VLAN Mismatch Issue

rohit_s · ‎02-17-2007

I have a Cisco 3560 layer 3 Switch which is connected to multiple managed and unmanaged non-Cisco Switches.

I want to implement VLAN and do the VLAN routing on 3560 Switch.

Since these manageable and unmanageable switches are not under our control for VLAN configuration and also feasibility of VLAN configuration in these switches is not sure.

********So can I configure the Cisco 3560 switch ports connecting to these non-Cisco switches as access ports and keep all these ports in different VLAN so that entire switch behind the 3560 will be considered in a single VLAN. Then I will configure the SVI for all these VLAN on 3560 and perform the VLAN routing. *********

My doubt is that somewhere Cisco document says that both end of access port should be in Same VLAN otherwise error message comes and port doesn?t works.

Kindly clarify?

hoogen_82 · ‎02-17-2007

Hi Rohit,

You can go ahead and configure them exactly as you intend too. I have tested it with various other vendors and had no problems.

This is just like connecting a PC to an access port. Only difference your going to have a lot of traffic coming from this port. Also remember do not follow best practice for this port by giving bpdu guard enable commands this might sometimes shut down the port.

Any queries do let me know

Cheers

Hoogen

rohit_s · ‎02-17-2007

Hi Hoogen,

Thanks for the immediate response...

Had your scenario also was with Cisco and non-cisco switches??

But in my case I might not be able to keep both sides of the access link in same VLAN. I will only configure Cisco side of the access port in a particular VLAN but will keep the non cisco (managed and unmanaged) switches ports in their default settings...

I hope it should work without any problem. But this is contradictory to what Cisco document says...

hoogen_82 · ‎02-18-2007

Unmanageable switches would work but there is a doubt on manageable. What kind of manageable switch do u use?

rohit_s · ‎02-18-2007

Hi,

These are Dlink switches. But I am not sure of the models as these are present at my Customer site and I need to give them solution.

But I hope mismatch of VLAN on access link can only be detected by CDP messages. Since CDP is Cisco Proprietary, so may be this vlan mismatch might not be detected with Dlink switches and my solution may work.

Rohit

bhedlund · ‎02-18-2007

Unless you are DOT1Q trunking to these unmanageable switches (where the VLAN number is tagged onto frames) you should have no problems here.

As long as the unmanageable switch is not tagging the frame to the 3560 and vice versa (ie. dont configure trunking) then it would be impossible for each switch to know how you have configured VLAN numbers ... nor would it even matter.

Hope this helps. Please rate this post ;)

-Brad

hoogen_82 · ‎02-18-2007

Well i have connected dlink switches to my cisco switch and configured it to be only an access port given access to one access vlan. It works fine.

Cheers

Hoogen

rduke · ‎02-18-2007

If you are worried about layer 2 issues such as VLAN mismatches, you could scrap assigning VLANs to your 3560 port where it attaches to the remote switch by using the "no switchport" command. Then you can assign an IP address to the port using it more like a router port than a switch port. That way you don't have to worry about VLAN mismatches and possible bridge ID conflicts.

Randy

spvaidya · ‎02-18-2007

Hi,

Wish to add some more on Randy's suggestion. 1) All workstations/clients connected to your non-cisco ( & not under your controll ) should follow IP addressing. They could be in same or different subnet.

2) If they are in same subnet put default gateway as the 3560 PORT IP ADDRESS ( as randy mentioned )

3) If they are in different subnet then create subinterfaces on your 3560 for each subnet on this port. and assign that IP address as the default gateway for the respective clients.

Rgds

Shashank