08-05-2013 08:54 PM - edited 03-07-2019 02:46 PM
Hi all!
I Just recieved a work order in a customers network and I have a question.
I have a layer 3 switch with a vlan configured with a ip address and the vlan is tied to uplink with switchport access vlan XX. Now can I combine this configuration with a subif on the uplink and configure this to recieve a tagged vlan layer 2?
08-05-2013 09:28 PM
You can pass tagged and untagged traffic over an uplink, if that is what you're asking. You would set the switchport to mode trunk and set the trunk native VLAN to the current untagged VLAN.
Sent from Cisco Technical Support Android App
08-05-2013 10:42 PM
Hi Anders,
please, can you provide us with more information about your problem? If you would be so kind and tell us, what exactly are you trying to achieve, maybe we could suggest even better solution.
Now can I combine this configuration with a subif on the uplink and configure this to recieve a tagged vlan layer 2?
Where is the "uplink"? Is it the port of the switch? I'm afraid that you can't use subinterfaces on a switch. If you want to tag traffic, you should use trunk as Mike pointed out.
If by "uplink" you are referring trunk that is connected to other device (Router witch vlan subinterfaces, so called Router-on-a-stick), why would you have SVI with ip routing enabled on switch for that vlan and also some subinterface for it on other device?
Please, let us know.
Best regards,
Jan
08-05-2013 11:12 PM
The provider deliver a ptp link on Fa0/23/vlan 2 and I would like to be able to solve this without any interruption on current traffic. This is the current config.
interface FastEthernet0/23
switchport access vlan 2
switchport mode access
snmp trap mac-notification change added
snmp trap mac-notification change removed
spanning-tree portfast
spanning-tree bpduguard enable
ip dhcp snooping trust
end
SWITCH#sh run int vlan 2
Building configuration...
!
interface Vlan2
ip address 10.117.10.5 255.255.255.0
no ip route-cache
end
The thing is that the provider are going to send us a tagged vlan on Fa0/23 that will be configured for Internet traffic. My idea was to create a subinterface on Fa0/23 and receive the traffic from the provider.
Something like:
interface FastEthernet0/23.100
Description Internets
encapsulation dot1Q 100
interface vlan 100
description Internets
Should this do the trick or am I having a seizure?
08-05-2013 11:50 PM
As Jan mentioned, you cannot do subinterfaces on a switch. The equivalent is vlan trunking. If you set the native vlan to 2, that will leave vlan 2 untagged on the trunk. Then you can set the interface in trunk mode to accept tagged traffic with just a small blip, if any, in existing traffic.
I would also enable portfast trunk and disable bpduguard if this is a trusted interface.
interface FastEthernet0/23
switchport trunk native vlan 2
switchport trunk allowed vlan 2,100
switchport mode trunk
Regards,
Mike
08-05-2013 11:59 PM
Hi Anders,
I see...
There are more things to say, so first of all, do you have switch that supports subinterfaces? Not many do, actually...only some of the higher series.
If yes, you can do this by using L3 ports, but you need to assign ip address to this interface
interface FastEthernet0/23.100
Description Internets
encapsulation dot1Q 100
ip add x.x.x.x x.x.x.x
now, as you will create interfaces like this, you will effectively turn this port into "L3 mode" so I don't see the point in issuing
interface vlan 100
description Internets
as In my opinion, it doesn't really matter. As you receive traffic with tag 100 on interface fa0/23, that port will deencapsulate the whole frame - thus removing the tag as well. It behaves just like simple L3 port. And regarding the routing, the x.x.x.x /xx will be directly connected, no problem there ( if ip routing globally enabled ). When sending traffic back to the provider, the frames will have tag 100 again.
So, if you use L3 subinterfaces, you should assign ip addresses to them.
But I see that you have access vlan configured on that port... so you can't use subinterfaces if you want the port to be normal L2 switchport also. Either you decide to make it a trunk, as Mike suggested (thus the port will stay in L2 mode, and vlan2 will be tagged upon receipt) or you make everything "routed", by making it L3 port with subinterfaces, if your switch can do that.
I just mentioned all of that possibilities, even if they are not quite straightforward, because I want you to know that you have an option. Moreover, I don't want to simply say - use this or use that. It is always better to have a discussion and think about it little bit more.
The easiest way I see, however, is using L2 trunk. After setting the trunk up, configure interface vlan 100 with IP address and enable ip routing, so you can route between different VLANs.
Best regards,
Jan
08-06-2013 11:03 PM
Thank you for your time and we did configure a trunk and so on and it is working fine. A small interuption in the customers traffic was not a problem after all.
Thanks again!
08-07-2013 12:28 AM
Dear Friend,
Can you elaborate, what the scenario was and what you found there ..???
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide