Re: Vlan's & Trunking

billybong · ‎06-03-2009

OK here goes

in my lab i have setup an 1801 with 3 vlans which work really well

now heres for the problem,

i have been trying to add another switch to the 1801, i have set 1 port on 1801 to be a trunk and also set 1 port on the other switch (ws-c3524) to trunk with it, the trunk comes up fine and vtp revisions are passed correctly, but when it comes to pinging i can't get any across the link

Giuseppe Larosa · ‎06-03-2009

Hello Billy,

I would suggest you to post the relevant parts of configuration on both devices.

Two vlans can get trapped by a native vlan mismatch but the third one should work.

Have you enabled ip routing on the switch ?

Hope to help

Giuseppe

rshum · ‎06-03-2009

When you are pinging are the source and destination machines on the same VLAN but on different switches? If they are on different VLAN's you need a layer 3 device to pass the packets.

billybong · ‎06-03-2009

Thanks for the fast reply everyone, in answer to your questions the vlans are on seperate switch`s but on the same vlan`s, i have enabled IP routing on the 1801

as to configs what do you want as in sh ru, sh vlan, anything else?

many thanks

Giuseppe Larosa · ‎06-03-2009

Hello Billy,

from sh run it is fine

also it is important to specify how you test your setup:

do you put a PC on vlan X on the switch on a port configured to be access port in vlan X and you try to ping default gateway for vlan X on C1801 ?

Hope to help

Giuseppe

billybong · ‎06-04-2009

This is sh ru from the 1801, i have x.x.x.x out the ip`s

Building configuration...

Current configuration : 6823 bytes

!

! Last configuration change at 18:41:54 gmt Wed Jun 3 2009 by darren

! NVRAM config last updated at 23:00:14 gmt Wed Jun 3 2009

!

version 12.4

no service pad

service tcp-keepalives-in

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

service sequence-numbers

!

hostname

!

boot-start-marker

boot-end-marker

!

logging buffered 4096 debugging

enable secret

!

aaa new-model

!

aaa authentication login default local

aaa authorization exec default local

!

aaa session-id common

!

resource policy

!

clock timezone gmt 0

clock summer-time gmt recurring

no ip source-route

!

ip cef

!

no ip bootp server

ip ips sdf location flash://128MB.sdf autosave

ip ips notify SDEE

no ip ips notify log

ip ips name sdm_ips_rule

!

interface Loopback0

ip address 10.10.10.1 255.0.0.0

ip virtual-reassembly

!

interface FastEthernet0

no ip address

duplex auto

speed auto

!

interface BRI0

no ip address

encapsulation hdlc

shutdown

!

interface FastEthernet1

description!

interface FastEthernet2

description

!

interface FastEthernet3

interface FastEthernet4

switchport access vlan 2

!

interface FastEthernet5

switchport access vlan 2

!

interface FastEthernet6

switchport access vlan 2

switchport mode trunk

!

interface FastEthernet7

switchport access vlan 3

!

interface FastEthernet8

description

interface ATM0

no ip address

shutdown

no atm ilmi-keepalive

dsl operating-mode auto

!

interface Vlan1

ip address X.X.X.X X.X.X.X

ip access-group 100 in

ip flow ingress

ip flow egress

ip virtual-reassembly

!

interface Vlan2

ip address X.X.X.X X.X.X.X

ip nat inside

ip ips sdm_ips_rule in

ip virtual-reassembly

!

interface Vlan3

ip address X.X.X.X X.X.X.X

ip nat outside

ip ips sdm_ips_rule in

ip virtual-reassembly

!

interface Vlan9

no ip address

!

ip http server

ip http authentication local

no ip http secure-server

ip http timeout-policy idle 600 life 86400 requests 10000

ip nat inside source list 1 interface Vlan3 overload

!

control-plane

!

banner motd

billybong · ‎06-04-2009

This is sh ru from the 3524, agian i have X.X.X.X IP`s

Building configuration...

