AP1300 Bridging Multiple Vlans with Dot1q

AJAZ NAWAZ · ‎08-14-2009

I have a pair of AIR-BR1310G-E-K9 to do ptp bridging. Topology is like this:

host-switch-rootAP---nonRootAP-switch-host

We have multiple vlans and have followed this doco:

<http://www.cisco.com/en/US/docs/wireless/access_point/1300/12.3_7_JA/configuration/guide/b37vlan.html>

The native vlan is all good and can ping across end-to-end. However, the when I attach a host to the switch in another vlan i.e. user vlan - there is no connectivity. Essentially, we want to dot1q over the ptp bridge setup.

running version:

c1310-k9w7-mx.124-10b.JA1

appreciate any input.

Ajaz

dancampb · ‎08-14-2009

To carry a vlan across the bridge just setup subinterfaces for the fast ethernet and radio interfaces, enable dot1q with the proper vlan tag, and assign the appropriate bridge-group number. For example, to add vlan 10 I would add the following to both bridges:

!

interface Dot11Radio0.10

encapsulation dot1Q 10

no ip route-cache

bridge-group 10

bridge-group 10 subscriber-loop-control

bridge-group 10 block-unknown-source

no bridge-group 10 source-learning

no bridge-group 10 unicast-flooding

bridge-group 10 spanning-disabled

!

interface FastEthernet0.10

encapsulation dot1Q 10

no ip route-cache

bridge-group 10

bridge-group 10 subscriber-loop-control

bridge-group 10 block-unknown-source

no bridge-group 10 source-learning

no bridge-group 10 unicast-flooding

bridge-group 10 spanning-disabled

!

AJAZ NAWAZ · ‎08-14-2009

hmm.. yes this is my understanding.

I have both AP's associated and all interfaces up/up. I can see the AP from each switch using CDP. The 'S' light on the back of both AP's in solid and R+E are flashing green.

The config is straight forward. Using vlan1 as native. Just have one additional vlan i.e. 100.

The traffic is no going being bridged over the AP's. A pointer to the relevant show commands wouldn't go a miss...

dancampb · ‎08-14-2009

Just to make sure you didn't miss anything simple, you did make sure the switchports going to the bridges are setup as trunks?

You could use the "debug fastethernet packets..." or the "debug dot11 dot0 trace print..." debugs to see the packets.

AJAZ NAWAZ · ‎08-14-2009

yes. standard trunk config on both switches:

5SL_SWITCH#srif 0/24

Building configuration...

Current configuration : 186 bytes

!

interface FastEthernet0/24

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,100

switchport mode trunk

switchport nonegotiate

spanning-tree portfast trunk

end

5SL_SWITCH#show interfaces trunk

Port Mode Encapsulation Status Native vlan

Fa0/24 on 802.1q trunking 1

Port Vlans allowed on trunk

Fa0/24 1,100

Port Vlans allowed and active in management domain

Fa0/24 1,100

Port Vlans in spanning tree forwarding state and not pruned

Fa0/24 1,100

5SL_SWITCH#

-----------------------------------------

11SL_SWITCH#srif 0/24

Building configuration...

Current configuration : 186 bytes

!

interface FastEthernet0/24

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,100

switchport mode trunk

switchport nonegotiate

spanning-tree portfast trunk

end

11SL_SWITCH#show interfaces trunk

Port Mode Encapsulation Status Native vlan

Fa0/24 on 802.1q trunking 1

Port Vlans allowed on trunk

Fa0/24 1,100

Port Vlans allowed and active in management domain

Fa0/24 1,100

Port Vlans in spanning tree forwarding state and not pruned

Fa0/24 1,100

11SL_SWITCH#

-----------------------------------------

furthermore the vlans exist in the db and when i trunk between the switches - I can ping the SVI's.

Do you want me to post the AP config?

----------------------------------------

AJAZ NAWAZ · ‎08-14-2009

pls find attached configs from AP's

AJAZ NAWAZ · ‎08-14-2009

just noticed - am using deferred release of code (i.e. 12.4.10b-JA1(ED)).

Going to updrade. if code fixes then we have another major sw defect. DE's - watch this space!