cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2120
Views
0
Helpful
12
Replies

Two switches Connected Through Trunk problem?

sayedahmads
Level 1
Level 1

                   Hello!

I have three cisco switchs one 3750g and two others are 2960 series these three switchs are connected throgh trunk ports they have 15 vlans.

3750g provides ip (DHCP pools) and I have ubuntu server wich act as a firewale and provide internet to these 15 vlans.

The problem is that computers which are connected to vlans are connecting to the internet and disconnecting (Sometime they become up and then they go down), the DNS which is configure in unbuntu server (192.168.10.1)can be sometime pinged and after a while cannot be pinged.

when I configured the switches for one month it was ok but now the problem happened I searched alot but I cannot solve it.

3750g switch configuration file which act as a core switch.

1 Accepted Solution

Accepted Solutions

mikeraddie
Level 1
Level 1

Hello Sayed,

you have the default router in DHCP configs as x.x.x.1 but in the vlan interface config, the IP address is .2 - these should both be the same for client machines to be able to communicate off their local subnet.

Also, your DHCP pools may be allocating the .1 or .2 address to clients - this may be causing IP address conflicts. This can be avoided by using dhcp exluded-address command eg. ip dhcp excluded-address 192.168.2.1

Hope this helps

View solution in original post

12 Replies 12

Whats your Ubuntu Server IP? does IP for DNS 192.168.10.1 is reachable via CORE, I dont see any Vlan exist for 192.168.10.xx subnet, please let us know

Ubuntu  server IP add is 192.168.10.1 which also act as a router (has sub interfaces for vlan and is DNS too)  I am unable to ping 192.168.10.1 my DNS, Router ubuntu server sometimes, sometime it is pinging after a while it is not pinged .

mikeraddie
Level 1
Level 1

Hello Sayed,

you have the default router in DHCP configs as x.x.x.1 but in the vlan interface config, the IP address is .2 - these should both be the same for client machines to be able to communicate off their local subnet.

Also, your DHCP pools may be allocating the .1 or .2 address to clients - this may be causing IP address conflicts. This can be avoided by using dhcp exluded-address command eg. ip dhcp excluded-address 192.168.2.1

Hope this helps

I excluded all x.x.x.1 and ip addresses but still unable to ping my DNS server (192.168.10.1 which is also my router)

I see, can you tell us Ubuntu server connected over CORE on what interface? Interface ID? can you provided show run for that partcular interface?

also I dont see the any subnet or vlan exist for network 192.168.10.xx.. please help us with above details

Answer to your first Question:

I connect ubuntu server on trunk port on 2960 I have two other trunk port on that switch on one trunk 3750g switch and on other is 2960.

Ubuntu server is connecte to the following port.

!

interface GigabitEthernet0/2

switchport mode trunk

!

***********************************************

come to your second question:

Ubuntu server have two interfaces eth0 (For public IP) and eth1(For LAN).

eth1 has ip 192.168.10.1 and has sub interfaces for example eth1.2    192.168.2.1, for eth1.3  IP:192.168.3.1 and so on.

Okay, if i am not wrong then you have netwok topology shown below, i guessing that vlan 10 or so for subnet (192.168.10.xx) does exist on 2960 Access-Switch but not sure where Ubuntu connected, can you please help us with 2960 switch configuration as well where Ubuntu server connected?

Exactly the topology like this but I don't have vlan 10 in switches it is just ubuntu eth1 interface ip 192.168.10.1

VLANs are (2,3,4,5,6,7,8,9,11,12,13,14,15) ,vlan 2-8 are for fiber optic and 9-15(without 10) are for UTP.

I didn't create vlan 10 because it was in conflict with eth1 ip on ubuntu server.

Could you please help us with 2960 config where Ubuntu connected? will help us to understand the issue

yesterday I excluded all x.x.x.1 and .2  ip from all dhcp pools today till now internet is normal and no problem I don't know it will continue to work or not.

Here is 2960 run config

Trunk ports are Gi0/1, Gi0/2, Fa0/24 and dhcp pools are configured on 3750g.

Switch#sh running-config
Building configuration...

