Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Inner Vlan Comunication problems

HI, i have decide to ask because i have no more ideas. I come here to ask for your help.

im having the fallowing issues:

Vlan x used for clients on a location:

  • Can receive DHCP in all zones of the distribution network
  • In some zones you get DHCP but cant ping GW and CAN browse and ping other networks
  • In other zones you can ping GW ( no problem  here)

I did sniff some packs but i did not detect any Man in The Middle attack, no mac or arp floods etc

Vlan y used for Switches management vlan and some servers:

  • Nagios: can ping all segments of the network
  • Cant ping some Switches on the same vlan y (those sw that it cannot ping are the same access sw that use vlan x for users)

I have checked cam table, it all seams to be OK , no incomplete entries or wrong MAC address


I have also check ARP table

Im also having the message popup i have search this notification and everybody says that it means an native vlan mismatch or encapsulation configuration, but my sw have the same native vlan on all sides (Vlan0060). Don't rly know why is Vlan1 being mention its not used as native.

%SPANTREE-2-BLOCK_PVID_PEER: Blocking GigabitEthernet0/25 on VLAN0001. Inconsistent peer vlan.

%SPANTREE-2-BLOCK_PVID_LOCAL: Blocking GigabitEthernet0/25 on VLAN0060. Inconsistent local vlan

Now for the structure

We have the core in our Data center and from there is distributed to the sectors of my work place

Core= 3750 -3560

Access= CE500

CoreSw>Data center SW >>Servers

|

Location1 Core

|                      |               |

Access Sw    Acces Sw   Acess Sw

                                          |

                                         Access Sw

Like that(but its abigger scnario), there is no redundancy in the location 1 core so its hard for a SPT loop to form. its all downstream

Any thing else you woul like to ask. Please Ask.

Regards


A little Mouse

***********************Wont let me post reply so ill update from here**********************************

sure. posting the hole interface config and swicthport status

Distribution side

interface GigabitEthernet1/0/1

switchport trunk encapsulation dot1q

switchport trunk native vlan 60

switchport mode trunk

spanning-tree guard loop

interface GigabitEthernet1/0/2

switchport trunk encapsulation dot1q

switchport trunk native vlan 60

switchport mode trunk

spanning-tree guard loop

interface GigabitEthernet1/0/3

switchport trunk encapsulation dot1q

switchport trunk native vlan 60

switchport mode trunk

spanning-tree guard loop

interface GigabitEthernet1/0/4

switchport trunk encapsulation dot1q

switchport trunk native vlan 60

switchport mode trunk

spanning-tree guard loop

interface GigabitEthernet1/0/5

switchport trunk encapsulation dot1q

switchport trunk native vlan 60

switchport mode trunk

spanning-tree guard loop

interface GigabitEthernet1/0/6

switchport trunk encapsulation dot1q

switchport trunk native vlan 60

switchport mode trunk

spanning-tree guard loop

nterface GigabitEthernet1/0/8

switchport trunk encapsulation dot1q

switchport trunk native vlan 60

switchport mode trunk

spanning-tree guard loop

interface GigabitEthernet1/0/9

description To_SW_FUN_PRI_DR09

switchport trunk encapsulation dot1q

switchport trunk native vlan 60

switchport mode trunk

spanning-tree guard loop

interface GigabitEthernet1/0/10

switchport trunk encapsulation dot1q

switchport trunk native vlan 60

switchport mode trunk

spanning-tree guard loop

interface GigabitEthernet1/0/11

switchport trunk encapsulation dot1q

switchport trunk native vlan 60

switchport mode trunk

spanning-tree guard loop

this goes the same for all interfaces

sh interfaces gigabitEthernet 1/0/1 switchport

Name: Gi1/0/1

Switchport: Enabled

Administrative Mode: trunk

Operational Mode: trunk

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: dot1q

Negotiation of Trunking: On

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 60 (Interswitches)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: false

Unknown unicast blocked: disabled

Unknown multicast blocked: disabled

Appliance trust: none

Access Side

To G1/0/1

interface GigabitEthernet1

description To distribution g1/0/1

switchport trunk native vlan 60

switchport mode trunk

ip arp inspection trust

srr-queue bandwidth share 10 10 45 35

srr-queue bandwidth shape  10  0  0  0

udld port aggressive

mls qos trust cos

macro description cisco-switch

spanning-tree link-type point-to-point

ip dhcp snooping trust

TO G1/0/2

interface GigabitEthernet1

switchport trunk native vlan 60

switchport mode trunk

ip arp inspection trust

srr-queue bandwidth share 10 10 45 35

srr-queue bandwidth shape  10  0  0  0

mls qos trust cos

macro description cisco-switch

spanning-tree link-type point-to-point

ip dhcp snooping trust

TO G1/0/3

interface GigabitEthernet1

switchport trunk native vlan 60

switchport mode trunk

ip arp inspection trust

srr-queue bandwidth share 10 10 45 35

srr-queue bandwidth shape  10  0  0  0

mls qos trust cos

macro description cisco-switch

spanning-tree link-type point-to-point

ip dhcp snooping trust

TO G1/0/4

interface GigabitEthernet1

switchport trunk native vlan 60

switchport mode trunk

srr-queue bandwidth share 10 10 45 35

srr-queue bandwidth shape  10  0  0  0

udld port aggressive

mls qos trust cos

macro description cisco-switch

spanning-tree link-type point-to-point

ip dhcp snooping trust

TO G1/0/5

interface GigabitEthernet1

switchport trunk native vlan 60

switchport mode trunk

ip arp inspection trust

srr-queue bandwidth share 10 10 45 35

srr-queue bandwidth shape  10  0  0  0

mls qos trust cos

macro description cisco-switch

spanning-tree link-type point-to-point

ip dhcp snooping trust

TO G1/0/6

interface GigabitEthernet1

switchport trunk native vlan 60

switchport mode trunk

ip arp inspection trust

srr-queue bandwidth share 10 10 45 35

srr-queue bandwidth shape  10  0  0  0

mls qos trust cos

macro description cisco-switch

spanning-tree link-type point-to-point

ip dhcp snooping trust

TO G1/0/8

interface GigabitEthernet1

switchport trunk native vlan 60

switchport mode trunk

ip arp inspection trust

srr-queue bandwidth share 10 10 45 35

srr-queue bandwidth shape  10  0  0  0

mls qos trust cos

macro description cisco-switch

spanning-tree link-type point-to-point

ip dhcp snooping trust

TO G1/0/9

interface GigabitEthernet1

switchport trunk native vlan 60

switchport mode trunk

ip arp inspection trust

srr-queue bandwidth share 10 10 45 35

srr-queue bandwidth shape  10  0  0  0

mls qos trust cos

macro description cisco-switch

spanning-tree link-type point-to-point

ip dhcp snooping trust

TO G1/0/10

interface GigabitEthernet1

switchport trunk native vlan 60

switchport mode trunk

srr-queue bandwidth share 10 10 45 35

srr-queue bandwidth shape  10  0  0  0

udld port aggressive

mls qos trust cos

macro description cisco-switch

spanning-tree link-type point-to-point

ip dhcp snooping trust

TO G1/0/11

interface GigabitEthernet1

switchport trunk native vlan 60

switchport mode trunk

srr-queue bandwidth share 10 10 45 35

srr-queue bandwidth shape  10  0  0  0

udld port aggressive

mls qos trust cos

macro description cisco-switch

spanning-tree link-type point-to-point

ip dhcp snooping trust

And this goes the same for the access sw

Name: Gi1

Switchport: Enabled

Administrative Mode: trunk

Operational Mode: trunk

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: dot1q

Negotiation of Trunking: On

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 60 (Interswitches)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: false

Unknown unicast blocked: disabled

Unknown multicast blocked: disabled

Appliance trust: none

Everyone's tags (3)
1 REPLY

Inner Vlan Comunication problems

Can you post the trunk configurations on each switch?

275
Views
0
Helpful
1
Replies
CreatePlease to create content