Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3164
Views
0
Helpful
4
Replies

Beginners Question - How to trunk VLAN - Metro Ethernet

Go to solution
srroeder
Level 1
Level 1

‎04-15-2010 12:12 PM - edited ‎03-06-2019 10:38 AM

I have two campuses.  Both with a 6513 switch,  both 6513s have multiple VLANs alerady created on them for different reasons.  These two campuses are connected with a Metro Ethernet.   The port that connects the two switches together is defined as a router port like this

Campus A

interface GigabitEthernet3/1
description Metro Ethernet Campus A
ip address 180.7.151.221 255.255.255.0

Campus B

interface GigabitEthernet3/1

description Metro Ethernet Campus B
ip address 180.7.151.222 255.255.255.0

The Campus A 6513 hs two VLANs that I want to trunk to Campus B.  These VLANs are two DMZ VLANs trunked to the 6513 from our ASA firewall.

How would I do that and maintain a layer 3 conection between these two switches?

Something like this????

Campus A

interface GigabitEthernet3/1
no description Metro Ethernet Campus A
no ip address 180.7.151.221 255.255.255.0

vlan 20
name DMZA
!
vlan 50

name DMZB

interface GigabitEthernet3/1
description Trunk Connection
switchport
switchport trunk encapsulation dot1q
switchport access vlan 151
switchport trunk native vlan 151
switchport trunk allowed vlan 20,50,151
switchport mode trunk

interface Vlan151
ip address 180.7.151.221 255.255.255.0
ip pim sparse-dense-mode

Campus B

interface GigabitEthernet3/1
no ip address 180.7.151.222 255.255.255.0

vlan 20
name DMZA
!
vlan 50
name DMZB


interface GigabitEthernet3/1
description Trunk Connection

switchport
switchport trunk encapsulation dot1q
switchport access vlan 151
switchport trunk native vlan 151
switchport trunk allowed vlan 20,50,151
switchport mode trunk

interface Vlan151
ip address 180.7.151.222 255.255.255.0

All help greatly appreciated............

Labels:
Preview file
474 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to srroeder

‎04-15-2010 12:39 PM 

srroeder wrote:
Thanks for the quick reply,
I thought that is what I was doing,,,,
remove the layer 3 definitions...
interface GigabitEthernet3/1
no description Metro Ethernet Campus A
no ip address 180.7.151.221 255.255.255.0
add the vlans..........

vlan 20
name DMZA
!
vlan 50
name DMZB
change the physical port to a layer 2 trunk port.....
interface GigabitEthernet3/1
description Trunk Connection 
switchport
switchport trunk encapsulation dot1q
switchport access vlan 151
switchport trunk native vlan 151
switchport trunk allowed vlan 20,50,151
switchport mode trunk
create a virtual layer 3 port so I can still route.........
interface Vlan151
ip address 180.7.151.221 255.255.255.0
ip pim sparse-dense-mode
correct??  does the switchport config look correct?
Thanks

Sorry, it was because you left the routed config for gi3/1 in your example, i thought you were trying to use them both at the same time.

Your switchport config is not quite correct -

1) you should use a new vlan for your native vlan. By new i mean not used for anything else. You need to create the vlan at L2 but you don't need a L3 vlan interface for this vlan. This is recommended best practice. So lets use vlan 999 as an example. No end devices should be allocated into this vlan.

2) you don't need a "switchport access vlan .." line if the port is going to be a trunk.

So your config for gi3/1 would look like -

interface GigabitEthernet3/1
description Trunk Connection 
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport trunk allowed vlan 20,50,151
switchport mode trunk

Jon

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎04-15-2010 12:20 PM

You can't configure a link as both L3 and a L2 trunk however you can change the link to a trunk and then move the IP addresses assigned to the routed ports to L3 vlan interfaces.

This looks like what you are doing in your config but obviously if you assign the IPs to vlan 151 interface then you must remove it from the physical port ie. gi3/1.

So you would need to remove this config from each switch -

interface GigabitEthernet3/1
no description Metro Ethernet Campus A
no ip address 180.7.151.221 255.255.255.0

the link will now be a L2 trunk link and not a routed link but you can still route across it.

Jon

0 Helpful

Go to solution
srroeder
Level 1
Level 1
In response to Jon Marshall

‎04-15-2010 12:29 PM

Thanks for the quick reply,

I thought that is what I was doing,,,,

remove the layer 3 definitions...

interface GigabitEthernet3/1
no description Metro Ethernet Campus A
no ip address 180.7.151.221 255.255.255.0

add the vlans..........


vlan 20
name DMZA
!
vlan 50

name DMZB

change the physical port to a layer 2 trunk port.....

interface GigabitEthernet3/1
description Trunk Connection
switchport
switchport trunk encapsulation dot1q
switchport access vlan 151
switchport trunk native vlan 151
switchport trunk allowed vlan 20,50,151
switchport mode trunk

create a virtual layer 3 port so I can still route.........

interface Vlan151
ip address 180.7.151.221 255.255.255.0
ip pim sparse-dense-mode

correct??  does the switchport config look correct?

Thanks

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to srroeder

‎04-15-2010 12:39 PM 

srroeder wrote:
Thanks for the quick reply,
I thought that is what I was doing,,,,
remove the layer 3 definitions...
interface GigabitEthernet3/1
no description Metro Ethernet Campus A
no ip address 180.7.151.221 255.255.255.0
add the vlans..........

vlan 20
name DMZA
!
vlan 50
name DMZB
change the physical port to a layer 2 trunk port.....
interface GigabitEthernet3/1
description Trunk Connection 
switchport
switchport trunk encapsulation dot1q
switchport access vlan 151
switchport trunk native vlan 151
switchport trunk allowed vlan 20,50,151
switchport mode trunk
create a virtual layer 3 port so I can still route.........
interface Vlan151
ip address 180.7.151.221 255.255.255.0
ip pim sparse-dense-mode
correct??  does the switchport config look correct?
Thanks

Sorry, it was because you left the routed config for gi3/1 in your example, i thought you were trying to use them both at the same time.

Your switchport config is not quite correct -

1) you should use a new vlan for your native vlan. By new i mean not used for anything else. You need to create the vlan at L2 but you don't need a L3 vlan interface for this vlan. This is recommended best practice. So lets use vlan 999 as an example. No end devices should be allocated into this vlan.

2) you don't need a "switchport access vlan .." line if the port is going to be a trunk.

So your config for gi3/1 would look like -

interface GigabitEthernet3/1
description Trunk Connection 
switchport trunk encapsulation dot1q
switchport trunk native vlan 999
switchport trunk allowed vlan 20,50,151
switchport mode trunk

Jon

0 Helpful

Go to solution
srroeder
Level 1
Level 1
In response to Jon Marshall

‎04-15-2010 12:43 PM

Thanks for clearing that up.........

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card