I Just recieved a work order in a customers network and I have a question.
I have a layer 3 switch with a vlan configured with a ip address and the vlan is tied to uplink with switchport access vlan XX. Now can I combine this configuration with a subif on the uplink and configure this to recieve a tagged vlan layer 2?
please, can you provide us with more information about your problem? If you would be so kind and tell us, what exactly are you trying to achieve, maybe we could suggest even better solution.
Now can I combine this configuration with a subif on the uplink and configure this to recieve a tagged vlan layer 2?
Where is the "uplink"? Is it the port of the switch? I'm afraid that you can't use subinterfaces on a switch. If you want to tag traffic, you should use trunk as Mike pointed out.
If by "uplink" you are referring trunk that is connected to other device (Router witch vlan subinterfaces, so called Router-on-a-stick), why would you have SVI with ip routing enabled on switch for that vlan and also some subinterface for it on other device?
The provider deliver a ptp link on Fa0/23/vlan 2 and I would like to be able to solve this without any interruption on current traffic. This is the current config.
switchport access vlan 2
switchport mode access
snmp trap mac-notification change added
snmp trap mac-notification change removed
spanning-tree bpduguard enable
ip dhcp snooping trust
SWITCH#sh run int vlan 2
ip address 10.117.10.5 255.255.255.0
no ip route-cache
The thing is that the provider are going to send us a tagged vlan on Fa0/23 that will be configured for Internet traffic. My idea was to create a subinterface on Fa0/23 and receive the traffic from the provider.
encapsulation dot1Q 100
interface vlan 100
Should this do the trick or am I having a seizure?
As Jan mentioned, you cannot do subinterfaces on a switch. The equivalent is vlan trunking. If you set the native vlan to 2, that will leave vlan 2 untagged on the trunk. Then you can set the interface in trunk mode to accept tagged traffic with just a small blip, if any, in existing traffic.
I would also enable portfast trunk and disable bpduguard if this is a trusted interface.
There are more things to say, so first of all, do you have switch that supports subinterfaces? Not many do, actually...only some of the higher series.
If yes, you can do this by using L3 ports, but you need to assign ip address to this interface
encapsulation dot1Q 100
ip add x.x.x.x x.x.x.x
now, as you will create interfaces like this, you will effectively turn this port into "L3 mode" so I don't see the point in issuing
interface vlan 100
as In my opinion, it doesn't really matter. As you receive traffic with tag 100 on interface fa0/23, that port will deencapsulate the whole frame - thus removing the tag as well. It behaves just like simple L3 port. And regarding the routing, the x.x.x.x /xx will be directly connected, no problem there ( if ip routing globally enabled ). When sending traffic back to the provider, the frames will have tag 100 again.
So, if you use L3 subinterfaces, you should assign ip addresses to them.
But I see that you have access vlan configured on that port... so you can't use subinterfaces if you want the port to be normal L2 switchport also. Either you decide to make it a trunk, as Mike suggested (thus the port will stay in L2 mode, and vlan2 will be tagged upon receipt) or you make everything "routed", by making it L3 port with subinterfaces, if your switch can do that.
I just mentioned all of that possibilities, even if they are not quite straightforward, because I want you to know that you have an option. Moreover, I don't want to simply say - use this or use that. It is always better to have a discussion and think about it little bit more.
The easiest way I see, however, is using L2 trunk. After setting the trunk up, configure interface vlan 100 with IP address and enable ip routing, so you can route between different VLANs.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...