Yea..Really fed up with this.. but learning old technologies...

Here is my config below:

sh run
Building configuration...d

Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!
enable password google123
!
ip subnet-zero
bridge irb
!
!
!
interface FastEthernet1
no ip address
no ip directed-broadcast
bridge-group 90
!
interface FastEthernet2
no ip address
no ip directed-broadcast
bridge-group 95
!
interface FastEthernet3
no ip address
no ip redirects
no ip directed-broadcast
!
interface FastEthernet3.1
encapsulation dot1Q 90
no ip redirects
no ip directed-broadcast
bridge-group 90
!
interface FastEthernet3.2
encapsulation dot1Q 95
no ip directed-broadcast
bridge-group 95
!
interface FastEthernet3.3
encapsulation dot1Q 1 native
no ip directed-broadcast
bridge-group 1
bridge-group 1 spanning-disabled
!
interface FastEthernet4
no ip address
no ip directed-broadcast
shutdown
!
interface FastEthernet5
no ip address
no ip directed-broadcast
shutdown
!
!
interface GigabitEthernet49
no ip address
no ip directed-broadcast
shutdown
!
interface GigabitEthernet50
no ip address
no ip directed-broadcast
shutdown
!
interface BVI90
ip address 192.168.90.1 255.255.255.0
no ip directed-broadcast
!
interface BVI95
ip address 192.168.95.1 255.255.255.0
no ip directed-broadcast
!
!
line con 0
transport input none
line aux 0
line vty 0 4
password pswd
login
!
end

I have two VLAN's - 192.168.90.0/24 (port 1) and 192.168.95.0/24 (port 2). I am trying to make port 3 as trunk.

After I did this config, I connected a laptop on port 3 and gave IP as 192.168.95.10 for the laptop, but I am not able to ping 192.168.951.1 (the switch) from the laptop. What could be the issue?

- Ribin

Yes port 3 is shown as up/up

FastEthernet3              unassigned      YES NVRAM  up                    up

FastEthernet3.1            unassigned      YES unset  up                    up

FastEthernet3.2            unassigned      YES unset  up                    up

FastEthernet3.3            unassigned      YES unset  up                    up

What else should be configured? I haven't configured any native vlan for that port.

- Ribin

Well it is saying the native vlan is vlan 1 in your config. If your laptop NIC is not trunking it will send untagged packets and these will assumed to be in vlan 1 ?

So what vlan is your laptop actually in ?

Jon

Hi,

I gave the laptop IP as 192.168.95.10 with gateway 192.168.95.1 (switch VLAN IP) and connected it on port 3 which is supposed to be the trunk port.

- Ribin

ribin.jones wrote:
Hi,
I gave the laptop IP as 192.168.95.10 with gateway 192.168.95.1 (switch VLAN IP) and connected it on port 3 which is supposed to be the trunk port.
- Ribin

Is the 192.168.95.0/24 subnet for vlan 1 though ?

Is your laptop running trunking or not ? If it isn't it can only send packets that do not have a vlan tag. When the switch receives a packet on a trunk port without a tag it assumes that the packet belongs to the native vlan ie. vlan 1 in your case. So what vlan is 192.168.95.0/24 associated with ?

Jon

92.168.95.0/24is assumed to be vlan 95. Does 192.168.95.0/24 need to be subnet for vlan 1?

I didn't understand what you meant by "Is your laptop running trunking or not ?". I haven't done any settings in laptop for trunking. is there anything I need to do in laptop for trunking?

Also, what you meant by "what vlan is 192.168.95.0/24 associated with ?"

I created vlan 95 using

!
interface BVI95
ip address 192.168.95.1 255.255.255.0
no ip directed-broadcast
!

and trunked port 3 (associated port 3 to vlan90 and 95)

interface FastEthernet3.1

encapsulation dot1Q 90

no ip redirects

no ip directed-broadcast

bridge-group 90

!

interface FastEthernet3.2

encapsulation dot1Q 95

no ip directed-broadcast

bridge-group 95

!

interface FastEthernet3.3

encapsulation dot1Q 1 native

no ip directed-broadcast

bridge-group 1

bridge-group 1 spanning-disabled

Let me know if I got my assumption wrong.

- Ribin

Output of some sh commands if it is relevant...

