06-14-2008 07:46 AM - edited 03-05-2019 11:37 PM
Hello,
I got a strange issue with a trunking problem. I have a dedicated 100mb cross-connect between two co-location facilities.
Here are the configs:
Switch_2950:
Int f0/1
switchport access trunk
switchport mode nongegotiate
speed 100
duplex full
no cdp enable
Int vlan 1:
ip address 10.99.0.20 255.255.255.248
-------------------------------------
Switch_2960:
Switch_2950:
Int f0/1
switchport access trunk
switchport mode nongegotiate
speed 100
duplex full
no cdp enable
Int vlan 1:
ip address 10.99.0.21 255.255.255.248
This 100mb cross-connect it being provided by our up stream ISP and we were told that we had to have each trunk port hard set at 100/full. When we connect each ethernet hand off to F0/1 on each switch, one side links right up, the Switch_2960 has no link. We have to set the F0/1 on Switch_2960 to auto/auto for a link to establish, but no traffic can pass. VLAN is the native on each switch, with management IP address on each switch. We currently have Nortel switches setup on this link, and they work fine.
I had these switches setup in lab prior to attempting this switch, and everything worked fine.
Both switches are running an enhanced image.
Any ideas?
Thanks.
06-14-2008 11:45 AM
Yep on the one end that won't link you have a straight thru cable and the 2960 is using auto mdix to correct for the cable . Auto mdix only works when you have the speed/duplex settings as auto on the switch , if you feel you have to hardcode then you must get a crossover cable for that end.
06-15-2008 06:39 AM
Ok.. that makes sense, but why would that prevent data from passing between both switches?
06-15-2008 07:15 AM
Can you post a show vlan and show interface switchport for each of those ports ? Can you see the other end via cdp neighbor when it lionks up ?
06-15-2008 04:36 PM
It looks like you have both a layer-one issue and a possible trunk configuration problem. Fix the physical problem first.
Depending on how the cross-connect is provisioned by your ISP, you may need to experiment with crossover vs. straight through cables on both sides to ensure that your transmit matches their receive. The fact that they are telling you that you must configure 100-full implies that their equipment is hard-coded. If you use auto-duplex you'll likely negotiate half-duplex and wind up mismatched to their hard-coded transport gear.
Enabling CDP for troubleshooting will help, you can disable for security once you have link and verify no duplex issues.
The best way to install this would be to place an ethernet loopback plug at site A facing the line, then go to site B. Set the switch at site B to 100-full, and try both a straight-through and crossover cable to determine what works. Enable CDP, you'll see yourself as a neighbor when you get it right. Once you get link up, leave that cable and switch in place. Go back to site A and remove the loopback plug, then try straight and cross cables to the switch at site A until you get link.
You can make an ethernet loopback plug by connecting pins 1 and 3 together and also connecting pins 2 and 6 together.
Once you have link up, then fix the trunk. Your trunk configuration looks off. I think you want:
switchport trunk encapsulation dot1q
switchport mode trunk
"switchport access trunk" as shown in your configs doesn't look right.
By default vlan 1 is untagged (native). You can change this but if you do, do it on both ends.
When you have communication, run a few hundred 1400-byte pings and verify you don't see runts or collisions incrementing. This would be a sign that there's a duplex problem between your switches and your ISP's equipment.
A good thing to carry in your tool kit is a bunch of loopback plugs for both ethernet and T1 (they are pinned differently) and crossover adapters male-to-female. You can get these at Fry's, Geekstuff, etc. or make them.
06-17-2008 10:45 PM
Hello,
We got the issue with Site B negotiating fixed. Problem is traffic only goes one way over this link. From Site B. I can ping the switch at Site A, but not visa versa. Site B. can ping the switch at Site A, but not the router interface IP address, on same subnet as both switches for management and directly connected to one of the vlan ports. Switch management IP interface matches the ports connected to the router.
I have attached a show run. If anyone could verufy my config, that would be great. I had this setup on the bench and everything worked perfectly.
Site A:
Current configuration : 1538 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname TWTC_colo
!
enable secret xxx
!
ip subnet-zero
!
no ip domain-lookup
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
interface FastEthernet0/1
switchport mode trunk
switchport nonegotiate
speed 100
duplex full
no cdp enable
!
interface FastEthernet0/2
no cdp enable
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
switchport access vlan 104
no cdp enable
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
switchport access vlan 104
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
interface Vlan104
ip address 10.99.0.19 255.255.255.248
no ip route-cache
!
ip default-gateway 10.99.0.17
no ip http server
!
line con 0
line vty 0 4
password xxx
login
line vty 5 15
login
!
!
end
TWTC_colo#
Site B:
Current configuration : 1527 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Henry_2950
!
enable secret xxx
!
ip subnet-zero
!
no ip domain-lookup
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
--More-- !
interface FastEthernet0/1
switchport mode trunk
switchport nonegotiate
speed 100
duplex full
no cdp enable
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
switchport access vlan 104
no cdp enable
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
--More-- switchport access vlan 104
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
--More-- !
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
interface Vlan104
ip address 10.99.0.20 255.255.255.248
no ip route-cache
--More--
ip default-gateway 10.99.0.17
no ip http server
!
line con 0
line vty 0 4
password xxx
login
line vty 5 15
login
!
!
end
Henry_2950#
06-18-2008 04:08 AM
Where are the switches connected together ? F0/1 ? Make sure your layer 2 vlans are created , check trunk status . There should be no reason you can't ping between switches both directions, they are on the same vlan mgt. wise. I assume router has a address interface in 104 address space 10.99.0.17 and the connection to the router is in vlan 104 .
06-19-2008 04:27 AM
Just for info,
The cisco 2950 can only do dot1q trunking, so you can only use the switchport mode trunk command.
06-19-2008 06:09 AM
Turns out is was the cable on one side. Once that was replaced, all worked as planned. Thanks for all the input.
06-23-2008 12:19 AM
Hi,
I think there is no need of command--"switchport nonegotiate"
so remove it and try.
Also connect any pc to any port(vlan 104) of any switch and try to ping both vlan management ip as well as router ip address.
pls let me know the output.
Regards,
Raj
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide