12-29-2015 06:55 AM - edited 03-08-2019 03:14 AM
Hi there,
I have little experience with Cisco equipment. As of right now I am trying to connect (trunk I believe) two switches together. The main switch is a 3560 and the other is a catalyst 2950. Someone setup a VLAN on port 48 of the 3560. I want to connect a switch to that port so I can have multiple devices plugged in. First off, is this even possible? Secondly, if it is,how do I go about successfully connecting the two switches?
This is what I have done so far.
On switch 3560 (main switch) the VLAN is 30. (This was created by someone else)
I created VLAN 30 on the 2950 with the range of all ports (1-24) in that VLAN.
Then I set fa0/1 to trunk mode. When the line came back up I got this error.
21:34:39: %SPANTREE-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan i d 30 on FastEthernet0/1 VLAN1.
21:34:39: %SPANTREE-2-BLOCK_PVID_PEER: Blocking FastEthernet0/1 on VLAN0030. Inc onsistent peer vlan.
21:34:39: %SPANTREE-2-BLOCK_PVID_LOCAL: Blocking FastEthernet0/1 on VLAN0001. In consistent local vlan.
MYSWITCH#
Again, I have no clue what this is and I would really appreciate some help.
Thanks for looking!
-SA
12-29-2015 10:38 AM
Well, a lot of that's already done, it's just the trunk configuration and auto qos that didn't "stick" before..
Try:
conf t
int fa0/48
shut
switchport trunk encapsulation dot1q
switchport mode trunk
auto qos voip trust
no shut
end
write mem
Since it looks like your main switch has a bunch of VLANs on it, you might want to specify the VLANs that are going to be active on that trunk port as well to limit broadcast traffic that doesn't need to traverse that link.. Though that's not technically required just to get things working for you.
12-29-2015 10:43 AM
Looks like the output went through. Here are the results.
MAINSWITCH-Sw1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
MAINSWITCH-Sw1(config)#
MAINSWITCH-Sw1(config)#int fa0/48
MAINSWITCH-Sw1(config-if)#shut
MAINSWITCH-Sw1(config-if)#switchport trunk encapsulation dot1q
MAINSWITCH-Sw1(config-if)#switchport mode trunk
MAINSWITCH-Sw1(config-if)#auto qos voip trust
MAINSWITCH-Sw1(config-if)#no shut
MAINSWITCH-Sw1(config-if)#end
MAINSWITCH-Sw1#
MAINSWITCH-Sw1#write mem
9w3d: %LINK-5-CHANGED: Interface FastEthernet0/48, changed state to administratively down
9w3d: %SYS-5-CONFIG_I: Configured from console by admin on console
9w3d: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/48, changed state to down
Building configuration...
[OK]
MAINSWITCH-Sw1#
9w3d: %LINK-3-UPDOWN: Interface FastEthernet0/48, changed state to up
9w3d: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/48, changed state to up
12-29-2015 11:01 AM
Looks good! If you run the show interfaces trunk command from before you should see that the interfaces are up and appropriately passing VLANs now. The srr-queue configuration that was generated is from the Auto QoS feature, so that went through just fine.
Now the only trick is to make sure the endpoint devices are making it into the right VLAN. Are you connecting both phones and workstations on this 2950, or just one or the other? Based on the original configuration of interface fa0/48 on the main switch, it looks like your voice VLAN is 2. If you want both phones and workstations to work on the new 2950 - you'll want the access ports' configuration to look something like:
Interface FastEthernet0/2
description Data and Voice (Just adds a readable description)
switchport access vlan 30 (This will put the workstations in VLAN 30)
switchport mode access (Hard-codes the port as an access and not a trunk port)
switchport voice vlan 2 (This puts CDP-discovered Cisco Phones in VLAN 2 instead of the default 30 configured above)
auto qos voip cisco-phone (Generates some nifty QoS config - recommended for quality of experience but not required)
spanning-tree portfast (makes the port become "active" quicker - recommended for ease of use but not required)
spanning-tree bpduguard (blocks the port if an unauthorized switch is detected - recommended for security but not required)
That should be fairly copy/paste-able if you remove the parenthetical bits. There's even a way to write that config simultaneously to the entirety of the switchports that you want to configure - but I forget the exact syntax on pre IOS 15.X. It's something like
conf t
int range fa0/2 - 48 (or whatever the last interface that you want to configure is)
But that might not be 100% accurate and I don't have a Catalyst sitting around where I'm at to validate.
Best practice would also be to add some switchport port-security commands to lock down the number of MAC addresses as well as some other security at the access layer - but there are lots of variables involved there.
12-29-2015 11:04 AM
I would like both phones and workstations to be plugged into the 2950 switch.
12-29-2015 11:29 AM
Everything except the auto qos voip cisco-phone command worked. Not sure why. It is not required but I wouldn't mind having it. ports 2-24 have been configured with those settings.
This switch will be in a testing environment closed off to everyone except my team.
As far as internet access. How would I go about getting that for the devices that will be plugged into the 2950 switch?
By the way, thanks so much for taking the time to help e out. You have no idea how much I appreciate it.
12-29-2015 12:21 PM
With those commands in place - assuming that there's a DHCP server active on VLAN 30 (or a relay / ip helper-address command) you should be good to go at this point. If there's not a DHCP server, you'll have to statically address.
