3750G Core config (please advise)

Answered Question
Aug 4th, 2008
User Badges:

Hi


I have configured 2 x 3750G-12S switches as core/distribution switches. I have configured 8 vlans 10,20,30,40,50,60,70,100

and have created SVI interfaces for them all.


I have PVST running and have shared the load over the 2 core/distribution switches.

eg.

vlan 10,20,30,40 root bridge Core_1

vlan 50,60,70,100 root bridge Core_2


Both of the 3750G's are linked by 2 x fibre trunks (dot1q) for redundancy.


I have also configured HSRP on each SVI over every vlan.


I have configured every vlan SVI with the command "core_1(config)#int vlan 10

core_1(config-if)#switchport trunk native vlan 10"


I have done the same on each individual vlan (please see sh run), is this correct???

If not why???

What is the Native Vlan and how should it be configured properly??


I have attached the sh runs for each 3750G switch in the core, please could you check it over for me and give me your opinion on what would be better?



I have also attached a sh run from the top switch on vlan 10, this is connected via fibre to core_1 and is the 1st of 5 in the stack. The bottom switch in the stack is connected via fibre to Core_2.


All switches are daisy chained together via copper from top to bottom and I have configured DHCP server on the top switch in most vlans switch stacks.


Please advise on the configs and any problems?


Many many thanks


Mark




Correct Answer by Marwan ALshawi about 8 years 8 months ago

first u have big mistake with the native VLANs however u have configured the switches to some extent very good


for ur knowledge the native VLAN is used for managment and it is the only vlan go on the trunk without being taged with a VLAN ID


ssu configured the access switch with all ports in vlan 10

and also u made vlan 10 as native in this case ur vlan 10 will not be taged over the trunk

what u need to do

make the native VLAN for all switches the same do it the default which should be vlan one and u se it for managment

and dont assign it to any normal access switch port

and in access switch also u dont need to make any SVI only make one for managment

so make the vlan one the native and make an SVI in the access switch for managment access linke telnet


also for DHCP

u have correctly added the spanning-tree portfast on the access ports


what u need to do

if u have deffrent IP addressing for each VLAN make deffrent DHCP scop for each VLAN within its subnet then

on each SVI on the DISTlayer switches add

ip-helper [dhcp address] command and on the dhcp config make the SVI default gateway for each corsponding vlan


vlan 2

SVI vlan 2 will be the default gateway for vlan 2 pool

vlan 10 will be the default gateway for vlan 10 pool

or HSRP VIP for that VLAN


and the ip helper command should be put on each ditslyer 3 switch

pointing to the DHCP IP address


or u can configure the DHCP pool on the DIST switches but in this case becase it is on the same switch u dont need ip helper command


follow these instructions and should be fine


good luck


please, if helpful Rate


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.3 (4 ratings)
Loading.
Correct Answer
Marwan ALshawi Mon, 08/04/2008 - 21:26
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

first u have big mistake with the native VLANs however u have configured the switches to some extent very good


for ur knowledge the native VLAN is used for managment and it is the only vlan go on the trunk without being taged with a VLAN ID


ssu configured the access switch with all ports in vlan 10

and also u made vlan 10 as native in this case ur vlan 10 will not be taged over the trunk

what u need to do

make the native VLAN for all switches the same do it the default which should be vlan one and u se it for managment

and dont assign it to any normal access switch port

and in access switch also u dont need to make any SVI only make one for managment

so make the vlan one the native and make an SVI in the access switch for managment access linke telnet


also for DHCP

u have correctly added the spanning-tree portfast on the access ports


what u need to do

if u have deffrent IP addressing for each VLAN make deffrent DHCP scop for each VLAN within its subnet then

on each SVI on the DISTlayer switches add

ip-helper [dhcp address] command and on the dhcp config make the SVI default gateway for each corsponding vlan


vlan 2

SVI vlan 2 will be the default gateway for vlan 2 pool

vlan 10 will be the default gateway for vlan 10 pool

or HSRP VIP for that VLAN


and the ip helper command should be put on each ditslyer 3 switch

pointing to the DHCP IP address


or u can configure the DHCP pool on the DIST switches but in this case becase it is on the same switch u dont need ip helper command


follow these instructions and should be fine


good luck


please, if helpful Rate


Marwan ALshawi Mon, 08/04/2008 - 21:36
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

i have made some changes to ur config see it in the attachment




Attachment: 
n.nandrekar Mon, 08/04/2008 - 21:30
User Badges:
  • Silver, 250 points or more

Hello Mark,

I wanted to clarify regarding "

I have configured every vlan SVI with the command "core_1(config)#int vlan 10

core_1(config-if)#switchport trunk native vlan 10"


I have done the same on each individual vlan (please see sh run), is this correct???

If not why???

What is the Native Vlan and how should it be configured properly?? "




>>>>> First of all, ?I am surprised on how you could configure "switchport trunk native vlan x" on the vlan interface. The interface vlan (SVI) is a L3 interface and should not take any switchport commands.


The "switchport trunk native vlan" command defines which vlan should be considered as the native vlan (i.e. untagged vlan) on the particular trunk link. This command is issued on a physical trunk link. The untagged traffic coming on this link is considered to beling to the configured native vlan (the default native vlan is the vlan 1). All the control protocols also use this vlan for their communication (eg. spanning tree bpdus will be sent on the vlan 1).

It is recomended not to change the native vlan on a link unless you have a specific requirement to have another vlan (and not the vlan 1) as an untagged vlan on the trunk link.


Regards,

Niranjan

(pls rate if helpful)


n.nandrekar Mon, 08/04/2008 - 21:37
User Badges:
  • Silver, 250 points or more

hi again!

I had not read the attachments when i replied earlier. From the attachments it is clear that you have configured "native vlan" ion the physical ports indeed and not on the SVI (as you have written in your post).

What is your aim of configuring the native vlan? If the various 2900 switches are a part of just 1 vlan, and not having any other vlans, then you can rather make the link on 3700 connecting to a particular 2900 switch as an access link belonging to that vlan (switchport mode access, sw acc vlan x). You wont need the link to be trunk in that case and neither will you need the native vlan configuration.


Regards,

Niranjan

(pls rate helpful posts)

Marwan ALshawi Mon, 08/04/2008 - 22:29
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

that what i have change in the config

i just re entered the native vlan 1 command to ge ti back as vlan one

and made some alterations will help to make the config better and working


n.nandrekar Tue, 08/05/2008 - 03:09
User Badges:
  • Silver, 250 points or more

hi Marwan!

Looks like our replies overlapped....


:)

Marwan ALshawi Tue, 08/05/2008 - 05:00
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

hi Niranjan


i think not overloaded as its agree on the same ideas


anyway

i am happy talk two u on this discussion and see u in other posts.. :)

Actions

This Discussion