03-17-2008 09:17 AM - edited 03-05-2019 09:48 PM
I am trying to get some 3750 switches to act as external VLAN routing devices. For some reason, however, I am unable to get my VLAN trunks to properly VLANs.
Here is my config...
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname DC2-ExtranetDMZ
!
boot-start-marker
boot-end-marker
!
!
username rancid privilege 15 password 7 13231E0A181F08783C
no aaa new-model
switch 1 provision ws-c3750e-24td
switch 2 provision ws-c3750e-24td
system mtu routing 1500
vtp mode transparent
ip subnet-zero
ip routing
no ip domain-lookup
!
!
password encryption aes
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 148,1492,1498,3570
!
vlan 3609
name Paldaz
!
!
!
interface FastEthernet0
no ip address
!
interface GigabitEthernet1/0/1
description ***Connection to DC2-ISG2000-A***
switchport access vlan 148
spanning-tree portfast
!
interface GigabitEthernet1/0/2
spanning-tree portfast
!
interface GigabitEthernet1/0/24
description ***Connection to DS-3 via Ethernet****
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1492,1498,3270,3570,3609
switchport mode trunk
spanning-tree portfast
interface GigabitEthernet2/0/1
description ***Connection to DC2-ISG2000-B***
switchport access vlan 148
spanning-tree portfast
!
interface Vlan1
no ip address
!
interface Vlan148
description ***VLAN connection for firewalls***
ip address 10.148.148.253 255.255.255.252
!
interface Vlan1492
description
ip address 10.148.148.33 255.255.255.248
!
interface Vlan1498
description
ip address 10.148.148.49 255.255.255.248
!
interface Vlan3570
description
ip address 10.148.148.41 255.255.255.248
!
interface Vlan3609
description
ip address 10.148.148.1 255.255.255.224
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.148.148.254
ip http server
VLAN 148 is the upstream router connection to my network. The other VLAN interfaces are customer VLANs coming in on port G1/0/24.
Any idea what I am missing?
03-17-2008 09:20 AM
I don't think you want to portfast your trunks, but I could be mistaken.
03-17-2008 10:15 AM
I removed that to no avail.
When I switch the port to access mode I then see MAC addresses pop up.
03-17-2008 10:34 AM
Brian
I have looked at what you posted and I am having trouble understanding quite what the problem is. Can you clarify what your problem is?
If you have a port that is not learning a MAC address when configured as a trunk and it does learn the MAC when configured as an access port then it suggests that the port is connected to some end station which does not understand or process trunking with tagged frames but does process untagged frames.
HTH
Rick
03-17-2008 10:45 AM
On that case, add the native Vlan in the trunk configuration to match the access-vlan.
For instance, your current access vlan design
interface GigabitEthernet1/0/1
description ***Connection to DC2-ISG2000-A***
switchport access vlan 148
spanning-tree portfast
If you were to connect a device on this port then the trunk configuration would be.
!
interface GigabitEthernet1/0/24
description ***Connection to DS-3 via Ethernet****
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1492,1498,3270,3570,3609
switchport trunk native vlan 148
switchport mode trunk
spanning-tree portfast
Excluding the native Vlan from the configuration switchport will cause the attached device to run on Vlan1 for untagged packets.
HTH,
__
Edison.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide