I have an issue with a 6500 trunk, this unit has a SUP720 and multiple 6148-GE-TX cards. The configuration is a simple one, and has a simple fix. I have VLAN 203 on two ports, one port simply has an end station on it and the other port has a 2851 router on it. The port configurations are as follows:
Port on 6500 that has router plugged in:
switchport mode trunk
Standard end station port on 6500:
switchport access vlan 203
switchport mode access
Router port config:
no ip address
encapsulation dot1Q 203
ip address 220.127.116.11 255.255.255.252
encapsulation dot1Q 2085
ip address 18.104.22.168 255.255.255.252
crypto map gxsoho
The above configuration does not work, but the fix is to simply install a small stackable switch in between the 6500 and the router, one port in and one port out of the 2924. These two ports on the 2924 are simply configured as follows, with no additional config:
switchport trunk encapsulation dot1q
switchport mode trunk
I do not understand why the 6500 deals with these trunks differently to other low end swicthes, I have even tried adding VLAN 1 to the 2851 incase it was a native VLAN issue, interestingly if i change the native vlan on the 2924 to anything other than vlan 1 the link is also broken, so any help would be very much appreciated.
I have never seen where the 6500 trunks any different than any other IOS switch . I'm wondering if the 2851 actually supports extended vlans even though it takes the command . If you change the native vlan from 1 it will break the trunk because the native is 1 and the native vlan must match on both ends . If you change to something other than 1 on "both" ends it should work fine , we do it all the time . Whats not working ? Is vlan 2085 created on the 6500 ? Verify with the show vlan command . The config looks like it should work other than i would verify that you can use a extended vlan number in the 2851. Also specify the encapsulation method on the 6500 end also because it may default to ISL which will not work if the router is dot1q.
Thanks for all of the replies, i cannot get access to the switch until Monday to obtain some of the info requested. The trunks are definately dot1q as i do not get the option to set encapsulation dot1q on the IOS for these interfaces. This is actually part of a another problem that i posted a while ago and still have not resolved, but i was hoping that this simpler scenario would point me in the right direction. I have run packet captures on the two switches and actually monitored the port that the router is connected to, i compared the packets that leave the swith and cannot see any difference between them, they are tagged and the packets seem to be the same. The issue in this problem is different from another post shown below in that i do see the 6500 switching the packets and directing them towards the router. The router is an ISP managed unit so i do not have acces to it. Basically i can see the end station sending a request out to a device on the WAN and it always gets a response (this packet is about 300bytes). It then makes a request to another device on a different subnet on the WAN with a 64byte packet and it never sees a response. Upon further testing i found that setting up a machine to mimic the end station that i could always ping the far end device with a command prompt but it fails when i use a utility like superscan. It seems that some packets get through and others dont but it is always the same packets that fail. This then starts to look the same as i original post below. The main difference between the two problems is that the with initial problem the 6500 does not seem to even switch the packets they just seem to disapear. There are no drops on interfaces and i have looked for the lost packets on all VLANS and i cannot find them anywhere. Please see original post below, i have modified this slightly following further investigation:
I have a strange problem on a pair of 6500's. The configuration is such that both units are connected together via a port channel dot1q trunk that allows all vlans. One of the switches is running the inter vlan routing with the gateway addresses for clients on the vlan interface of the switch. This unit is also running DHCP for the voice vlan. The problem is that when a phone is plugged into a voice/data enabled port on the non routing switch it fails connectivity to most other devices including the gateway configured on the 6500. I have run a span on the phone port and can see all of the dhcp requests fine and this works, but i do not see the arp requests to the gateway. I then plugged a hub into the phone port along with an analyser and can see the phone making the arp request to the gateway time after time with no response. I have checked the vlan id/ MAC addresses of packets and the arp/ MAC cache in both 6500's and this seems fine. Clearing the arp table on the routing 6500 allows connectivity. If i leave the phone connected for a while the connectivity seems to be OK, by which time the phone has given up looking for an ftp server. Interestingly if the FTP server is off of the 6500, i.e on a remote subnet it can always connect but it fails when it is trying to communicate with a local server on the same VLAN/subnet.Since the post i have now disabled the port channel and am just running a single dot1q trunk between the switches and i am still having the same problems. The routing switch is the root, but i have only just made this change.Everything shows OK in both MAC and ARP tables on the 6500's. I think the forwarding and VLAN/ARP is all good because if i plug a phone into a static non trunked port in either the data or voice vlan it just works. The problem i have is when the phone is in a voice vlan enabled port on the secondary 6500.
Thanks for you time in reading this rambling post.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...