Router#sh vlans

Virtual LAN ID:  1 (IEEE 802.1Q Encapsulation)

   vLAN Trunk Interface:   FastEthernet3

This is configured as native Vlan for the following interface(s) :
FastEthernet3

   Protocols Configured:   Address:              Received:        Transmitted:

Virtual LAN ID:  90 (IEEE 802.1Q Encapsulation)

   vLAN Trunk Interface:   FastEthernet3.1

   Protocols Configured:   Address:              Received:        Transmitted:
        Bridging        Bridge Group 90                 0                   1

Virtual LAN ID:  95 (IEEE 802.1Q Encapsulation)

   vLAN Trunk Interface:   FastEthernet3.2

   Protocols Configured:   Address:              Received:        Transmitted:
        Bridging        Bridge Group 95                 0                   1

Router#sh bridge 90

Total of 300 station blocks, 300 free
Codes: P - permanent, S - self

Bridge Group 90:

Router#sh bridge 95

Total of 300 station blocks, 300 free
Codes: P - permanent, S - self

Bridge Group 95:

- Ribin

ribin.jones wrote:
92.168.95.0/24is assumed to be vlan 95. Does 192.168.95.0/24 need to be subnet for vlan 1?
I didn't understand what you meant by "Is your laptop running trunking or not ?". I haven't done any settings in laptop for trunking. is there anything I need to do in laptop for trunking?
Also, what you meant by "what vlan is 192.168.95.0/24 associated with ?"
I created vlan 95 using
!
interface BVI95
ip address 192.168.95.1 255.255.255.0
no ip directed-broadcast
!
and trunked port 3 (associated port 3 to vlan90 and 95)
interface FastEthernet3.1
encapsulation dot1Q 90
no ip redirects
no ip directed-broadcast
bridge-group 90
!
interface FastEthernet3.2
encapsulation dot1Q 95
no ip directed-broadcast
bridge-group 95
!
interface FastEthernet3.3
encapsulation dot1Q 1 native
no ip directed-broadcast
bridge-group 1
bridge-group 1 spanning-disabled
Let me know if I got my assumption wrong.
- Ribin

What i mean is -

your laptop is not running 802.1q encapsulation on it's NIC so when your laptop sends a packet out it has no vlan tag. But it is connected to a trunk port. A trunk port tags all vlans except the native vlan which does not have a tag. So your laptop is in vlan 95. It sends a packet to the switch with no vlan tag. Because there is no vlan tag the switch has to assume that the packet is in the native vlan ie. the vlan without a tag. But your switch has vlan 1 configured as the native vlan not vlan 95.  So the switch thinks this packet is in vlan 1.

When i asked what vlan is 192.168.95.0/24 associated with i meant each vlan generally has a one-to-one relationship between a vlan and a subnet. You have answered the question though as it is vlan 95.

Your problems are arising because you are connecting a laptop to a trunk port - not sure why you are doing this unless it is for testing, but it is not a good test. The device at the other end of the trunk link should also be trunking.

If you want to test with the laptop, then change your config ie. get rid of int fa3.3 and under int fa3.2 chage this -

int fa3.2

encapsulation dot1q 95

to

int fa3.2

encapsulation dot1q 95 native

Jon

Thanks Jo for the description. Yes, I am doing this as a testing in my laptop.

It worked with what you have mentioned

(int fa3.2

encapsulation dot1q 95

to

int fa3.2

encapsulation dot1q 95 native)

Now with my laptop IP as 192.168.95.10 connected to port 3, I can ping 192.168.95.1 and 192.168.90.1.

My current config:

interface FastEthernet1
no ip address
no ip directed-broadcast
bridge-group 90
!
interface FastEthernet2
no ip address
no ip directed-broadcast
bridge-group 95
!
interface FastEthernet3
no ip address
ip directed-broadcast
!
interface FastEthernet3.1
ip directed-broadcast
!
interface FastEthernet3.2
encapsulation dot1Q 1 native
ip directed-broadcast

bridge-group 95
!

!
interface BVI90
ip address 192.168.90.1 255.255.255.0
ip directed-broadcast
!
interface BVI95
ip address 192.168.95.1 255.255.255.0
ip directed-broadcast
!

bridge 90 protocol ieee
bridge 90 route ip
bridge 95 protocol ieee
bridge 95 route ip

Now, I need the laptop IP as 192.168.90.10 and ping 192.168.90.1 and 192.168.95.1. What is the config to be done in fa3.1 ?

- Ribin

Ribin

If you want to test with fa3.1 then you need to make that the native vlan so -

int fa3.2

encapsulation dot1q 95 native

change back to

int fa3.2

encapsulation dot1q 95

and then

int fa3.1

encapsulation dot1q 90

change to

int fa3.1

encapsulation dot1q 90 native

You can only have one native vlan so you will need to keep changing it while testing.

Jon

Ok fine. That will work.

What if in real time scenarios if we are going to trunk port 3 with another switch?

What all config is needed?

- Ribin

ribin.jones wrote:
Ok fine. That will work.
What if in real time scenarios if we are going to trunk port 3 with another switch?
What all config is needed?
- Ribin

Then you would need to make sure that both switches agreed on the native vlan on their trunk link.

You are creating subinterfaces on the 2948G-L3 so you are routing the vlans on that device. So for any vlans allowed on the trunk if you want to route them on the 2948G-L3 device you would need a subinterface for that vlan just as you have done with vlan 90 and 95.

Jon