VLAN traffic not going over port-channel

AdLAD · ‎08-07-2020

What am I doing wrong/missing here folks? Two switches with a port channel between them. On switch 1, VLAN 66 has an IP of 192.168.66.251, on switch 2, VLAN 66 has an IP of 192.168.66.247. I have the VLAN allowed on the port channel but neither switch can ping each other's VLAN 66 IP address....

Switch 1

SVR-SWT01#sh run int gi0/19

interface GigabitEthernet0/19
switchport trunk native vlan 300
switchport trunk allowed vlan 60,65,66,70,75,300
channel-group 1 mode active
end

SVR-SWT01#sh run int gi0/20

interface GigabitEthernet0/20
switchport trunk native vlan 300
switchport trunk allowed vlan 60,65,66,70,75,300
channel-group 1 mode active
end

SVR-SWT01#sh run int Po1

interface Port-channel1
description ** Trunk to SVR-SWT02 **
switchport trunk native vlan 300
switchport trunk allowed vlan 60,65,66,70,75,300
end

SVR-SWT01#sh run int vl 66

interface Vlan66
ip address 192.168.66.251 255.255.255.0
end

Switch 2

SVR-SWT02#sh run int gi0/19

interface GigabitEthernet0/19
switchport trunk native vlan 300
switchport trunk allowed vlan 60,65,66,70,75,300
channel-group 1 mode active
end

SVR-SWT02#sh run int gi0/20

interface GigabitEthernet0/20
switchport trunk native vlan 300
switchport trunk allowed vlan 60,65,66,70,75,300
channel-group 1 mode active
end

SVR-SWT02#sh run int Po1

interface Port-channel1
description ** Trunk to SVR-SWT01 **
switchport trunk native vlan 300
switchport trunk allowed vlan 60,65,66,70,75,300
end

SVR-SWT02#sh run int vl 66

interface Vlan66
ip address 192.168.66.247 255.255.255.0
end

Georg Pauwen · ‎08-08-2020

Hello,

are these configured as layer 2 or layer 3 switches ? In case of layer 2, you need to set the default gateway:

ip default-gateway x.x.x.x

where x.x.x.x is the IP address of the Vlan 66 interface on the layer 3 device that does the routing...

AdLAD · ‎08-08-2020

Hi,

They are layer 2 switches but the two vlan 66 IP addresses are on the same subnet why do they need a gateway?

Thanks

Georg Pauwen · ‎08-08-2020

Hello,

do both switches see each other (sh cdp neighbors) ?

Are these 'real' or simulated switches ?

Richard Burts · ‎08-08-2020

It might be helpful if we could see the output of the command show interface trunk from both switches. Also the output of the command show interface switchport for the physical interfaces.

I would expect to see the command switchport mode trunk on the physical interfaces. Try inserting that command and tell us if the behavior changes.

HTH

Rick

Jon Marshall · ‎08-08-2020

In addition to Rick's questions can you also make sure the SVIs are actually up/up.

Jon

secureitgroup · ‎08-09-2020

I just recreated this in a Lab and was able to successfully ping, I did not create a channel group but see no issues with your configuration. I think the suggestions of show CDP neighbors would be very helpful.

One mistake I made in the Lab and remember this in training is... when you add the vlans to the trunks it does not create the vlan.

Make sure these vlans show when you do a show vlan.

I have confirmed a default gateway is not needed with this lab.

The working switch configuration is below.

SW-1

Building configuration...

Current configuration : 3653 bytes
!
! Last configuration change at 21:04:19 UTC Sun Aug 9 2020
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname SW-1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
ip cef
no ipv6 cef
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/0
switchport trunk allowed vlan 100
switchport trunk encapsulation dot1q
switchport mode trunk
media-type rj45
negotiation auto
!
interface Vlan100
ip address 192.168.0.1 255.255.255.0
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server

---------------------------------------------------------------------------------------------

SW-2

Building configuration...

Current configuration : 3655 bytes
!
! Last configuration change at 21:05:16 UTC Sun Aug 9 2020
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!

hostname SW-2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
ip cef
no ipv6 cef
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/0
switchport trunk allowed vlan 100
switchport trunk encapsulation dot1q
switchport mode trunk
media-type rj45
negotiation auto
!
interface Vlan100
ip address 192.168.0.254 255.255.255.0
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server

Georg Pauwen · ‎08-09-2020

The channel group is the problem. It works fine with just simple trunks, but not when you configure the port channel. What switches and IOS versions are you running ?

secureitgroup · ‎08-09-2020

I tested this on VIRL Images, if you do a show CDP neighbors can you see the switch or can you paste the results of show port-channel summary

Georg Pauwen · ‎08-09-2020

It looks like a bug in the VIRL images, I am using the same images, and it doesn't work either. Curious to get an update from the original poster...