@Jaderson Pessoa Hi! Thank you for your hasten response! Ok just to clarify. In my network, I have lots of VLANs, and each VLANs are routed specifically to where they would get internet access. - To answer your question, yes all of those VLANs are created in my network including VLANs 50,51 and 52 for my ISPs. In the topology "Gemini Network Topology" everything is working accordingly. All of my ISPs are working. Recently that I knew that on my 2960X port 1 with config: (interface GigabitEthernet1/0/1 description Connected -> MTN|Internet|Switch - P24 switchport access vlan 50 switchport mode access ip device tracking maximum 10 end) Which is directly connected to my ISPs 3650 port 24 with config (according to provider): (interface FastEthernet0/24 description MRTG:OUTIN vLAN 302 - Corporate Internet switchport access vlan 302 switchport mode access end) This is my first question. With the configuration given above, how was the internet traffic from provider to my LAN possible? When my network doesn't even know about VLAN 302. Rest alone the possibility of allowing traffic from a direct connection, switch port to switch port, both in access mode but on different VLAN each? - Maybe there is a way but I haven't encountered yet. You mentioned: ( R: if port in access mode, it cant negociate a trunk, but you can input on it switchport nonegociate) - neither of our ports (provider & mine) are configured with "switchport nonegociate' - so there is no way my switches (new/spare) are negotiating.? Your questions: This vlan is already created and his status is active? - YES Spanning-tree for this vlan is forwarding state? - YES Do you have access on his switch to check this information? - NO - I trust them of what they said that the config on their 3650 port 24 is: (interface FastEthernet0/24 description MRTG:OUTIN vLAN 302 - Corporate Internet switchport access vlan 302 switchport mode access end) Please let me know that you think about this, would you need more details please tell me. Thank you so much!
... View more
Dear team, Good day. I have a question that puzzles me regarding my concern with our ISP. (Kindly refer to the attached network topology) My distribution switch, 2960X, is connected to three different WAN (ISP) that we have. port 1 is configured as access mode with vlan access 50 for "ISP #1" as our main internet line. - directly connected to ISP #1 Cisco 3650 switch port 24 port 2 is configured as access mode with vlan access 51 for "ISP #2" my backup WAN (other provider). - directly connected to ISP #2 modem port 23 is configured as access mode with vlan access 52 for "ISP #3" charterer WAN (other provider) - directly connected to ISP #3 modem Now, I need to replace my 2960X with a new switch (other brand). Using the same approach, I prepared 3 ports on the new switch, with same setup as access mode and vlan access accordingly. My ISP #2 and #3 works properly but for ISP #1 (connected to Cisco 3650 port 24) it is not working, both ports are just blinking amber. When I reconnect back to my old 2960X I get internet connection again. So I informed my ISP #1 about my problem and also stated the whole scenario. They replied: "Our Cisco 3650 port 24 is configured as access mode, vlan access 302.." - how is this possible? Both my 2960X port 1 and their 3650 port 24 are configured as access port and with different VLANs?! I asked them the same question and this is their reply: "A Cisco “Access Port” tag the VLAN ID when a packet is received in the Switchport but untagged on the outgoing delectation so two Access Ports can communication even if they are in different VLANs. The packet flows without tagging between them." - can someone explain to me what out provider just said and how it relates to my question. Thank you. Since it is working with my 2960X, with the configs given (i don't know how), let's go back to my main problem, the new switch. So, the new switch is just blinking amber, but the port is setup like what I have in 2960X, but in 2960X it works. I made another test, using a spare switch, configured ports access modes and vlan access accordingly, and directly connected my three WAN ISPs. ISP #2 and #3 works! But connection from spare switch to ISP #1's 3650 port 24 is just blinking amber. I told them my tests and they said: "You see the Switchport amber because its never activated. This is a L2 problem and as per the logs everything points to an Spanning Tree issue. What the log is saying is that we receive a BPDU in a Non-Trunk port. This means that the Edge Switch or the D-Link port is sending a BPDU to our port. There are two reasons for this error: any of those switches are trying to negotiate a Trunk or are using a wrong encapsulation (802.1q or ISL). Once these parameters are consistent, spanning tree automatically unblocks the interface. These ports are set to untagged so that leave us with the first option only." Questions: 1. On my topology (attached) is their an STP issue? There is no redundant path, everything is just one direct line as it is. 2. They mentioned: "What the log is saying is that we receive a BPDU in a Non-Trunk port. This means that the Edge Switch (new) or the D-Link (spare) port is sending a BPDU to our port." - yes, it is a non-trunk port, but why is their 3650 works on my 2960X which the port is also configured as a non-trunk port (access mode)? 3. They mentioned: "There are two reasons for this error: any of those switches are trying to negotiate a Trunk or are using a wrong encapsulation (802.1q or ISL)." - why would my switches (new,spare) negotiate a trunk if both of them are access ports? And also, their port 24 in their 3650 is an access port as well. 4. They mentioned: "Once these parameters are consistent, spanning tree automatically unblocks the interface." - correct me if I am wrong but I don't have a redundant path, I only have one direct line to their 3650, how would an STP take effect and block the port, but if I connect it to my new switch it blocks it? Maybe I am just missing a picture here because of thinking too much, anyone's insight about this, specially with the small things I messed would be greatly appreciate! Thank you so much. Arturo
... View more