12-10-2008 07:35 AM - edited 03-06-2019 02:54 AM
Guys,
I have an strange problem and a question regarding VLAN trunking, as well as some queries regrading spanning tree.
Strange VLAN trunking problem:
I'm trying to apply "switch port trunk allow vlan <x,y,z>" statements to two uplinks from an access layer 3 3750 stack, to two distribution layer 3 6509's. Originally each link was configured as an access link. I''ve converted the link to trunk and applied the relevant "allow" statement to both of the access layer trunk uplink ports.
When I apply the relevant "allow" statement to the distribution switch trunk ports, instead of simply seeing the relevant allowed VLAN's, and being then able to simply ping from one neighbour (dist to access) to the other, as well as see from traceroute a neighbour being the next hop away, instead the ping from each neighbour to the other does not work and times out, nor does traceroute.
The links now have "switch port trunk allow vlan <x,y,z>" on the access layer uplink ports, but none on the distribution pots. The links appear to work as trunk links (ping and tracerouter are ok), however from the access layer the trunk allows through only the allowed VLAN's , but from the distribution ports all of the VLAN's appear to be allowed through. Any thoughts on what has gone wrong here and how do i fix it ??
Spanning Tree query.
Is there a need for spanning tree (in this case pvst+) in a trunked fully switched layer 3 access, distribution, core environment. If so what is the effect of blocked ports on routing updates ?
Your help woould be appreciated
Neville
12-11-2008 08:46 AM
Neville, regarding the VLAN issue:
Did you tried to issue the command "switch trunk native vlan
Regarding the STP issue:
I do think that the answer is yes, you need to set STP parameters on switch ports, regardless if it is a multilayer switch or not. Maybe if you really have ensured that there is not a L2 loop you can use the ports without any STP parameters.
12-11-2008 09:01 AM
Fred, thanks for getting back to me.
Regarding the VLAN issue.
No I have'nt issued this command on both sides. What difference would this make, and why is it neccesary. On all of the other trunk links I am working on this line is not configured and the trunks work ok. ??
STP
This is as I thought, thanks.
Neville
12-11-2008 09:15 AM
Your trunking statements on both sides of the link should match exactly , if no native vlan statement was added it will use vlan 1 as the native . If one side is different then only the vlans in the "allowed statement" will traverse that trunk . It should be as easy as copying and pasting the config on both sides of that link .
12-11-2008 09:59 AM
;-)
12-12-2008 04:02 AM
Thanks guys, I guess i'll have to take a closer look at this :-)
Neville
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide