01-13-2010 08:09 AM - edited 03-06-2019 09:16 AM
Hi, I would like to understand the rationale and mechanism for this simple situation:
Please see diagram for details.
I have a new SwitchA that I need to connect to a production switch. Such SwitchA will serve hosts connected to vlan 19.
Then I establish trunking with the upstream, in production SwitchB using 'trunk vlan 21', since that is the vlan present on SwitchB. show cdp neig confirms devices are connected OK.
I notice that on SwitchA, the SVI int vlan 19 remains as up/down in spite of my 'no shut' command. I already shut down vlan 1.
Since SVI int vlan 19 is down, obviously I can't establish communications from SwitchA.
Therefore my question is, why int vlan 19 doesn't come up in this case on SwitchA?
Solved! Go to Solution.
01-13-2010 08:13 AM
news2010a wrote:
Hi, I would like to understand the rationale and mechanism for this simple situation:
Please see diagram for details.
I have a new SwitchA that I need to connect to a production switch. Such SwitchA will serve hosts connected to vlan 19.
Then I establish trunking with the upstream, in production SwitchB using 'trunk vlan 21', since that is the vlan present on SwitchB. show cdp neig confirms devices are connected OK.
I notice that on SwitchA, the SVI int vlan 19 remains as up/down in spite of my 'no shut' command. I already shut down vlan 1.
Since SVI int vlan 19 is down, obviously I can't establish communications from SwitchA.
Therefore my question is, why int vlan 19 doesn't come up in this case on SwitchA?
The SVI for vlan 19 will be up/up if
1) there is a port in vlan 19 on the switch that is active ie. up/up
2) vlan 19 is allowed on a trunk link and the trunk link is up/up
so as you are not allowing it on the the trunk link do you have a port that is up/up on the new switch in vlan 19.
Also note that if the new switch is a L2 switch you can only have one L3 vlan interface up/up at any one time.
If the new switch is L2 only then your config doesn't make sense. What device is the new switch ?
Jon
01-13-2010 09:04 AM
news2010a wrote:
Fascinating.
Even though SwitchA vlan is up/up now after I added vlan 19 to port f0/47 trunk, I attempt to ping SwitchB int vlan 21 IP or whatever other IP and it times out.
Yes it will, basically because of what i covered in last post.
If you want to go from vlan 19 to vlan 21 you need to route and to do this you need L3 vlan interfaces for vlan 19 and 21 on a L3 switch.
Note that from previous post, when you configure a L3 vlan 19 on your L3 switch you should then add this command to the new switch -
ip default-gateway
As i said, the key to understanding all this is that on a L2 switch the L3 vlan interface is only used to connect to the switch not for passing user traffic.
Jon
01-13-2010 08:13 AM
news2010a wrote:
Hi, I would like to understand the rationale and mechanism for this simple situation:
Please see diagram for details.
I have a new SwitchA that I need to connect to a production switch. Such SwitchA will serve hosts connected to vlan 19.
Then I establish trunking with the upstream, in production SwitchB using 'trunk vlan 21', since that is the vlan present on SwitchB. show cdp neig confirms devices are connected OK.
I notice that on SwitchA, the SVI int vlan 19 remains as up/down in spite of my 'no shut' command. I already shut down vlan 1.
Since SVI int vlan 19 is down, obviously I can't establish communications from SwitchA.
Therefore my question is, why int vlan 19 doesn't come up in this case on SwitchA?
The SVI for vlan 19 will be up/up if
1) there is a port in vlan 19 on the switch that is active ie. up/up
2) vlan 19 is allowed on a trunk link and the trunk link is up/up
so as you are not allowing it on the the trunk link do you have a port that is up/up on the new switch in vlan 19.
Also note that if the new switch is a L2 switch you can only have one L3 vlan interface up/up at any one time.
If the new switch is L2 only then your config doesn't make sense. What device is the new switch ?
Jon
01-13-2010 08:34 AM
Both SwitchA and SwitchB are L2.
Sorry, why do you say if it is L2 the config doesn't make sense?
SwitchA is the new device. I need to upgrade IOS before hosts get connected to it. Therefore at this point I have no hosts on vlan 19 ready for connection.
Note:Interesting. I added vlan 19 to port f0/47 and even though there is no 'allow vlan 19' on SwitchB, it works.
