Management vlan connectivity 2900xl Catalyst

Unanswered Question
Aug 13th, 2010
User Badges:

Hello all,

We have a Nortel 8310 that serves as our ethernet router.  To this will be two catalyst 2900xls amoung other nortel switches.

We have voip phones, and computers attached to the phones internal switch. That duo is connected to a single port.

Thus we need vlans to sort the traffic.


The computers are set as vlan 5 for this building.

The phones are set as vlan 10 for this building.

Vlan 5 network 172.24.1.0/24

Vlan 10 network 172.24.4.0/24


The management vlan for all switches is 6.

Vlan 6 network 172.20.3.0/24


I have set up multivlan ports, 5 and 10 on all ports except:

fa 0/1 which will be a local troubleshooting port.  It has vlan 6 only.

fa 0/24 which will be connected to the routing switch.  It will have all 3 vlans.


The routing switch has all traffic coming from the 2900xl switch as default vlan of 5.  So if a computer is plugged into the switch anywhere, it will be on the correct vlan.  The phones are set to use vlan 10 on the phones themselves.

This is tested and working properly.


The issue comes into communicating with the management IP.

These are the commands issued:


enable

config t

int vlan 6

ip address 172.20.3.12 255.255.255.0

management



I know the issue is that the routing switch has an ip of 172.24.1.1/24 on the vlan 5, and all non tagged traffic counts as vlan 5, so when we try to connect to the 172.20.3.x network through that port, it doesn't work, as it is not on the 24.1.x network.


How can we resolve this to have the management ip forward its vlan tag as 6?


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Nagaraja Thanthry Fri, 08/13/2010 - 11:52
User Badges:
  • Cisco Employee,

Hello,


If I understand you right, you are trying to configure VLAN 6 as management

VLAN on 2900XL switches. You also stated that the uplink port (Fa 0/24) has

all 3 VLANs enabled (I am assuming that it is configured as a trunk or

multi-vlan port). Do you have a Layer 3 interface for VLAN 6 with 172.16.3.x

address on the routing switch? Also, what is the default gateway on 2900XL

devices?


Please create a Layer 3 interface for VLAN 6 on routing device and point the

default gateway of 2900XL's to that IP. That should fix the issue.


Hope this helps.


Regards,


NT

ns0205 Fri, 08/13/2010 - 12:48
User Badges:

If I understand you right, you are trying to configure VLAN 6 as management

VLAN on 2900XL switches.


Correct, vlan 6 is used by all switches in our environment on the 172.20.3.0/24 network.


You also stated that the uplink port (Fa 0/24) has

all 3 VLANs enabled (I am assuming that it is configured as a trunk or

multi-vlan port).


Multi-vlan, you cannot create a trunk when any port on the switch is configured as a multi-vlan


Do you have a Layer 3 interface for VLAN 6 with 172.16.3.x

address on the routing switch?


I think you mean the 172.20.3.x?  Yes, it's address for vlan 6 is 172.20.3.1/24, and it works for all the other switches in our environment.


Also, what is the default gateway on 2900XL devices?


The devices attached?  Configured by dhcp scopes they are the router's vlan ip, 172.24.1.1 and 172.24.4.1.



Please create a Layer 3 interface for VLAN 6 on routing device and point the

default gateway of 2900XL's to that IP. That should fix the issue.

Did:

en
config t
int vlan 6
ip address 172.20.3.12 255.255.255.0
management
exit
ip default-gateway 172.20.3.1
exit



Still cannot ping it from anywhere besides itself.


The router NEEDS to see replies from the vlan6 as tagged with vlan id of 6 or it will assign it the vlan 5 and not be able to route it because of the network.

Nagaraja Thanthry Fri, 08/13/2010 - 12:54
User Badges:
  • Cisco Employee,

Hello,


Can you post the output of "show interface vlan 6" from the switch in

question? Also, please post the output of "show spanning-tree vlan 6"

command.


Regards,


NT

ns0205 Fri, 08/13/2010 - 13:04
User Badges:

Sure,

Thanks for the replies.


show int vlan 6

VLAN6 is up, line protocol is up

Hardware is CPU Interface, address is (xxx.xxxxxxx.xxxxxxxxx etc)

Internet address is 172.20.3.12/24

MTU 1500 bytes, BW 10000Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA

ARP type: ARPA, ARP Timeout 04:00:00


show spanning-tree vlan 6

Spanning tree 6 is executing the IEEE compatible Spanning Tree protocol
  Bridge Identifier has priority 32768, address 0002.7d29.d941
  Configured hello time 2, max age 20, forward delay 15
  We are the root of the spanning tree
  Topology change flag not set, detected flag not set, changes 1
  Times:  hold 1, topology change 35, notification 2
          hello 2, max age 20, forward delay 15
  Timers: hello 1, topology change 0, notification 0

Interface Fa0/1 (port 13) in Spanning tree 6 is down
   Port path cost 19, Port priority 128
   Designated root has priority 32768, address 0002.7d29.d941
   Designated bridge has priority 32768, address 0002.7d29.d941
   Designated port is 13, path cost 0
   Timers: message age 0, forward delay 0, hold 0
   BPDU: sent 0, received 0

Interface Fa0/24 (port 38) in Spanning tree 6 is FORWARDING
   Port path cost 19, Port priority 128
   Designated root has priority 32768, address 0002.7d29.d941
   Designated bridge has priority 32768, address 0002.7d29.d941
   Designated port is 38, path cost 0
   Timers: message age 0, forward delay 0, hold 0
   BPDU: sent 1122, received 0

Nagaraja Thanthry Fri, 08/13/2010 - 13:09
User Badges:
  • Cisco Employee,

Hello,


Can you please post the output of "show run interface " for

both the interface connected to 2900XL and interface corresponding to VLAN

6?


Regards,


NT

ns0205 Fri, 08/13/2010 - 13:18
User Badges:

show run int vlan 6

Current configuration:

!

interface VLAN6

ip address 172.20.3.12 255.255.255.0

no ip directed-broadcast

no ip route-cache

end



show run int fa 0/24

Current configuration:

!

interface FastEthernet0/24

description alt-1

switchport access vlan 6

switchport multi vlan 5,6,10

switchport mode multi

end


fa 0/24 is the port used to connect to the router.

Nagaraja Thanthry Fri, 08/13/2010 - 13:22
User Badges:
  • Cisco Employee,

Hello,


Can we get the router side the configuration for corresponding interfaces?


Regards,


NT

ns0205 Fri, 08/13/2010 - 13:32
User Badges:

vlan create 6 name "6 - switch management" type port 1
no vlan members 6 2/1-2/48,3/1-3/48,4/1-4/48,7/1-7/42,7/45-7/48,8/1-8/42,8/45-8/48 portmember
vlan members 6 5/1-5/8,6/1-6/8,7/43-7/44,8/43-8/44,10/1-10/8 portmember
interface VLAN 6
ip address 172.20.3.1 255.255.255.0


vlan ports 8/43 tagging untagPvidOnly
interface GigabitEthernet 8/43
encapsulation dot1q


interface GigabitEthernet 8/43
default-vlan-id 5


thats everything that pertains to vlan 6 and port 8/43 where the catalyst is plugged into.

It shows that everything that doesn't have a vlan tag, gets tagged as vlan 5.


vlan 5 network is 172.24.1.X so it doesn't know what to do with 172.20.3.x

Nagaraja Thanthry Fri, 08/13/2010 - 13:38
User Badges:
  • Cisco Employee,

Hello,


If I understand your configuration right, on the router side, VLAN 5 is the

native vlan for that port and on the switch side, VLAN 6 is the native vlan.

Can you change the native vlan to 5 on both sides and see if that helps?


Regards,


NT

ns0205 Fri, 08/13/2010 - 13:47
User Badges:

Correct on the 8310, the default vlan traffic unless specified, is 5, so that workstations plugged in will get onto that network.

On the catalyst, I just changed port 0/24 switchport access vlan 5.


No change.

Nagaraja Thanthry Fri, 08/13/2010 - 13:54
User Badges:
  • Cisco Employee,

Can you issue the "show int vlan 6" on 2900XL again and see if the interface

is up?


Regards,


NT

ns0205 Fri, 08/13/2010 - 13:55
User Badges:

still up, address is still 172.20.3.12/24

I will check back on forums quite a bit later tonight, hope some time can figure out a resolution.  Thanks for the help so far!

Nagaraja Thanthry Fri, 08/13/2010 - 15:51
User Badges:
  • Cisco Employee,

Hello,


I think the issue could be with the uplink device not able to accept vlan 6

traffic. Can you make sure that the router interface is allowing vlan 6

traffic?


Regards,


NT

ns0205 Sat, 08/14/2010 - 11:13
User Badges:

As I suspected,

The switch management IP did respond to pings, as the traffic was tagged as 6.

The workstation attached on the 172.24.1.2 stopped responding, as it is also tagged as 6.


The workstations vlan 5 needs to be the default vlan for traffic from the catalysts.


So back to the original, is there any way to tell any traffic from INT VLAN 6 to be tagged as vlan 6?

The switch doesn't seem to be tagging anything.

ns0205 Mon, 08/16/2010 - 15:36
User Badges:

We have since given up on this project until a later date.

We have configured the switches as a flat network with all ports having ACCESS mode with vlan 5 set to them, and the vlan5 now has the management address.


If anything comes from this thread, we will re-address this in the future.

Actions

This Discussion