cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
958
Views
0
Helpful
9
Replies

need configuration exmamples for 3560 small network

toronto_guy
Level 1
Level 1

Hello,

I'm currently doing some lab exercises in Packet Tracer.

I'm trying to setup a small network with 2x 3560 switches and 3 vlans. 1 vlan for network management, one vlan for servers and one vlan for users.

I'm running into issues where my lab exercises don't seem to work properly, and i'm not sure what im doing wrong. I learn fairly well "by example" and was wondering if anyone can point me to some examples of such a setup.

9 Replies 9

toronto_guy
Level 1
Level 1

further, here is the layout of my lab and the packet tracer file.

here are the configs of my 2 3560. i've cut out ports no important to the lab

CORE 3560

Current configuration : 1399 bytes

!

version 12.2

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname CORE

!

ip routing

!

!

no ip domain-lookup

!

interface FastEthernet0/10

switchport access vlan 10

switchport mode access

!

interface GigabitEthernet0/1

description link_to_closet_switch

switchport trunk allowed vlan 1,10,20

switchport mode trunk

!

interface Vlan1

ip address 192.168.1.1 255.255.255.0

!

interface Vlan10

description server_vlan

ip address 192.168.10.1 255.255.255.0

!

interface Vlan20

description user_vlan

ip address 192.168.20.1 255.255.255.0

!

ip classless

============

CLOSET 3560

version 12.2

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname CLOSET

!

ip routing

!

no ip domain-lookup

!

interface FastEthernet0/10

switchport access vlan 20

switchport mode access

!

interface FastEthernet0/11

switchport access vlan 20

switchport mode access

!

interface GigabitEthernet0/1

description link_to_core_switch

switchport trunk allowed vlan 1,10,20

switchport mode trunk

!

interface GigabitEthernet0/2

!

interface Vlan1

ip address 192.168.1.2 255.255.255.0

!

interface Vlan10

description server_vlan

no ip address

!

interface Vlan20

description user_vlan

no ip address

!

ip classless

!

line con 0

line vty 0 4

login

I'm making some assumptions about but there is no need to configure Vlan 10 or 20 on the closet switch. I also suggest you get used to using a Vlan other than Vlan1 as your mgmt Vlan.

yes, I understand the vlan 1 issue, i'm going to fix that in my next lab, however right now I need to figure out my config errors on the 2 3560s.

You don't need the SVI's for vlan 10 and 20 on the closet switch . On the trunk itself you only need vlan 1 and 20 allowed across the trunk. Make sure the layer 2 vlans are created with a show vlan command. Check to make sure ip routing is turned on the core switch , does not have to be on the closet switch. The client nic default gateway needs to point to the core layer 3 ip address of vlan 20 on the closet switch users and the vlan 10 address for users attached to vlan 10 on the core switch.

hi glen,

i've modified the trunk ports, but without much luck.

my hosts on vlan 20 cant ping my server on vlan 10, and my hosts on vlan 20 cant ping either adminstrative IPs for either of the 3560 in the design.

you wont be able to ping between the vlans without some sort of routing going on. are one of your switches setup with an enterprise image? if so you need to setup some routes, if not you need a router in the picture.

once you fix the trunk problem(encapsulation type missing) you will be able to ping between the management IP's on vlan 1.

think of it as 3 pathways that never cross. you cannot ping an ip on a different path than the one it originated from without routing between the networks.

1:IP~A1--------------------1:IP~A2

10:NA----------------------10:IP-B2

20:NA----------------------20:IP-C2

might reply back with a /show version for both of your 3560's to clarify this.

droberts1214
Level 1
Level 1

you might try adding the line "switchport trunk encapsulation dot1q" on your trunked interfaces. might check to make sure they are both on the same vtp domain as well.

the ports are already dot1q

CLOSET#show int trunk

Port Mode Encapsulation Status Native vlan

Gig0/1 on 802.1q trunking 1

Port Vlans allowed on trunk

Gig0/1 1,20

Port Vlans allowed and active in management domain

Gig0/1 1,20

Port Vlans in spanning tree forwarding state and not pruned

Gig0/1 1,20

im not using vpt, choosing to create my trunks manually.

this is all being done in Packet Tracer.

CORE#show ver

Cisco IOS Software, C3560 Software (C3560-ADVIPSERVICESK9-M), Version 12.2(37)SE1, RELEASE SOFTWARE (fc1)

Copyright (c) 1986-2007 by Cisco Systems, Inc.

Compiled Thu 05-Jul-07 22:22 by pt_team

Image text-base: 0x00003000, data-base: 0x01500000

ROM: C3560 Boot Loader (C3560-HBOOT-M) Version 12.2(25r)SEC, RELEASE SOFTWARE (fc4)

There really isn't much there , the trunk looks ok . On the closet switch do you have a ip default gateway or a default static route in your config if routing is turned on for vlan 1? Should be the core ip address for vlan 1 . On the closet switch does vlan 20 show up and active with a show vlan command with ports assigned to it ? Is this all software driven or is it actual hardware you are playing with ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco