12-01-2011 03:58 AM - edited 03-07-2019 03:41 AM
I have three 4506 switches with vlan 4 set as the management vlan. Switch 1 is connected to switch 2 and switch 3.
I can access switch 1 and 2 using telnet from the management vlan and both switches reply to pings. But from switch 1 or 2 I cannot ping or telnet switch 3. If I plug into switch 3 and I can ping and telnet switch 3 but not switches 1 or 2.
It is as if the management vlan 4 is not being passed to/from switch 1 and 3. The configs for the uplinks from switch 1 to 2 and 3 are the same. And the configs for switches 2 and 3 look the same apart from the port settings.
I have over 40 vlans running all that work fine between all the switches.
any ideas??
Solved! Go to Solution.
12-05-2011 11:08 AM
Well, I'm almost 99.999% sure once that vlan interface comes up, you should be good to go.
What happens if you kill the vlan4 interfac and recreate it and do a 'no shut' ?
12-01-2011 04:51 AM
Hi Kevin,
2 things to look at initially...
1) Do a "show vlan id 4" on each switch and check to ensure that the vlan is showing up on all your trunk ports.
2) Go onto each of the 4 switches, and do a "show span vlan 4" and compare the outputs?
They should all report the same Root Bridge, and if they don't then there's something wrong with your spanning tree config. There may even be a switching loop somewhere, which you will need to track down.
Nick
12-01-2011 04:55 AM
Do a 'show int trunk' on Swtich 3 and make sure the vlan is accepted on the trunk. Also what NicNac suggested, make sure that the vlan is actually on Switch 3. If these are L2 switches only, then you might have to include the 'ip default-gateway x.x.x.x' command in order for you to access this beyond the management vlan if that's something you want to do. But if your goal is just to access from the management vlan then you shouldn't have to worry about doing that, since you will basically be arping for the ip address on the L2 switch anyway.
12-01-2011 05:43 AM
Thanks I will get someone to site in the morning to get the results from all the switches - Kevin
12-02-2011 02:30 PM
Below are the results. I'm guess it does not work because vlan 4 is missing from the spanning tree on switch 3
Port Vlans in spanning tree forwarding state and not pruned
Po10 8-11,16,19-110,210-279,300-400,410-465
*************************************** SWITCH 1
4507_Dare_01>sh int trunk
Port Mode Encapsulation Status Native vlan
Gi4/6 on 802.1q trunking 1
Po10 on 802.1q trunking 1
Po20 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi4/6 1-500
Po10 1-500
Po20 1-500
Port Vlans allowed and active in management domain
Gi4/6 1-110,123,210-279,300-400,410-465
Po10 1-110,123,210-279,300-400,410-465
Po20 1-110,123,210-279,300-400,410-465
Port Vlans in spanning tree forwarding state and not pruned
Gi4/6 1-110,123,210-279,300-400,410-465
Po10 1-110,123,210-279,300-400,410-465
Po20 1-110,123,210-279,300-400,410-465
4507_Dare_01>sh vlan id 4
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
4 VLAN0004 active Gi3/7, Gi3/46, Gi4/6, Gi5/47
Po10, Po20
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
4 enet 100004 1500 - - - - - 0 0
Remote SPAN VLAN
----------------
Disabled
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
4507_Dare_01>sh span vlan 4
VLAN0004
Spanning tree enabled protocol ieee
Root ID Priority 24580
Address 001a.a1d6.4580
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24580 (priority 24576 sys-id-ext 4)
Address 001a.a1d6.4580
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi3/7 Desg FWD 4 128.135 P2p Edge
Gi3/46 Desg FWD 19 128.174 P2p
Gi4/6 Desg FWD 4 128.198 P2p
Gi5/47 Desg FWD 4 128.303 P2p Edge
Po10 Desg FWD 3 128.650 P2p
Po20 Desg FWD 3 128.660 P2p
*************************************** SWITCH 2
4507_Dare_02>sh int trunk
Port Mode Encapsulation Status Native vlan
Po10 on 802.1q trunking 1
Port Vlans allowed on trunk
Po10 1-500
Port Vlans allowed and active in management domain
Po10 1-110,210-279,300-400,410-465
Port Vlans in spanning tree forwarding state and not pruned
Po10 1-110,210-279,300-400,410-465
4507_Dare_02>sh vlan id 4
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
4 VLAN0004 active Po10
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
4 enet 100004 1500 - - - - - 0 0
Remote SPAN VLAN
----------------
Disabled
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
4507_Dare_02>sh span vlan 4
VLAN0004
Spanning tree enabled protocol ieee
Root ID Priority 24580
Address 001a.a1d6.4580
Cost 3
Port 650 (Port-channel10)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32772 (priority 32768 sys-id-ext 4)
Address 001a.a18b.ce40
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po10 Root FWD 3 128.650 P2p
*************************************** SWITCH 3
4507_Dare_03#sh int trunk
Port Mode Encapsulation Status Native vlan
Po10 on 802.1q trunking 1
Port Vlans allowed on trunk
Po10 1-500
Port Vlans allowed and active in management domain
Po10 1-110,210-279,300-400,410-465
Port Vlans in spanning tree forwarding state and not pruned
Po10 8-11,16,19-110,210-279,300-400,410-465
4507_Dare_03#sh vlan id 4
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
4 VLAN0004 active Gi6/1, Po10
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
4 enet 100004 1500 - - - - - 0 0
Remote SPAN VLAN
----------------
Disabled
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
4507_Dare_03#sh span vlan 4
VLAN0004
Spanning tree enabled protocol ieee
Root ID Priority 24580
Address 001a.a1d6.4580
Cost 3
Port 650 (Port-channel10)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32772 (priority 32768 sys-id-ext 4)
Address 001a.a1d6.45c0
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po10 Root FWD 3 128.650 P2p
12-02-2011 03:08 PM
Port Vlans in spanning tree forwarding state and not pruned
Po10 8-11,16,19-110,210-279,300-400,410-465
This is under Switch 3, it appears that vlan4 is not allowed across the trunk. It looks like
you need to manually map it.
12-02-2011 03:12 PM
The running config for the truck is below which I guess shows that all vlans 1-500 are allowed over the trunk ?
interface Port-channel10
description Etherchannel Link to Comms Room Floor4507 ports 1/1 & 2/1
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1-500
switchport mode trunk
!
interface GigabitEthernet1/1
description Link to Comms Room port 1/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1-500
switchport mode trunk
channel-group 10 mode desirable
!
interface GigabitEthernet1/2
shutdown
!
interface GigabitEthernet2/1
description Link to Comms Room port 2/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1-500
switchport mode trunk
channel-group 10 mode desirable
!
interface Port-channel10
description Etherchannel Link to Comms Room Floor4507 ports 1/1 & 2/1
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1-500
switchport mode trunk
!
interface GigabitEthernet1/1
description Link to Comms Room port 1/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1-500
switchport mode trunk
channel-group 10 mode desirable
!
interface GigabitEthernet1/2
shutdown
!
interface GigabitEthernet2/1
description Link to Comms Room port 2/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1-500
switchport mode trunk
channel-group 10 mode desirable
!
12-02-2011 03:49 PM
Are you running VTP by any chance? It looks like vlan 4 is being pruned.
12-03-2011 12:03 AM
Yep, you've got it...
Switch off VLAN pruning on switch 3 to test.
12-03-2011 01:47 AM
Thanks, I'll check monday morning, I've checked switch 1 and 2 and pruning is off. Have a good weekend.
12-03-2011 09:30 AM
To make the issue easier, can you post/attach the config of the switches?
12-05-2011 08:32 AM
I've checked the switch and pruning is switched off ?
12-02-2011 04:15 PM
Sounds like the management interface of Switch 3 has the wrong subnet mask.
12-02-2011 07:45 PM
Does switch 3 have a default gateway defined for vlan 4 or a default static route for vlan 4 if you have ip routing turned on for switch 3 ? Who is doing the routing for vlan 4 , the mgt vlan ?
12-05-2011 09:02 AM
From looking at the following it doesn't appear that vlan 4 is allowed on the trunk link from Switch 3 to Switch 1.
Port Vlans in spanning tree forwarding state and not prund
po10 8-11,16,19-110,210-279,300-400,410,465
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: