09-22-2007 10:44 PM
Hi all.
Im trying to learn the basics of vlans and trunking. Im trying to do it by-the-book, just to get a grip on how it all works but i keep failing on this simple task : (. I have a Cisco freshly resetted 2940 with 3 VLANs:
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/9, Gi0/1
10 external active
20 internal active Fa0/7
30 guests active Fa0/8
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
So, for example i want vlan 30 (port 8) to be able to surf thru the gateway (port 1, vlan 10). That would mean that port 1 has to be a trunk port (?). I set it up:
(conf t - int fast 0/1)
switchport access
switchport mode trunk
switchport mode trunk allowed vlans 10,20,30
Here i allow all vlans just to make sure i don't do any easy misstakes. But when i ping from port 8 i can't get out thru the gateway, somethings is wrong or missing.
When i take a look at the vlans i see that one is shutdown, when i try to make it no shutdown the other goes down, like this:
00:35:42: %LINK-3-UPDOWN: Interface Vlan10, changed state to up
00:35:43: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up
Switch(config-if)#interface vlan 30
Switch(config-if)#no shu
Switch(config-if)#
00:35:53: %LINK-3-UPDOWN: Interface Vlan30, changed state to up
00:35:53: %LINK-5-CHANGED: Interface Vlan10, changed state to administratively down
00:35:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan30, changed state to down
00:35:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to down
What am i doing wrong? I have active links on VLAN 10 and VLAN 30, they should both be able to stay active?
All help are greatly apreciated!
thx.
Oh, my conf:
Switch#sh run
Building configuration...
Current configuration : 1165 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
ip subnet-zero
!
vtp mode transparent
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
vlan 10
name external
!
vlan 20
name internal
!
vlan 30
name guests
!
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/2
switchport access vlan 10
!
interface FastEthernet0/3
switchport access vlan 10
!
interface FastEthernet0/4
switchport access vlan 10
!
interface FastEthernet0/5
switchport access vlan 10
!
interface FastEthernet0/6
switchport access vlan 10
!
interface FastEthernet0/7
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/8
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/9
!
interface GigabitEthernet0/1
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
interface Vlan10
no ip address
no ip route-cache
shutdown
!
interface Vlan30
no ip address
no ip route-cache
!
ip http server
!
line con 0
line vty 5 15
!
!
end
Switch>sh inventory
NAME: "Switch", DESCR: "Cisco Catalyst c2940 switch with 8 10/100 BaseTX ports, 1 100BASE-FX SM uplink po
rts and 1 SFP (Small Form Factor Plugable) Module slot"
09-23-2007 08:43 AM
Piero
The first and most important thing to understand here is that your switch is a layer 2 switch. Several of your issues are directly related to this fact.
- a layer 2 switch can have only a single active VLAN interface. This is sometimes confusing because the switch can have several active VLANs but a VLAN interface is a layer 3 interface and a layer 2 switch can have only a single layer 3 interface (which is only for management purposes). This explains why when you no shut one VLAN interface the other VLAN interface goes shutdown.
- a layer 2 switch can forward multiple VLANs (and does not need any interface vlan x to do this) but a layer 2 switch can not forward between VLANs and you need a layer 3 device to do intervlan routing. This explains why you ping from porrt 8 but do not get anywhere. There is no layer 3 intervlan routing in what you have told us.
- a layer 2 switch with multiple VLANs will connect to the layer 3 device (could be a router or could be a layer 3 switch) via a trunk port. So your trunk port on your layer 2 switch needs to be the port that connects to the layer 3 device.
HTH
Rick
09-24-2007 06:28 AM
many thx for the excellent answer! I will go on with layer 3 device on the trunk port.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: