Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
443
Views
0
Helpful
2
Replies

SNMP not "routing" correctly accross trunked ports

jacobss914
Level 1
Level 1

‎10-01-2007 05:31 AM - edited ‎03-05-2019 06:47 PM

Routing was a term I chose to use, I know it is not proper since I can route traffic with out complaint except the snmp, and SSH, traffic from the monitoring server.

I have a group of switches and routers that I monitor.

Site one has a VLAN 100 192.168.10.0 /24 used for switch management. It is connected to Site 2 via a T-1 and two 7200 routers. Site two has a VLAN 100 also 192.168.40./24. The core is 192.168.40.254, router is 192.168.40.253, a switch out on the site has the local user vlan 10, wireless vlan 11, and management vlan 100. The management vlan has an IP of 192.168.40.1. on vlan 10 they have a 10.40.0.0 /1 scheme.

I can monitor via SNMP the core and router using either vlan 10 or vlan 100. I can monitor servers in both vlan 10 and vlan 100. These all connected to the core via ports in the 4506 and the port mode is access. I can monitor the UPS connected to the switch in IDF 1. The switch coming off the 4506 is a trunk port. I can not pickup a thing off that switch. Now if I make that switch a none trunked switch, I can get to it. It is only when it is in trunk mode that I can not monitor the switch.

Snippets of configs ( let me know if you need more)

4506 port connecting to the IDF switch

interface GigabitEthernet3/4

description Uplink (LAIDF1, G1/0/1)

switchport trunk encapsulation dot1q

switchport mode trunk

flowcontrol receive off

storm-control broadcast level 70.00

interface Vlan100

description Management_VLAN

ip address 192.168.40.254 255.255.255.0

no ip redirects

no ip proxy-arp

end

sh ip route on the core shows

C 192.168.40.0/24 is directly connected, Vlan100

This switch can ping and ssh into the offending switch.

Next switch out IDF1

Interface connected to the core:

interface GigabitEthernet1/0/1

description Trunk_to_4506

switchport trunk encapsulation dot1q

switchport mode trunk

storm-control broadcast level 70.00

end

Vlan 100s config

interface Vlan100

description Switch_Management_VLAN

ip address 192.168.40.1 255.255.255.0

no ip redirects

no ip proxy-arp

end

SNMP commands:

access-list 40 remark **** SNMP Access ****

access-list 40 permit 192.168.10.250

snmp-server community Public RO 40

snmp-server community Private RW 40

snmp-server location Over the Rainbow

snmp-server contact John Doe

I can get to all devices on the network except these switches that are in the IDFs. And only the switches that are using trunk ports, we have some that we only move a access port to.

Let me know what else you might need to help figure this out.

I have attached a simple diagram that show where I can get and where I can. Green is good, red is bad.

TIA, Stephen

Labels:
Preview file
37 KB
0 Helpful
2 Replies 2

owillins
Level 6
Level 6

‎10-05-2007 12:53 PM

which vlan did you use between the switches to have the communication?

0 Helpful

jacobss914
Level 1
Level 1
In response to owillins

‎10-08-2007 01:55 AM

I have tried it both on vlan 10 and vlan 11

BTW, Typo VLAn 10 is suposed to be a /16 subnet.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card