[c-nsp] L3 vs. L2 trunk connections to a 6509 core. Easyrouter-head question.

virendra rode // virendra.rode at gmail.com
Mon Apr 14 18:24:13 EDT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

comments in-line:



Grant Moerschel wrote:
> Here is the Access Switch sh run and sh ip route info:
> 
> 3560-10th-Floor#sho run
> Building configuration...
> 
> Current configuration : 9635 bytes
> !
> version 12.2
> !
> hostname 3560-10th-Floor
> !
> system mtu routing 1500
> ip subnet-zero
> ip routing
> !
> !
> mls qos
> 
> !
> spanning-tree mode pvst
> spanning-tree extend system-id
> !
> vlan internal allocation policy ascending
> !
> !
> !
> interface FastEthernet0/1
>  switchport access vlan 100
>  switchport mode access
>  switchport port-security
>  switchport port-security aging time 2
>  switchport port-security violation restrict
>  switchport port-security aging type inactivity
>  spanning-tree portfast
>  spanning-tree bpduguard enable
> !
> 
> ...items removed ....
> !
> interface FastEthernet0/9
>  switchport access vlan 10
>  switchport mode access
>  switchport voice vlan 100
>  speed 100
>  duplex full
>  mls qos trust dscp
>  spanning-tree portfast
> !
> 
> ...items removed ....
> !!
> interface GigabitEthernet0/1
>  switchport trunk encapsulation dot1q
>  switchport trunk allowed vlan 1,10,100
>  switchport mode trunk
> !
> interface GigabitEthernet0/2
>  switchport trunk encapsulation dot1q
>  switchport trunk allowed vlan 1,10,100
>  switchport mode trunk
> !
> interface Vlan1
>  ip address 172.16.1.26 255.255.240.0
> !
> !
> router eigrp 100
>  no auto-summary
>  no eigrp log-neighbor-changes
>  network 10.0.0.0
>  network 172.16.0.0
> !
> ip default-gateway 172.16.0.1
- --------------------------
just curious, why do you have ip default-gateway configured when you
have ip routing enabled?



regards,
/virendra




> ip classless
> ip http server
> ip http secure-server
> !
> logging history errors
> logging trap warnings
> logging 172.16.3.69
> 
> !
> control-plane
> !
> !
> end
> 
> 
> 3560-10th-Floor#sho ip route
> Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
>        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
>        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
>        E1 - OSPF external type 1, E2 - OSPF external type 2
>        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS
> level-2
>        ia - IS-IS inter area, * - candidate default, U - per-user static
> route
>        o - ODR, P - periodic downloaded static route
> 
> Gateway of last resort is not set
> 
>      172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
> C       172.16.0.0/20 is directly connected, Vlan1
> D       172.16.80.0/27 [90/3072] via 172.16.0.1, 2d00h, Vlan1
>      10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
> D       10.1.10.0/24 [90/3072] via 172.16.0.1, 2d00h, Vlan1
> D       10.16.10.0/24 [90/3072] via 172.16.0.1, 2d00h, Vlan1
> D       10.16.8.0/24 [90/3072] via 172.16.0.1, 2d00h, Vlan1
> D       10.16.9.0/24 [90/3072] via 172.16.0.1, 2d00h, Vlan1
> D       10.16.14.0/24 [90/3072] via 172.16.0.1, 2d00h, Vlan1
> D       10.16.12.0/24 [90/3072] via 172.16.0.1, 2d00h, Vlan1
> D       10.3.252.0/30 [90/2170112] via 172.16.0.3, 2d00h, Vlan1
> 
> 
> 
> -----Original Message-----
> From: Mike Louis [mailto:MLouis at nwnit.com] 
> Sent: Monday, April 14, 2008 1:17 PM
> To: Grant Moerschel; cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] L3 vs. L2 trunk connections to a 6509 core.
> Easyrouter-head question.
> 
> Can you post your relevant configs from both sides 6500 and 3560?
> 
> -----Original Message-----
> From: Grant Moerschel [mailto:gm at wavegard.com]
> Sent: Monday, April 14, 2008 1:15 PM
> To: Mike Louis; cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] L3 vs. L2 trunk connections to a 6509 core.
> Easyrouter-head question.
> 
> The only SVI configured on the 3560 is the VLAN1 interface. Is this
> incorrect?  My assumption was that the V1 SVI, a default route for V1,
> and "no ip routing" was all that was needed but when I did that I
> couldn't talk with the other VLANs on the switch.  I may have overlooked
> something.
> 
> Given my description of the 3560 (routing on, one SVI for VLAN1, one
> trunk to the core), do you think that the local V8 traffic on the 3560
> is being routed via VLAN1 in contrast to being tagged and forwarded as
> VLAN8 via the trunk to the core?
> 
> -----Original Message-----
> From: Mike Louis [mailto:MLouis at nwnit.com]
> Sent: Monday, April 14, 2008 12:11 PM
> To: Grant Moerschel; cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] L3 vs. L2 trunk connections to a 6509 core.
> Easyrouter-head question.
> 
> If you are going to use the 3560 as a L2 switch you can disable ip
> routing. You will need to define a management interface and
> default-gateway for the management vlan on the switch only. All VLANs
> including management will be L2 only. Do not configure VLAN SVI if you
> only want to use the 3560 as a layer 3 switch. Did you configure EIGRP
> on the 3560 as well? If so that may be why you are getting routing
> information via VLAN 3 to the 6509.
> 
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Grant Moerschel
> Sent: Monday, April 14, 2008 11:45 AM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] L3 vs. L2 trunk connections to a 6509 core. Easy
> router-head question.
> 
> I am trying to determine what is normal here.  This is the situation. I
> have a 6509 Sup1a/MSFC2 running the latest CatOS/IOS for that hardware.
> I run EIGRP. I have several VLANs on the core and use VTP.  When I trunk
> a 2950 L2 switch to the core I specify VTP on the 2950. No problem. All
> VLANs show up on the 2950.  For our eighth floor, for example, I trunk
> V1, V8, and V100 and clear all other VLANs from the trunk. V100 is for
> Voice and V8 is for most PCs for Data.  My assumption is that if an
> access port is "switchport access vlan 8" and the PC is plugged in to
> that port, he's on V8. To get off that broadcast network to some other
> destination, he hits the gateway which is the L3 interface on the core
> 6509 MSFC2.  I get all this.
> 
> Here's the question.  If my access switch is a 3560 which is a Layer 3
> switch, it seems that I have to have it participate in EIGRP to make it
> work.  But this does not make sense because for this application I still
> have a single trunk to the core from the 3560. If I trunk V1, V10, and
> V100 from the 3560 to the 6509, doesn't communication just go down the
> trunk to the 6509 L3 gateway?  For example, if my PC is on a 3560 V10
> port and needs to hit something on V8, shouldn't the 3560 forward the
> frame down the trunk to the 6509 which'll route onto V8, up V8's trunk
> to that access switch and forward it out to the destination?   If I look
> at my routes on the 3560, they all say "to get to V10 you must go
> through the 6509 V1 layer 3 interface" (I hope that makes sense).
> 
> Should I turn off "ip routing" on the 3560 in order to mimic the setup
> of the 2950 <----> 6509 trunk link?  What am I missing?
> 
> Thanks
> 
> ~~~~
> Grant P. Moerschel
> WaveGard, Inc.
> gm -at- wavegard -dot- com
> ~~~~
> 
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
> 
> Note: This message and any attachments is intended solely for the use of
> the individual or entity to which it is addressed and may contain
> information that is non-public, proprietary, legally privileged,
> confidential, and/or exempt from disclosure.  If you are not the
> intended recipient, you are hereby notified that any use, dissemination,
> distribution, or copying of this communication is strictly prohibited.
> If you have received this communication in error, please notify the
> original sender immediately by telephone or return email and destroy or
> delete this message along with any attachments immediately.
> 
> 
> 
> Note: This message and any attachments is intended solely for the use of
> the individual or entity to which it is addressed and may contain
> information that is non-public, proprietary, legally privileged,
> confidential, and/or exempt from disclosure.  If you are not the
> intended recipient, you are hereby notified that any use, dissemination,
> distribution, or copying of this communication is strictly prohibited.
> If you have received this communication in error, please notify the
> original sender immediately by telephone or return email and destroy or
> delete this message along with any attachments immediately.
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIA9mNpbZvCIJx1bcRAtwxAJ0RrziDo26cN8z5r3dBWjvDbezy2QCeP9RN
7AHyd6DSGBi69JJPH3my18Q=
=1GoI
-----END PGP SIGNATURE-----


More information about the cisco-nsp mailing list