Current configuration:

!

version 12.0

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname TestBed

!

username darren privilege 15 password 0 james

!

clock timezone gmt 0

!

ip subnet-zero

!

interface FastEthernet0/1

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface FastEthernet0/2

!

interface FastEthernet0/3

!

interface FastEthernet0/4

!

interface FastEthernet0/5

!

interface FastEthernet0/6

!

interface FastEthernet0/7

!

interface FastEthernet0/8

!

interface FastEthernet0/9

!

interface FastEthernet0/10

!

interface FastEthernet0/11

!

interface FastEthernet0/12

!

interface FastEthernet0/13

!

interface FastEthernet0/14

!

interface FastEthernet0/15

!

interface FastEthernet0/16

!

interface FastEthernet0/17

!

interface FastEthernet0/18

!

interface FastEthernet0/19

!

interface FastEthernet0/20

!

interface FastEthernet0/21

!

interface FastEthernet0/22

!

interface FastEthernet0/23

!

interface FastEthernet0/24

switchport access vlan 2

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

!

interface VLAN1

ip address X.X.X.X X.X.X

no ip directed-broadcast

no ip route-cache

!

ip default-gateway X.X.X.X

!

line con 0

transport input none

stopbits 1

line vty 0 4

privilege level 15

login local

transport input telnet

line vty 5 15

login

!

end

lamav · ‎06-04-2009

Hi, what are you trying to achieve and how are you trying to achieve it?

As Giuseppe pointed out, you should tell us what your test set up is in detail.

Whats with the NAT statements?

Can you also post the output of a "sh int trunk" on both switches?

Thanks

billybong · ‎06-04-2009

the "sh int trunk" only works on the 1801

1801

interface FastEthernet6

switchport access vlan 2

switchport mode trunk

end

1802#sh int trunk

Port Mode Encapsulation Status Native vlan

Fa6 on 802.1q trunking 1

Port Vlans allowed on trunk

Fa6 1-1005

Port Vlans allowed and active in management domain

Fa6 1-3,9

Port Vlans in spanning tree forwarding state and not pruned

Fa6 1

The 3524-xl i have managed to get this

SW 2#sh run int f0/1

Building configuration...

Current configuration:

!

interface FastEthernet0/1

switchport trunk encapsulation dot1q

switchport mode trunk

end

i have made a drawing of my network and added a few comments on what i'm trying to do

http://s655.photobucket.com/albums/uu271/billybong08/?action=view&current=Netwoklayout.jpg

Giuseppe Larosa · ‎06-04-2009

Hello Billy,

almost all ports of 3524 are in vlan1 the default.

The only port in vlan2 is f0/24

To verify the trunk on c3524 use

sh int f0/1 switchport

verify also the list of vlans with

sh vlan

My guess is that you have connected a pc to a switch port you have assigned an ip address to it and you have tried to verify ip connectivity.

But if you use an ip address out of context (an ip subnet associated to a different vlan) the pc cannot reach any device.

Hope to help

Giuseppe

billybong · ‎06-04-2009

Hi giuseppe

heres the sh int f0/1 switchport

TestBed#sh int f0/1 switchport

Name: Fa0/1

Switchport: Enabled

Administrative mode: trunk

Operational Mode: trunk

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: dot1q

Negotiation of Trunking: Disabled

Access Mode VLAN: 0 ((Inactive))

Trunking Native Mode VLAN: 1 (default)

Trunking VLANs Enabled: ALL

Trunking VLANs Active: 1-3,9

Pruning VLANs Enabled: 2-1001

Priority for untagged frames: 0

Override vlan tag priority: FALSE

Voice VLAN: none

Appliance trust: none

Self Loopback: No

PauloHirakawa · ‎06-05-2009

Hi billybong,

Why the interface FastEthernet6 is configured as a trunk and access mode on 1801?

billybong · ‎06-05-2009

i think i left that statment in by accident i have removed it now, i was just trying something