A lot of this is based off of assumptions of your network. Since those VLANs (2 and 30) both existed previously, I'm assuming that there's already a gateway for them configured somewhere. If not, some device with routing capabilities will need to be configured in those network segments to act as the gateway.
If you'd like to get the Auto-QoS features working - before adding it to the interface try adding some global commands with the following:
conf t
mls qos
auto qos voip (this might not work - can't remember if this needs to be entered first as a global command to generate the DSCP/queue mapping and MPF configuration - or if entering it at the interface level does that.)
Then try the auto qos voip cisco-phone on the interface again.
Alternatively, you could always configure the QoS parameters/metrics manually! It's a great "learning experience"!
12-29-2015 12:25 PM
Yes, you are correct. There is a default gateway configured. Will I need to add that manually to the 2950 switch? I am assuming I need to use the command,
ip default-gateway "my gateway ip"
Is that right?
And I will try the mls qos now
01-04-2016 06:11 AM
@Jasmus
I could not run the mls qos command. It is not recognized on this switch. Perhaps because it is so old???
12-29-2015 10:46 AM
Also,
MAINSWITCH-Sw1#show run interface fa0/48
Building configuration...
Current configuration : 262 bytes
!
interface FastEthernet0/48
description Trunked Downlink to 2950 port 48
switchport trunk encapsulation dot1q
switchport mode trunk
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
mls qos trust cos
auto qos voip trust
end
--------------------------------
MAINSWITCH-Sw1#show interfaces fa0/48
FastEthernet0/48 is up, line protocol is up (connected)
Hardware is Fast Ethernet, address is 0023.5d35.6e34 (bia 0023.5d35.6e34)
Description: Trunked Downlink to 2950 port 48
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, media type is 10/100BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:01, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 11000 bits/sec, 15 packets/sec
41272 packets input, 3023492 bytes, 0 no buffer
Received 38913 broadcasts (0 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 38348 multicast, 0 pause input
0 input packets with dribble condition detected
26304 packets output, 2026279 bytes, 0 underruns
0 output errors, 0 collisions, 7 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
12-29-2015 10:59 AM
I plugged in a laptop and it is not getting network access. Is there some other configuration that I need to do in order for the devices plugged into the 2950 switch to get network access (ie. internet access)?
12-29-2015 12:33 PM
Please send the "sh interface trunk" output now from the 2950 and a "show run interface fax/x" for the port you are having issues using for a user. Also, send a "show vtp stat" and "show vlan" commands from both switches.
What is your "voice VLAN" and what is your data or "access VLAN"?
If data or access goes on VLAN 1 and voice on VLAN 30, something like this could work to setup your 2950 "if" ports 1 - 47 are to be used for users behind phones:
config t
vlan 30
name voice
state active
exit
!
default interface range fa0/1 - 47
!
interface range fa0/1 - 47
switchport access vlan 1
switchport voice vlan 30
switchport mode access
switchport nonegotiate
auto qos voip cisco-phone
end
wr mem
12-29-2015 12:45 PM
sh interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1-4094
Port Vlans allowed and active in management domain
Fa0/1 1,30
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,30
--------------------------------------------
--------------------------------------
switch 2950
show run interface fa0/2
Building configuration...
Current configuration : 176 bytes
!
interface FastEthernet0/2
description Data and Voice
switchport access vlan 30
switchport mode access
switchport voice vlan 2
no ip address
spanning-tree portfast
end
-----------------------------------
2950 switch
show vtp stat
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 64
Number of existing VLANs : 6
VTP Operating Mode : Server
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x52 0x69 0x11 0x51 0x87 0x4D 0x83 0x1B
Configuration last modified by 192.168.X.X at 3-1-93 21:07:57
Local updater ID is 192.168.X.X on interface Vl1 (lowest numbered VLAN interface found)
------------------------------------------
#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active
30 TestEnvironmentVLAN active Fa0/2, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
30 enet 100030 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ----------------
12-29-2015 01:29 PM
Have you tested a port on the 3560 to make sure VLAN 30 works on it? If network access doesn't work via a port assigned on the 3560 and put in VLAN30 (switchport access vlan 30), then it cannot work on the 2950. Right now, ti appears all switches on the 3560 are using VLAN 3 (vs 30) for access (data) and VLAN 2 for voice.
12-30-2015 06:36 AM
@casanavep
I plugged a laptop into port 48 on my main switch and it is not getting network access. When I tried to configure the VLAN or at least look into it i got the following error
MAINSWITCH#conf t
Enter configuration commands, one per line. End with CNTL/Z.
MAINSWITCH(config)#vlan 30
%VTP VLAN configuration not allowed when device is in CLIENT mode.
MAINSWITCH(config)#
I am not sure if this switch has a VTP server or not.
12-30-2015 10:38 AM
that command is how you add a VLAN to the switch, not how you assign it to the port. The configuration steps would look something like this:
! enter global configuration mode with the command below
conf t
!
! enter interface configuration mode with the command below with # being the
! port number (Fa assumes this is a fast Ethernet interface type)
interface fa0/#
!
! assign the port to data/access VLAN 30 with the command below
switchport access vlan 30
!
! leave configuration mode with the command below
end
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide