08-24-2009 05:26 PM - edited 03-06-2019 07:24 AM
Hello,
I'm currently doing some lab exercises in Packet Tracer.
I'm trying to setup a small network with 2x 3560 switches and 3 vlans. 1 vlan for network management, one vlan for servers and one vlan for users.
I'm running into issues where my lab exercises don't seem to work properly, and i'm not sure what im doing wrong. I learn fairly well "by example" and was wondering if anyone can point me to some examples of such a setup.
08-24-2009 06:32 PM
further, here is the layout of my lab and the packet tracer file.
here are the configs of my 2 3560. i've cut out ports no important to the lab
CORE 3560
Current configuration : 1399 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname CORE
!
ip routing
!
!
no ip domain-lookup
!
interface FastEthernet0/10
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet0/1
description link_to_closet_switch
switchport trunk allowed vlan 1,10,20
switchport mode trunk
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
!
interface Vlan10
description server_vlan
ip address 192.168.10.1 255.255.255.0
!
interface Vlan20
description user_vlan
ip address 192.168.20.1 255.255.255.0
!
ip classless
============
CLOSET 3560
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname CLOSET
!
ip routing
!
no ip domain-lookup
!
interface FastEthernet0/10
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/11
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet0/1
description link_to_core_switch
switchport trunk allowed vlan 1,10,20
switchport mode trunk
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 192.168.1.2 255.255.255.0
!
interface Vlan10
description server_vlan
no ip address
!
interface Vlan20
description user_vlan
no ip address
!
ip classless
!
line con 0
line vty 0 4
login
08-24-2009 07:56 PM
I'm making some assumptions about but there is no need to configure Vlan 10 or 20 on the closet switch. I also suggest you get used to using a Vlan other than Vlan1 as your mgmt Vlan.
08-25-2009 03:53 AM
yes, I understand the vlan 1 issue, i'm going to fix that in my next lab, however right now I need to figure out my config errors on the 2 3560s.
08-25-2009 10:36 AM
You don't need the SVI's for vlan 10 and 20 on the closet switch . On the trunk itself you only need vlan 1 and 20 allowed across the trunk. Make sure the layer 2 vlans are created with a show vlan command. Check to make sure ip routing is turned on the core switch , does not have to be on the closet switch. The client nic default gateway needs to point to the core layer 3 ip address of vlan 20 on the closet switch users and the vlan 10 address for users attached to vlan 10 on the core switch.
08-25-2009 12:30 PM
hi glen,
i've modified the trunk ports, but without much luck.
my hosts on vlan 20 cant ping my server on vlan 10, and my hosts on vlan 20 cant ping either adminstrative IPs for either of the 3560 in the design.
08-25-2009 12:54 PM
you wont be able to ping between the vlans without some sort of routing going on. are one of your switches setup with an enterprise image? if so you need to setup some routes, if not you need a router in the picture.
once you fix the trunk problem(encapsulation type missing) you will be able to ping between the management IP's on vlan 1.
think of it as 3 pathways that never cross. you cannot ping an ip on a different path than the one it originated from without routing between the networks.
1:IP~A1--------------------1:IP~A2
10:NA----------------------10:IP-B2
20:NA----------------------20:IP-C2
might reply back with a /show version for both of your 3560's to clarify this.
08-25-2009 12:21 PM
you might try adding the line "switchport trunk encapsulation dot1q" on your trunked interfaces. might check to make sure they are both on the same vtp domain as well.
08-25-2009 01:13 PM
the ports are already dot1q
CLOSET#show int trunk
Port Mode Encapsulation Status Native vlan
Gig0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Gig0/1 1,20
Port Vlans allowed and active in management domain
Gig0/1 1,20
Port Vlans in spanning tree forwarding state and not pruned
Gig0/1 1,20
im not using vpt, choosing to create my trunks manually.
this is all being done in Packet Tracer.
CORE#show ver
Cisco IOS Software, C3560 Software (C3560-ADVIPSERVICESK9-M), Version 12.2(37)SE1, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Thu 05-Jul-07 22:22 by pt_team
Image text-base: 0x00003000, data-base: 0x01500000
ROM: C3560 Boot Loader (C3560-HBOOT-M) Version 12.2(25r)SEC, RELEASE SOFTWARE (fc4)
08-26-2009 04:00 AM
There really isn't much there , the trunk looks ok . On the closet switch do you have a ip default gateway or a default static route in your config if routing is turned on for vlan 1? Should be the core ip address for vlan 1 . On the closet switch does vlan 20 show up and active with a show vlan command with ports assigned to it ? Is this all software driven or is it actual hardware you are playing with ?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: