

See also examples in this link:

http://www.cisco.com/en/US/tech/tk389/tk815/technologies_configuration_example09186a00800949fd.shtml

HTH

sarahr202 · ‎11-11-2012

Thanks Reza.

I just found out 3524 XL is layer 2 switch and can have only one svi active at a time. So that explains why svi won't transition to up and up state.

thanks and have a great weekend.

Reza Sharifi · ‎11-11-2012

Hi Sara,

I just found out 3524 XL is layer 2 switch and can have only one svi active at a time. So that explains why svi won't transition to up and up state.

You are correct, and that one SVI is usually used to manage the switch.

HTH

Reza

Emmanuel Valdez · ‎11-10-2012

Hi Sarah,

Yes you can setup layer 2 VLAN´s into an ISR, in this case your router doesn´t support this feature or you need to add an switch module but it doesn´t matter only tried with this;

On the router on stick

conf t

!

interface GigabitEthernet0/0

description *****Physical port for trunking*****

no ip address

ip virtual-reassembly in

duplex auto

speed auto

!

interface GigabitEthernet0/0.1

description *****Administrative VLAN layer 3*****

encapsulation dot1Q 1 native

ip address x.x.x.x x.x.x.x

ip virtual-reassembly in

no shut

!

interface GigabitEthernet0/0.2

description *****Voice VLAN layer 3*****

encapsulation dot1Q 2

ip address y.y.y.y y.y.y.y

ip virtual-reassembly in

no shut

!

interface GigabitEthernet0/0.3

description *****Data VLAN layer 3*****

encapsulation dot1Q 3

ip address z.z.z.z z.z.z.z

ip virtual-reassembly in

no shut

On the switch layer 2

Conf t

!

vlan 2

name Voice_VLAN_layer_2

!

vlan 3

name Data_VLAN_layer_2

!

Interface GigabitEthernet 0/X

description *****trunk to router on stick*****

switchport trunk encapsulation dot1q

switchport mode trunk

!

If you want to use the VLAN 1 for administration don´t forget to add the ip address on the interface into the switch like this;

interface Vlan1

ip address 172.50.1.2 255.255.255.0

no shut

Tell me if this was useful for you.

Regards.

sarahr202 · ‎11-11-2012

Thanks Molina. I appreciate the knowledge you shared with me about configuring vlans on isr .

Emmanuel Valdez · ‎11-11-2012

Hi Sarah,

If the SVI for VLAN 1 didn´t transition to up up maybe the ip address of the switch is of diferent broadcast domain, can you post the final configuration of the switch and the router? Additional add the command show ip interface brief please.

On the other hand did you add the command ip default-gateway x.x.x.x in the switch?

Where the x.x.x.x is the ip address from the SVI1 in the router.

Regards.

sarahr202 · ‎11-11-2012

here is my set up

ipphone---trunk----f0/2-SW---f0/1--------f0/0--Router(CME)

|

f0/3

tftp server

vlan1 (data) 200.200.200.0/24

vlan2 ( voice) 201.201.201.0/24

Router#show running-config

Building configuration...

Current configuration : 1286 bytes

!

version 12.4

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

no aaa new-model

!

resource policy

!

no network-clock-participate slot 1

no network-clock-participate wic 0

ip cef

!

no ip dhcp use vrf connected

ip dhcp excluded-address 200.200.200.1 200.200.200.10

ip dhcp excluded-address 201.201.201.1 201.201.201.10

!

ip dhcp pool voice

network 201.201.201.0 255.255.255.0

default-router 201.201.201.1

option 150 ip 201.201.201.3

!

ip dhcp pool data

network 200.200.200.0 255.255.255.0

default-router 200.200.200.1

interface FastEthernet0/0

no ip address

duplex auto

speed auto

!

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

ip address 200.200.200.1 255.255.255.0

!

interface FastEthernet0/0.2

encapsulation dot1Q 2

ip address 201.201.201.1 255.255.255.0

!

ip http server

ip http path flash:

!

control-plane

!

voice-port 1/0/0

!

voice-port 1/0/1

!

gatekeeper

shutdown

!

telephony-service

max-conferences 4 gain -6

web admin system name admin password cisco

dn-webedit

time-webedit

transfer-system full-consult

!

line con 0

line aux 0

line vty 0 4

login

!

end

=========================

Switch#show running-config

Building configuration...

Current configuration:

!

version 12.0

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Switch

!

ip subnet-zero

!

interface FastEthernet0/1

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface FastEthernet0/2

switchport trunk encapsulation dot1q

switchport mode trunk

switchport voice vlan 2

!

interface FastEthernet0/3

switchport access vlan 2

!

interface FastEthernet0/4

!

interface FastEthernet0/5

!

interface FastEthernet0/6

!

interface FastEthernet0/7

!

interface FastEthernet0/8

!

interface FastEthernet0/9

!

interface FastEthernet0/10

!

interface FastEthernet0/11

!

interface FastEthernet0/12

!

interface FastEthernet0/13

!

interface FastEthernet0/14

!

interface FastEthernet0/15

!

interface FastEthernet0/16

!

interface FastEthernet0/17

!

interface FastEthernet0/18

!

interface FastEthernet0/19

!

interface FastEthernet0/20

!

interface FastEthernet0/21

!

interface FastEthernet0/22

!

interface FastEthernet0/23

!

interface FastEthernet0/24

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

!

interface VLAN1

ip address 200.200.200.2 255.255.255.0

no ip directed-broadcast

no ip route-cache

!

interface VLAN2

no ip directed-broadcast

no ip route-cache

shutdown

!

line con 0

transport input none

stopbits 1

line vty 0 4

login

line vty 5 15

login

!

end

Switch#

=================================================================

I just have to configure f0/2 as trunk, apparently 3524xl does support " switchport voice vlan " but it it does not have any affect.

Next issue I am encountering is phone boot process. which belongs to " ip telephony". So I will be posting there,

Just want to say thank you for your help.

Emmanuel Valdez · ‎11-12-2012

Hi Sarah,

Can you post the "show ip interface brief" and "show cdp neig detail" of both switch and router please.

For setup the IP Phone you had have the port in mode access and pointing the access VLAN for data and voice VLAN for telephony, so you should have the following:

interface FastEthernet0/2

switchport mode access

switchport voice vlan 2

switchport access vlan 1

This configuration make a virtual trunk port wich only pass the data and voice vlan, the access vlan is not display on the config because is the default VLAN.

The switch 3524XL is very old switch and it has many bugs, if you configure all ports f0/2 - f024 for data and voice vlan maybe the switch doesn´t take the configuration, you can probe with the "show vlan" and checking that ports are assigned correctly.

I had this problem with this model many years ago.

Regards.

sarahr202 · ‎11-12-2012

For setup the IP Phone you had have the port in mode access and pointing the access VLAN for data and voice VLAN for telephony, so you should have the following:

interface FastEthernet0/2

switchport mode access

switchport voice vlan 2

switchport access vlan 1

Int f0/2 is in vlan 1 by default. I did try" switchport access vlan 1" under int f0/2 but show running-config will not show that command.( I assume because f0/2 is already in vlan 1 ).

I will post the cdp output in a short while.

thanks and have a great day.