L2TPv3 on 2851 routers with switch modules

Answered Question
Jul 28th, 2009
User Badges:

Hi.

Can I configure L2TPv3 between two 2851 Routers, when the Vlan I want to pass (Vlan 22) from site to site is configured on HWIC 4 port FastEthernet on one Router and a 23 Port FastEthernet on the second Router?

The two sites are connected between then via IP over Ethernet (FastEthernet 0/1 on each Router).

My problen is the switch modules on each side.

Any idea?

Danny.


Correct Answer by Edison Ortiz about 7 years 7 months ago

If you have access-vlan 18 on both F0/3 and F0/23, you aren't sending a dot1q vlan header, the frame is untagged.


The only way to send dot1q vlan headers is to configure dot1q trunking on both F0/3 and F0/23.


Both routers in the L2TPv3 configuration will forward these frames but you need to make sure both end devices (the laptops on this case) support dot1q.


__


Edison.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Edison Ortiz Tue, 07/28/2009 - 07:18
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

HWIC won't support the xconnect command under its fastethernet interface nor there is support for the SVI


http://www.cisco.com/en/US/prod/collateral/routers/ps5853/prod_white_paper0900aecd8064c9f4_ps5855_Products_White_Paper.html


You can attach the routed fastethernet port on the router to Vlan 22 and configure the xconnect there on each router.


With this configuration, L2/L3 traffic will transparently be sent/received between these 2 routers.


HTH,


__


Edison.

danny4569 Tue, 07/28/2009 - 23:00
User Badges:

Hi Edison

do you mean:

interface FastEthernet 0/1.22 (interface that connects between the Rs)

no ip address

dot1q tunneling ethertype 0x9100

xconnect A.B.C.D 1 pw-class CLASS1


???

danny.

Edison Ortiz Wed, 07/29/2009 - 05:08
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

You don't need the 'dot1q' command, all you need is the xconnect.


HTH,


__


Edison.

danny4569 Tue, 09/01/2009 - 05:23
User Badges:

Hi Edison.

NOT working with my configuration.

See attached files with configurations (very simple) and a drawing of the setup.

interfaces FastEthernet 0/0 on both Routers can NOT be used, in production they are connecting other LANs.

Thank U for your help.

Danny.




Edison Ortiz Tue, 09/01/2009 - 05:39
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

The xconnect is up and running. Per your configuration, the problem is on the switch side where you are connecting from access-vlan 18 while the router is expecting a tagged dot1q header of Vlan 18.


You need to create a trunk on the router facing interface at the switches.



danny4569 Tue, 09/01/2009 - 05:57
User Badges:

On the 3750 inter fast 0/1 facing the router, it was configured as a trunk.


On the MATE router fast 0/2/0 was configured as trunk.


No changes were done on the ELTA router side becouse a laptop is connected directly to the switching module.


Still no connctivity between the two laptops.


What am I missing?


See drawing.

danny.




Edison Ortiz Tue, 09/01/2009 - 06:00
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

You only posted one switch config and it has this:


interface FastEthernet0/1

description CONNECTION TO ROUTER MATE

switchport access vlan 18

switchport mode access

speed 100

duplex full

spanning-tree portfast

!


I don't see any trunk configured on any of the ports.


The question is; why did you configure the xconnect under a subinterface? Make this simple, and configure the xconnect under the physical interface. It will forward all the Vlans for you end-to-end.


PS: Just looked at your diagram, you need to connect the 3750 on the MATE site directly to Port F0/1 on the router - same on the ELTA site. While the L2 Tunnel is up, your physical connection is not correct. You have to think of this as a wire between the devices and the routers are transparent. When you enable xconnect on an interface, a directly connected device on that interface will see the remote end as if they were directly connected. You can't do what you intend to do here as connecting the CE device in other ports.




___


Edison.

danny4569 Tue, 09/01/2009 - 06:12
User Badges:

See attached files after changes.


I configured loobback on both sides according to cisco recommendation on a document I have.


With the running configuration, can you see the problem?


I will also try to change configuration, working without loobback interfaces.


Danny.



Edison Ortiz Tue, 09/01/2009 - 06:23
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

The problem is not the loopbacks, the problem is the physical connection. Did you read my last posting?


I understand you don't want to touch F0/0 and I see you want to use F0/1 for the inter-router link. How about using one of the switchport modules for this inter-router link:


For instance on Mate:


config#default int f0/1


to remove all configuration from F0/1


Then:

interface f0/1

no cdp enable

xconnect 5.5.5.50 1 pw-class CLASS1


interface FastEthernet0/2/1

switchport mode access

switchport access vlan 101


vlan 101 name router-to-router_vlan



interface vlan 101

ip address 10.0.0.1 255.0.0.0



Connect the 3750 to port F0/1 on the router and that side is done.


At the ELTA site, move the inter-router link to a switchport similar to above and connect the laptop directly to F0/1 in the router. I believe for this connection you will need a crossover cable.


__


Edison.



danny4569 Tue, 09/01/2009 - 07:06
User Badges:

Hi.

With the new configuration it works!!!

But, now i am connecting the laptops to vlan 1.


Is it possible to do the same using vlan 18 for the laptops?


Danny.

Edison Ortiz Tue, 09/01/2009 - 07:12
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Please provide the new config from all devices; the 2 routers - 3750 switch as well as physical network diagram to understand these new changes.

danny4569 Tue, 09/01/2009 - 07:25
User Badges:

Hi.

See attached file.


now I am using ports F0/3 (uplink) and F0/23 (laptop) on vlan 1 on the switch configured as switchport mode access.


Danny.



Edison Ortiz Tue, 09/01/2009 - 07:37
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

F0/3 uplink and F0/23 on laptop is all on the 3750 side which config you have not posted.


Anyway, you can change the vlan membership from Vlan 1 to Vlan 18 on F0/3 and F0/23 and the remote laptop will be able to connect to your local laptop.


As I stated before, at this moment, your remote laptop is acting like it is directly connected to F0/3.


As long as F0/3 and F0/23 are on the same Vlan, you will be able to communicate between laptops without any routing on the 3750 switch.


If you decide to have F0/3 and F0/23 on different vlans, you need to enable routing on the 3750 switch, change the IP subnets on the default and point to their respective gateways on the 3750.


__


Edison.


Please make sure to rate helpful posts


danny4569 Wed, 09/02/2009 - 02:13
User Badges:

WORKING!!!

Thank you very much for your help.

Last Question:

What happens to the 802.1Q tagging of vlan 18 when it enters to the MATE router?

Now I can communicate between two laptops when one of them in on Vlan 1 and the other is on Vlan 18 and the same IP segment.

Danny




Correct Answer
Edison Ortiz Wed, 09/02/2009 - 05:17
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

If you have access-vlan 18 on both F0/3 and F0/23, you aren't sending a dot1q vlan header, the frame is untagged.


The only way to send dot1q vlan headers is to configure dot1q trunking on both F0/3 and F0/23.


Both routers in the L2TPv3 configuration will forward these frames but you need to make sure both end devices (the laptops on this case) support dot1q.


__


Edison.

Actions

This Discussion