[c-nsp] VLAN mystery
Joseph Mays
mays at win.net
Thu Oct 15 13:36:05 EDT 2015
Dealing with a mysterious vlan that won't work, right next to an identically configured VLAN on all the same equipment that works fine.
Router A is a cisco 7206 with two vlan subinterfaces on the same port, one (vlan 808) with address 216.24.2.201/30, one (vlan 888) with address 216.24.2.205/30. Gigabit0/2 is a gigE interface to Switch A
Switch A is a catalyst 2950. FastEthernet0/1 is a gig-e connection to Router A configured in VLAN trunking mode. Fastethernet0/1 is a 100bt connection to remote switch B, configured as a vlan trunk that only allows vlan 808. Fastethernet0/2 is a 100bt connection to remote switch B, configured as a vlan trunk that only allows vlan 888. Both vlans are defined in both the config and the vlan database.
Switch B is a catalyst 2924. FastEthernet0/1 is a 100bt connection to Router B configured in VLAN trunking mode. Fastethernet0/10 is a 100bt connection to remote switch A, configured as a vlan trunk that only allows vlan 808. Fastethernet0/17 is a 100bt connection to remote switch A, configured as a vlan trunk that only allows vlan 888. Both vlans are defined in both the config and the vlan database.
Router B is a cisco 7206 with two vlan subinterfaces on the same port, one (vlan 808) with address 216.24.2.201/30, one (vlan 888) with address 216.24.2.205/30. Fastethernet1/0 is a 100bt interface to Switch A
So --
RtrA(216.24.2.201,205)----SwA====SwB----RtrB(216.24.2.202,206)
>From I can ping between 216.24.2.201 and 216.24.2.202 across vlan 808 fine. I cannot get traffic either direction between 216.24.2.205 and 216.24.2.206 across vlan 888. As near as I can tell the vlans are configured identically through all pieces of equipment, and both have been entered in the vlan database on both switches. I must be forgetting something about vlan config somewhere, but I can't figure out where. What am I missing?
Pings from core-gw1 (RtrA)
core-gw1.noc#ping 216.24.2.202
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 216.24.2.202, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
core-gw1.noc#ping 216.24.2.206
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 216.24.2.206, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Below is the relevant config info from all the equipment.
=================================================================================
On Router A
interface GigabitEthernet0/2.808
description HN-808 interconnect to armplc via core-sw3
encapsulation dot1Q 808
ip address 216.24.2.201 255.255.255.252
no cdp enable
!
interface GigabitEthernet0/2.888
description HN-888 interconnect to armplc via core-sw3
encapsulation dot1Q 888
ip address 216.24.2.205 255.255.255.252
no cdp enable
=================================================================================
On Switch A
interface FastEthernet0/1
switchport trunk allowed vlan 808
switchport mode trunk
speed 100
duplex full
!
interface FastEthernet0/2
switchport trunk allowed vlan 888
switchport mode trunk
speed 100
duplex full
!
interface GigabitEthernet0/1
switchport mode trunk
speed 1000
duplex full
!
interface Vlan1
no ip address
no ip route-cache
!
interface Vlan808
no ip address
no ip route-cache
shutdown
!
interface Vlan888
no ip address
no ip route-cache
shutdown
Switch#show vlan id 808
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
808 VLAN0808 active Fa0/1, Gi0/1
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
808 enet 100808 1500 - - - - - 0 0
Remote SPAN VLAN
----------------
Disabled
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
Switch#show vlan id 888
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
888 VLAN0888 active Fa0/2, Gi0/1
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
888 enet 100888 1500 - - - - - 0 0
Remote SPAN VLAN
----------------
Disabled
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
=================================================================================
On Switch B
interface FastEthernet0/1
description to gw1.armplc
duplex full
speed 100
switchport trunk encapsulation dot1q
switchport mode trunk
no cdp enable
!
interface FastEthernet0/10
description Hatteras 1 - HN408-U
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,808,1002-1005
switchport mode trunk
no cdp enable
!
interface FastEthernet0/17
description UNUSED
duplex full
speed 100
switchport trunk allowed vlan 1,888,1002-1005
switchport mode trunk
no cdp enable
sw1.armplc#show vlan id 808
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
808 VLAN0808 active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
808 enet 100808 1500 - - - - - 0 0
sw1.armplc#show vlan id 888
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
888 VLAN0888 active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
888 enet 100888 1500 - - - - - 0 0
=================================================================================
On Router B
interface FastEthernet1/0.808
description HN-808 interconnect to heyburn via sw1.armplc
encapsulation dot1Q 808
ip address 216.24.2.202 255.255.255.252
no cdp enable
!
interface FastEthernet1/0.888
description HN-888 interconnect to heyburn via sw1.armplc
encapsulation dot1Q 888
ip address 216.24.2.206 255.255.255.252
no cdp enable
More information about the cisco-nsp
mailing list