01-13-2010 08:55 AM
news2010a wrote:
Both SwitchA and SwitchB are L2.
Sorry, why do you say if it is L2 the config doesn't make sense?SwitchA is the new device. I need to upgrade IOS before hosts get connected to it. Therefore at this point I have no hosts on vlan 19 ready for connection.
So it seems that my option here is to create a SVI on vlan 21 on SwitchA temporarily. Then I can reach tftp from network, upgrade the IOS and then later I put it back to vlan 19 and wait for hosts to be connected.
I could add vla 19 to trunk port fa0/47 on SwitchA as well, but I assume I should also include vlan 19 onto the SwitchB(?) to make this work. If so, I would avoid changing config on SwitchB since it is already in production.
If the devices on the new switch are on vlan 19 where is the L3 vlan interface for that vlan ? ie. the L3 interface used to route traffic to and from vlan 19. If you do need servers on vlan 19 to talk to any other vlans or any other vlans to talk to servers then config is okay but assuming you do you need a L3 interface for vlan 19 on a L3 switch.
The vlan interface on a L2 switch is not used to route traffic to and from that vlan, it is used purely so you can remotely connect to the switch to manage it. So if you want to allow communication between vlan 19 and other vlans you need to -
1) create a L3 vlan interface on the L3 switch responsible for inter-vlan routing (the 4507 in your diagram perhaps ??). The IP address assigned to this interface becomes the default-gateway for the servers
2) allow vlan 19 across the trunk link to switch B
3) create vlan 19 on switch B and the 4507 if it isn't there
Jon
01-13-2010 09:02 AM
Vlan 19 and all other vlans are routed on the Layer 3 4507.
Let's see if I understand what you are saying:
- Servers will need to be connected to vlan 19. Vlan 19 is routed on 4507 Layer 3.
- Then instead of using the vlan 19 as a my interface for management vlan, I should instead create a specific vlan dedicated for management (let's say vlan 307). Then I would have a SVI int vlan 307 common across all switches dedicated for management.
Yes, that makes sense to me.
01-13-2010 09:07 AM
news2010a wrote:
Vlan 19 and all other vlans are routed on the Layer 3 4507.
Let's see if I understand what you are saying:
- Servers will need to be connected to vlan 19. Vlan 19 is routed on 4507 Layer 3.
- Then instead of using the vlan 19 as a my interface for management vlan, I should instead create a specific vlan dedicated for management (let's say vlan 307). Then I would have a SVI int vlan 307 common across all switches dedicated for management.
Yes, that makes sense to me.
Yes, you should have a dedicated vlan for management, make life a lot simpler.
So to set this up -
1) choose an unused vlan - vlan 307 from your above example
2) create that vlan on each switch either manually or with VTP
3) create a L3 vlan interface on the 4507 for that vlan.
4) on each switch create a L3 vlan interface for vlan 307
5) on each switch (not on the 4507) add this command -
ip default-gateway
then for your data vlans eg. vlan 19/21 just make sure those vlans are on all switches that need them and allowed on trunk links.
Jon
01-13-2010 08:58 AM
Fascinating.
Even though SwitchA vlan is up/up now after I added vlan 19 to port f0/47 trunk, I attempt to ping SwitchB int vlan 21 IP or whatever other IP and it times out.
So for now it seems if I create int vlan 21 on SwitchA that will get me the initial connectivity to upgrade IOS. Then later I change to vlan 19.
Ideally though I should create management vlan as Jon recommended.
01-13-2010 08:16 AM
Hi,
You would need to add VLAN 19 to fa0/47
You only have vlan 21 now
Also, hard to see your diagram.
HTH
Reza
01-13-2010 09:04 AM
news2010a wrote:
Fascinating.
Even though SwitchA vlan is up/up now after I added vlan 19 to port f0/47 trunk, I attempt to ping SwitchB int vlan 21 IP or whatever other IP and it times out.
Yes it will, basically because of what i covered in last post.
If you want to go from vlan 19 to vlan 21 you need to route and to do this you need L3 vlan interfaces for vlan 19 and 21 on a L3 switch.
Note that from previous post, when you configure a L3 vlan 19 on your L3 switch you should then add this command to the new switch -
ip default-gateway
As i said, the key to understanding all this is that on a L2 switch the L3 vlan interface is only used to connect to the switch not for passing user traffic.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide