01-31-2024 01:55 AM
Hello,
I have some problems on two Cisco Catalyst WS-C3650 (not configured by me so i'm trying to understand what was done and how to fix this problems). Basically i have this two switches directly connected with a layer2 in a trunk port, and every switch is connected to a different router, with a trunk port too, where is running vrrp protocol. So it's like routerA->switchA->switchB->routerB.
I have 3 main vlan (2,3,7) on those router. Vlan 2 and 7 are running fine, but i can't communicate from one router to the other one on vlan3. While I was looking into the switches, I found out that both switches are elected as root port for vlan 3.
How can i solve this issue?
Here the switches configuration ( I ommited some description and other unrelated configuration for company policy)
Switch A
!
vtp mode transparent
!
spanning-tree mode pvst
spanning-tree extend system-id
hw-switch switch 1 logging onboard message level 3
!
redundancy
mode sso
!
!
vlan 2
name MPLS
!
vlan 3
name MPLS2
!
vlan 7
name MGMT
!
vlan 10
name INTERNET
!
vlan 20
name INTERNET2
!
vlan 21
name MNGT
!
vlan 22
name BACKUP
!
vlan 23
name LAN
!
vlan 24
name EXTRA
!
vlan 30
name HA_FIREWALL
!
interface GigabitEthernet1/0/1
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/2
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/19 <----- CONNECTION TO SWITCH B
switchport mode trunk
!
interface GigabitEthernet1/0/21
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/22
switchport trunk allowed vlan 2,3
switchport mode trunk
!
interface GigabitEthernet1/0/23
switchport access vlan 10
switchport mode access
speed 1000
!
interface GigabitEthernet1/0/24 <----- CONNECTION TO ROUTER A
switchport trunk allowed vlan 2,3,7
switchport mode trunk
speed 1000
!
interface Vlan1
no ip address
shutdown
!
interface Vlan2
no ip address
!
interface Vlan3
no ip address
--------------
Switch B:
!
vtp mode transparent
!
spanning-tree mode pvst
spanning-tree extend system-id
!
redundancy
mode sso
!
!
vlan 2
name MPLS
!
vlan 3
name MPLS2
!
vlan 7
name MGMT
!
vlan 10
name INTERNET
!
vlan 20
name INTERNET2
!
vlan 21
name MNGT
!
vlan 22
name BACKUP
!
vlan 23
name LAN
!
vlan 24
name EXTRA
!
vlan 30
name HA_FIREWALL
!
interface Port-channel1
switchport access vlan 22
switchport mode access
!
interface Port-channel2
switchport access vlan 22
switchport mode access
!
interface GigabitEthernet1/0/2
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/3
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet1/0/9
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 1 mode active
!
interface GigabitEthernet1/0/10
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 1 mode active
!
interface GigabitEthernet1/0/11
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 1 mode active
!
interface GigabitEthernet1/0/12
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 1 mode active
!
interface GigabitEthernet1/0/13
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 2 mode active
!
interface GigabitEthernet1/0/14
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 2 mode active
!
interface GigabitEthernet1/0/15
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 2 mode active
!
interface GigabitEthernet1/0/16
switchport access vlan 22
switchport mode access
load-interval 30
channel-group 2 mode active
!
interface GigabitEthernet1/0/18 <----- CONNECTION TO SWITCH A
switchport mode trunk
!
interface GigabitEthernet1/0/19
switchport access vlan 2
switchport trunk native vlan 21
switchport mode access
!
interface GigabitEthernet1/0/20
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet1/0/21
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/22
switchport trunk allowed vlan 2,3
switchport mode trunk
!
interface GigabitEthernet1/0/23
switchport access vlan 20
switchport mode access
speed 1000
!
interface GigabitEthernet1/0/24 <----- CONNECTION TO ROUTER B
switchport trunk allowed vlan 2,3,7
switchport mode trunk
speed 1000
Here some show commands for SWITCH A
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/1/1, Gi1/1/2, Gi1/1/3, Gi1/1/4
2 MPLS active Gi1/0/3, Gi1/0/4, Gi1/0/5, Gi1/0/6, Gi1/0/7, Gi1/0/8, Gi1/0/9, Gi1/0/10, Gi1/0/11, Gi1/0/12, Gi1/0/13, Gi1/0/14, Gi1/0/20
3 MPLS2 active
7 MGMT active
10 INTERNET active Gi1/0/21, Gi1/0/23
20 INTERNET2 active Gi1/0/2
21 MNGT active Gi1/0/15, Gi1/0/16, Gi1/0/17, Gi1/0/18
22 BACKUP active
23 LAN active
24 EXTRA active
30 HA_FIREWALL active Gi1/0/1
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
------------------------------
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0035.1ae4.da80
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0035.1ae4.da80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/19 Desg BKN*4 128.19 P2p *PVID_Inc
VLAN0002
Spanning tree enabled protocol ieee
Root ID Priority 32770
Address 0035.1ae4.da80
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32770 (priority 32768 sys-id-ext 2)
Address 0035.1ae4.da80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/19 Desg FWD 4 128.19 P2p
Gi1/0/22 Desg FWD 4 128.22 P2p
Gi1/0/24 Desg FWD 4 128.24 P2p
VLAN0003
Spanning tree enabled protocol ieee
Root ID Priority 32771
Address 0035.1ae4.da80
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32771 (priority 32768 sys-id-ext 3)
Address 0035.1ae4.da80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/19 Desg FWD 4 128.19 P2p
Gi1/0/22 Desg FWD 4 128.22 P2p
Gi1/0/24 Desg FWD 4 128.24 P2p
VLAN0007
Spanning tree enabled protocol ieee
Root ID Priority 32775
Address 0035.1ae4.da80
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32775 (priority 32768 sys-id-ext 7)
Address 0035.1ae4.da80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/19 Desg FWD 4 128.19 P2p
Gi1/0/24 Desg FWD 4 128.24 P2p
VLAN0021
Spanning tree enabled protocol ieee
Root ID Priority 32789
Address 0035.1ae4.da80
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32789 (priority 32768 sys-id-ext 21)
Address 0035.1ae4.da80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/19 Desg BKN*4 128.19 P2p *PVID_Inc
Show commands SWITCHB
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/1/1, Gi1/1/2, Gi1/1/3, Gi1/1/4
2 MPLS active Gi1/0/3, Gi1/0/4, Gi1/0/5, Gi1/0/6, Gi1/0/7, Gi1/0/8, Gi1/0/17, Gi1/0/19, Gi1/0/20
3 MPLS2 active
7 MGMT active
10 INTERNET active Gi1/0/2
20 INTERNET2 active Gi1/0/21, Gi1/0/23
21 MNGT active
22 BACKUP active Po1, Po2
23 LAN active
24 EXTRA active
30 HA_FIREWALL active Gi1/0/1
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 005d.732f.8280
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 005d.732f.8280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/18 Desg BKN*4 128.18 P2p *PVID_Inc
VLAN0002
Spanning tree enabled protocol ieee
Root ID Priority 32770
Address 0035.1ae4.da80
Cost 21004
Port 18 (GigabitEthernet1/0/18)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32770 (priority 32768 sys-id-ext 2)
Address 005d.732f.8280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/3 Desg FWD 4 128.3 P2p
Gi1/0/4 Desg FWD 4 128.4 P2p
Gi1/0/5 Desg FWD 4 128.5 P2p
Gi1/0/6 Desg FWD 4 128.6 P2p
Gi1/0/7 Desg FWD 4 128.7 P2p
Gi1/0/18 Root FWD 4 128.18 P2p
Gi1/0/19 Desg FWD 4 128.19 P2p
Gi1/0/20 Desg FWD 4 128.20 P2p
Gi1/0/22 Desg FWD 4 128.22 P2p
Gi1/0/24 Desg FWD 4 128.24 P2p
VLAN0003
Spanning tree enabled protocol ieee
Root ID Priority 32771
Address 005d.732f.8280
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32771 (priority 32768 sys-id-ext 3)
Address 005d.732f.8280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/18 Desg FWD 4 128.18 P2p
Gi1/0/22 Desg FWD 4 128.22 P2p
Gi1/0/24 Desg FWD 4 128.24 P2p
VLAN0007
Spanning tree enabled protocol ieee
Root ID Priority 32775
Address 0035.1ae4.da80
Cost 21004
Port 18 (GigabitEthernet1/0/18)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32775 (priority 32768 sys-id-ext 7)
Address 005d.732f.8280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/18 Root FWD 4 128.18 P2p
Gi1/0/24 Desg FWD 4 128.24 P2p
VLAN0021
Spanning tree enabled protocol ieee
Root ID Priority 32789
Address 005d.732f.8280
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32789 (priority 32768 sys-id-ext 21)
Address 005d.732f.8280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/18 Desg BKN*4 128.18 P2p *PVID_Inc
So, as you can see there are 3 main problems, for vlan3 both switches are root and for vlan1 and 21 port are in broken state.