Current configuration : 3594 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$hvOD$6XrXcyVngp7ZKHV65guLk.
!
username admin privilege 15 secret 5 $1$tJlz$r3msTK88AGlw9aEyk.wzU/
aaa new-model
!
!
!
!
!
aaa session-id common
system mtu routing 1500
ip subnet-zero
!
!
ip domain-name noc
!
!
crypto pki trustpoint TP-self-signed-130021376
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-130021376
revocation-check none
rsakeypair TP-self-signed-130021376
!
!
crypto pki certificate chain TP-self-signed-130021376
certificate self-signed 01
  30820240 308201A9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 31333030 32313337 36301E17 0D393330 33303130 30303035
  325A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3133 30303231
  33373630 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
  B2CE1A28 25613B5B 58E07534 00DD3142 B478C223 2247B0BD 95E1711E 4BA6A26F
  1DF101F3 C95FA186 817B1D5B 1C6299F3 429870E1 291E2141 EAD4237E A2CFBB4D
  724FAB77 17773ECB 01C1EA52 AEFED49B 30353D4F DD49A1A6 CADE34BF 12F54BFB
  0038ED63 0F0B366A 1F36C5D2 349F60B6 9485170C FC30CF4E 305E9F46 0EEC63B5
  02030100 01A36A30 68300F06 03551D13 0101FF04 05300301 01FF3015 0603551D
  11040E30 0C820A53 77697463 682E6E6F 63301F06 03551D23 04183016 8014BDE5
  134830D1 37295042 4CFEBAE9 9585A1F5 30B3301D 0603551D 0E041604 14BDE513
  4830D137 2950424C FEBAE995 85A1F530 B3300D06 092A8648 86F70D01 01040500
  03818100 8727DCE9 9BADCF08 7BE3585D 4288DD30 172B81CF AC6121EE 4A1C2ABA
  BFD33D48 419D2251 45F5088C 06E6FB72 E7CFE095 4108E8EF 58C6011A 830DD117
  0B073B41 D171788C A078BAFF 9C41B746 E0BC8D77 26A8CDAB 1A039432 B2D8679D
  FF29462D 10E62079 7700B696 2E939394 E2F0047E 5AA30D53 ED1623ED 67ECE9D7 B73EBA85
  quit
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0/1
description management
switchport access vlan 8
switchport mode access
!
interface FastEthernet0/2
switchport access vlan 5
switchport mode access
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
switchport access vlan 6
switchport mode access
!
interface FastEthernet0/7
!
interface FastEthernet0/8
switchport access vlan 8
switchport mode access
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
switchport mode trunk
!
interface GigabitEthernet0/1
switchport mode trunk
!
interface GigabitEthernet0/2
switchport mode trunk
!
interface Vlan1
ip address dhcp
no ip route-cache
!
interface Vlan5
no ip address
no ip route-cache
!
interface Vlan8
ip address 192.168.8.253 255.255.255.0
no ip route-cache
!
ip http server
ip http secure-server
!
control-plane
!
!
line con 0
line vty 0 4
password p@ssw0rd
transport input telnet ssh
line vty 5 15
password p@ssw0rd
transport input telnet ssh
!
end

Okay, if it does working for you then we'll condsider problem has resolved but not sure if it does come again,

if still problem is there then please do below config changes on devices -

### Note - Please take latest backup of your configs before made any changes ###

Guess, you dont have VTP setup, if not then below is config according to that if yes then let us know -

1. on 3750g, create vlan for subnet 10

# conf t

# Vlan 10

        name Internet

# int vlan 10

# ip add 192.168.10.100 255.255.255.0 (or any free ip, since 192.168.10.1 is assigned to Ubuntu)

(you will get Vlan Up message)

---------------

2. on 2960 Switch where Ubuntu connected, add below config -

# Vlan 10

      name Internet

# int Gi0/2  (Ubuntu connected interface)

# switchport access vlan 10

# switchport mode access

# spanning-tree portfast

# spanning-tree bpduguard enable

# ip default-gateway 192.168.10.1 ---- (for routing internet traffic)

--------------------

now you try to ping IP for Ubuntu (192.168.10.1) from other Vlan and try accessin internet too, it should ping !!

Guess, on Ubuntu wasn't requiring to have sub interfaces, dont know why you created since Vlan traffic taking care by 3750g only., in case of major issue revert the settings -

Thanks Dear!

After alot of research I found that DHCP was alocating my ubuntu server IP to clients I excluded xxx.1 and 2 IP from all dhcp pool and its working now.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: