Apr 9th, 2008
Hello all,

I have a question pertaining to switching and VLANs.

Our current setup at work is a core HP procurve switch that is broken into 4 vlans. We have lab, corp, user and server. We just expanded offices and now we have a need for a switch in the new lab (about 200ft) away.

I am connecting the switches (Cisco 3500XL to HP procurve) via a straight through (should be a CO I know, but one of the switches is taking care of switching the wires for us) and have only ran a single line. When I plug into the switch I am assigned an address in whatever vlan I am in on the switch (all good). So it looks like this:

HP Procurve (cable plugged in lab)-> Cisco 3500 (cable plugged in anywhere) -> Me (assigned a lab address)

There has been no configuration to the swtich so I am kind of confused how the switch knows to just send the data across the line when the port I plugged into has no vlan information and I have no trunk configured. So my first question is how does it do this?

My second questions gets more detailed. Lets say I run another line to the switch. This time the line is plugged into corporate. I do not want lab and corporate to talk. When I plug the laptop in it gets assigned whatever dhcp comes back first.

This is not practical and I know there has to be a more granular way to control this. If I had a 2 ciscos switches, I could just use VTP and transmit the vlan information, but in this case, being its an HP and Cisco, I can't.

My idea was to run the lines from the HP to the Cisco switch. From there I would configure them as trunk lines between eachother. I would configure the Cisco switch to have a trunk for the lab vlan and a trunk for the corporate vlan and then configure each port for vlan. So when a lab user wanted to access a lab node their packet would be tagged, sent to the proper trunk, sent over the trunk and then handeled at the HP. I think something like this would work, but if not could someone point out why? Also would trunking have to be configured on both ends (HP and Cisco)? And if this wouldn't work, does anyone have an idea what would?

If anyone has any ideas they would be greatly appreciated. Also, if you have any insight to what I have said so far then please feel free to comment. I understand this stuff, but sometimes confuse myself.

evsrajatgupta Wed, 04/09/2008 - 11:44
Hi rebrokenglass,

Reply to Q1

3500 is a L3 switch and by default all port are in trucking dynamic desirable mode. Thus the uplink can be a trunk port or an access port depending on the configuration on the port to which the switch is attached.

For detail on trucking mode


Reply to Q2

When you have to uplink in a switch, ther are 2 conditions

1) When the uplinks are trunk link --- STP comes into play and one of the uplink ports will be blocked to avoid loop.

2) If the uplink are access ports.

(A) If both ports belong to same Vlan again one port will be blocked.

(B) IF both ports belong to different Vlan then you can desire result. And can stop inter-Vlan routing via Access-list.

Best practice will be to have a Gigi trunk uplink and use of ACL for filtering.

rebrokenglass Wed, 04/09/2008 - 12:14
To point out, the switch is not a layer 3. I have a Cisco 3524 at home and it also does not support layer 3. All ports are treated the same and trunking is no where to be found. The cable in the HP is in its own VLAN, thats all. From there a cable connects the two and bam, Cisco switch can now divy out addresses on whatever VLAN the cable is plugged into HP.

To respond to the second question response and the first point. I see what you are saying with STP, but will it be able to disinguish that the two lines are technically handling different traffic (diff trunk for each vlan)?

To the second point, I really do not follow.

And to the best practice, I am not sure how that would allow for several vlans to go across the link?


