Solved: Span VLANs across switches

Rhys Davies · ‎11-06-2013

VLANs are new to me so please forgive me -

We have 5 Cisco sg500x switches. We need to create two vlans across some or all of the switches.

I have been successful in creating vlan1 on one switch and excluding and including ports to segregate traffic. My problem is I can’t get the other switches to see vlan1 that was created on the original switch. I have enabled gvrp on all switches and ports assigned to the vlan but no luck in getting vlan1 devices to communicate across switches. How do I make this work? I think my main problem is creating uplink ports between the switches to carry the vlan across.

How do I go about spanning vlans across the switches?

Many thanks

rfalconer.sffcu · ‎11-08-2013

Can you set port 3 on both sides to access/tagged?

Again, I'm not familiar with this switch model and it's command set is different from typical Cisco IOS. This should tag the traffic as being vlan2 so it can pass over the trunk.

Do you have more than 1 connection between the switches? I'm not sure why STP forwarding would be a warning message.

View solution in original post

Rhys Davies · ‎11-07-2013

Ok have turned off gvrp. Deleted all vlans. Created vlan2 on switch 1 and then on switch 2. Added ports 2,3 and 4 to vlan2 on both switches. Used port 2 on both switches as the uplink port to connect the two devices. Can still only ping to and from clients connected to same switch - cannot ping a client on vlan2 on switch 2 from vlan2 on switch 1.

All ports in trunk mode. Any help would be great...

Rhys Davies · ‎11-07-2013

Persisting with this...

In the logs I'm seeing

%CDP-W-NATIVE_VLAN_MISMATCH: Native VLAN mismatch detected on interface gi1/1/21.

On the 'trunk' ports connecting the two switches.

rfalconer.sffcu · ‎11-07-2013

I'm not familiar with the sg500 switch but native vlan misconfiguration can happen on any switch.

On each end of the connection between switches, you need to define a native vlan. The native vlan is for untagged traffic. It must be the same on both sides of a trunk. If it's not configured, it defaults to vlan 1.

I always define it with an un-used vlan so that no traffic will pass untagged.

Just make sure that the interfaces on both sides of the trunk have matching native vlans and you should be ok.

Also, only interfaces that connect to other switches should be configured as trunks. If they are normal endpoints, they should be access ports.

Rhys Davies · ‎11-08-2013

Thanks Robert I think that has got me a bit further in that I'm not getting VLAN MISMATCH error any more. I believe it was because the trunk ports were marked as untagged. I still don't feel I understand the NATIVE VLAN concept or how to set it. If I have the default VLAN(1) and I have the VLAN I am trying to span across two switches (VLAN2) do I then need a 3rd VLAN to be the native for either end of the trunk between the two switches? Anyway this what I've done in more detail -

On Switch 1

Create VLAN 2: VLAN ID 2

Set port 2 as follows: Default VLAN1 = forbidden, VAN2 = trunk, tagged

Set port 3 as follows: Default VLAN1 = forbidden, VAN2 = access, untagged

On Switch 2

Create VLAN 2: VLAN ID 2

Set port 2 as follows: Default VLAN1 = forbidden, VAN2 = trunk, tagged

Set port 3 as follows: Default VLAN1 = forbidden, VAN2 = access, untagged

With rj45 connect port 2 on both switches to each other. Clients connected to port 3 on both switches cannot ping each other across the trunk.

Seeing this in the logs:

Warning: %STP-W-PORTSTATUS:gi1/1/2: STP status Forwarding

IP info:

Default VLAN1 on 172.16.1.0/21

VLAN2 on 172.16.40.0/21

Any suggestions or areas to investigate would be helpful however obvious they may seem to anyone as this is my first effort with a Cisco. Thanks

rfalconer.sffcu · ‎11-08-2013

Can you set port 3 on both sides to access/tagged?

Again, I'm not familiar with this switch model and it's command set is different from typical Cisco IOS. This should tag the traffic as being vlan2 so it can pass over the trunk.

Do you have more than 1 connection between the switches? I'm not sure why STP forwarding would be a warning message.

Rhys Davies · ‎11-11-2013

It was spanning tree. Have taken out one of the links from another switch and it’s all working. Have to work out the correct way to chain them now. Someone else setup the stack so I had just assumed it was right.

Have you got any advice on this? I'm thinking star configuration with trunk links for the vlans - would this work?

Thanks a million Robert.

rfalconer.sffcu · ‎11-11-2013

One thing you should definitely do is set up 1 of the switches as the spanning tree root so that you can understand which links will be active and which will be blocked. It better for you to make the decision vs. letting the switches decide for themselves.

The layout will depend a little on your traffic patterns. Is the majority of the traffic going to end up on 1 switch, like where some servers might be connected? Or is the traffic peer to peer?