Solved: Trunked vlan wont pass traffic without an access vlan (packet tracer)

mph8er · ‎03-03-2020

I'm using packet tracer to test some scenarios and ran into something that I cant tell if it's a bug or working as designed on some 2960. If it is working as designed I might be misunderstanding why its reacting this way. I even started fresh after I encountered it and it happened again.

To start with, I have 2 switches. On each switch, I have three desktops, each attached to an port in switchport access mode. One is on vlan 10, the second on 20, and the third on 30. I've set the connection between these two switches to switchport mode trunk and am allowing vlan 10,20 and 30. Ping works as expected.

I decided to complicate the configuration by adding two more switches. Now the switches are cabled together in a chain; three desktops on one end of the chain and three desktops on the other end of the chain. I configured identical trunk configs to allow vlans 10, 20 and 30 and I can no longer ping from one end to the other.

I let a ping -t run in the background and I add a desktop to each of the middle switches. Once I set their access vlan to vlan 10 on both desktop ports, interface vlan 10 comes up on the switches and the pings start working from end-to-end. I can now remove the desktops in the middle and even remove the configuration on the ports and the ping continues working. If I reboot any of the switches, I regain connectivity on vlan 10 after the reboot, but vlan 20 and 30 continue to not pass traffic. The only way to get those vlans to start passing traffic is to add a system to each switch on an access port configured with that vlan.

Is this expected behavior? If so, why? If not, should I submit a defect?

Config on each trunk port

interface FastEthernet0/1

switchport trunk allowed vlan 10,20,30

switchport mode trunk

!

Config on each access port

interface FastEthernet0/2

switchport access vlan 10

switchport mode access

!

Config on each vlan (created automatically on the switches when i go to the interface, but it doesn't change whether the connection works or not)

interface Vlan10

mac-address 0040.0b05.b701

no ip address

!

Georg Pauwen · ‎03-03-2020

Hello,

not sure if I fully follow your procedures, but in general, you need to create a Vlan on the switch (either manually, or by putting a port in a Vlan through the 'switchport access vlan' command. If you put a new switch on the network, it is advisable to use VTP, so all Vlans get propagated automatically.

Can you post the zipped .pkt file ?

View solution in original post

Jon Marshall · ‎03-04-2020

The vlans must exist in the vlan database on the intermediate switches for it to work.

So when you added a port into vlan 10 on the middle switches that created the vlan in the vlan database for you and even when you then remove the port configuration the vlan stays in the database.

Instead of configuring ports into vlans on the middle switches you just need to add the vlans to the vlan database on each switch or run VTP as Georg suggests.

Jon