The vlan1 and vlan21 problem is caused becasue they both are declared as native vlan right?
so i should declare a native vlan under the trunk configuration?
and what about the vlan3 problem?
Thanks in advice!
02-12-2024 05:11 AM
Comparing other post vs new post - is the configuration changed ? now we see different Spanning root different.
as per the output the switches you look at PVST output : they are not consistency (that was not the case before ?)
Switch is in pvst mode
Root bridge for: VLAN0001, VLAN0003-VLAN0004, VLAN0021
Switch is in pvst mode
Root bridge for: VLAN0001-VLAN0004, VLAN0007, VLAN0010, VLAN0020-VLAN0024
VLAN0030
for consistence - can both switch have same VLAN allowed (on side you are allowing all VLAN just adding Trunk)
interface GigabitEthernet1/0/19 <---- CONNECTION TO SWITCH A
switchport trunk allowed vlan 1-4,7,10,20-24,30 <<< add this line
switchport mode trunk
interface GigabitEthernet1/0/18 <---- CONNECTION TO SWITCH B
switchport trunk allowed vlan 1-4,7,10,20-24,30
switchport mode trunk
Other question do you really need PVST ? - refer guide lines of PVST when you configuring :
If that is not your requirement i would change to faster quick convergence.
spanning-tree mode rapid-pvst
02-12-2024 05:27 AM
Hello,
I agree with @balaji.bandi , the ports connecting the switches must allow the same Vlans.
Switch A
interface GigabitEthernet1/0/18 <---- CONNECTION TO SWITCH B
switchport trunk allowed vlan 1-4,7,10,20-24,30
switchport mode trunk
Switch B
interface GigabitEthernet1/0/19 <---- CONNECTION TO SWITCH A
--> switchport trunk allowed vlan 1-4,7,10,20-24,30
switchport mode trunk
02-12-2024 04:57 PM
Hello
Your switch A/B configuration does not have parity, And it looks like you have switch A/B connected together incorrectly via the wrong physcal ports I would suggest you check that cabling so they are on the same ports and those trunks should be pruning the same or allowing all vlans.
Switch A
VLAN0001
Gi1/0/19 Desg BKN*4 128.19 P2p *PVID_Inc
VLAN0021
Gi1/0/19 Desg BKN*4 128.19 P2p *PVID_Inc
interface GigabitEthernet1/0/18 <---- CONNECTION TO SWITCH B
switchport trunk allowed vlan 1-4,7,10,20-24,30
switchport mode trunk
interface GigabitEthernet1/0/19 < port is in a adminstrative mode of access vlan 2,
switchport access vlan 2
switchport trunk native vlan 21
switchport mode access
Switch B
VLAN0001
Gi1/0/18 Desg BKN*4 128.18 P2p *PVID_Inc
VLAN0021
Gi1/0/18 Desg BKN*4 128.18 P2p *PVID_Inc
interface GigabitEthernet1/0/18
switchport access vlan 21
switchport mode access
interface GigabitEthernet1/0/19 <---- CONNECTION TO SWITCH A
switchport mode trunk
Suggest the following -- see attached file
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide