Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Minimum Switch Multiple VLANs

We have a core switch that has 77 VLANs in the VTP domain. We are working to get this number down, but right now I have a few older switches that can only deal with 64 vlans. Also I am looking to put some Express 500 switches in our confernece rooms for a NAC deployment. I am sure that the 500s will only see 64 (or less) vlans. I want these switches to take part in the VTP domain as clients.

Questions:

Since I have a limit of only 64 VLANs on the older and I assume Express 500 series, can I pick and choose which VLANs they will talk on? In other words, since they cant talk on and see all 77 VLANs, can I tell the switches "theses all the vlans you need to deal with"?.

And how does that command look on the trunk?

Thanks a million,

P.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: Minimum Switch Multiple VLANs

P

"So as long as my trunk talks all all the vlans involved I am good to go I assume."

Yes, you will be fine.

Jon

17 REPLIES
Hall of Fame Super Blue

Re: Minimum Switch Multiple VLANs

P

You would use the "switchport trunk allowed vlan..." command to limit which vlans could go over the trunk -

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_50_se/command/reference/cli3.html#wp1948736

Jon

New Member

Re: Minimum Switch Multiple VLANs

So this is the easiest way to get around the VLAN limitation right? Or do I need to buy enterprise ready switches for my conference rooms??

Thanks again

Hall of Fame Super Blue

Re: Minimum Switch Multiple VLANs

P

"Or do I need to buy enterprise ready switches for my conference rooms??"

Well how many vlans would you actually need on the switch in the conference rooms. It's unlikely i would have thought to be more than 64.

Remember that just because you only allow say 10 vlans on a trunk link to a switch clients within one of those vlans can still communicate with all the other vlans by routing. It's just that you can't have a client in one of those other vlans on the local switch.

I'm assuming in the above that you do indeed have a device(s) in your network that routes for all vlans.

Jon

New Member

Re: Minimum Switch Multiple VLANs

Jon,

You assumed correctly. We have a core switch that routes for all VLANs.

The conference room switches will be controlled by a Clean Access Server so ideally ports will be initially in an authentication VLAN and then changed to an access VLAN. And depending on the user role there might be three or four access vlans. So as long as my trunk talks all all the vlans involved I am good to go I assume.

Thanks,

P.

Hall of Fame Super Blue

Re: Minimum Switch Multiple VLANs

P

"So as long as my trunk talks all all the vlans involved I am good to go I assume."

Yes, you will be fine.

Jon

New Member

Re: Minimum Switch Multiple VLANs

Hi

I tried the "switchport trunk allowed vlan..." to allow only the first ten vlans but when i do a show vlan on the downstream switch, I still see the first 64 vlans instead of the first ten.

What am i doing wrong?

Thanks.

Hall of Fame Super Blue

Re: Minimum Switch Multiple VLANs

Your'e not doing anything wrong. The switchport allowed vlan command does not clear vlans from the switch vlan database, it simply determines which vlans are allowed on the trunk.

If the 10 vlans are included within the 64 then you are fine, you don't have to do anything.

If the 10 vlans are not included in the 64 then you will need to delete some of the existing vlans and add your 10 vlans. To do this you will need to make the switch VTP transparent.

If the switch is a VTP server you definitely don't want to be deleting vlans and if the switch is a VTP client you won't be able to delete vlans.

Jon

New Member

Re: Minimum Switch Multiple VLANs

Thanks so far.

I now have a new problem:

I allowed vlans 1-10 but now I cannot do inter-vlan routing.

Note that VLAN 1 is the default/trunking/management vlan

Hall of Fame Super Blue

Re: Minimum Switch Multiple VLANs

Do you have L3 vlan interfaces for these vlans ?

Do these vlans exist on all the switches back to the 6500 that routes the vlans ?

Jon

New Member

Re: Minimum Switch Multiple VLANs

Yes and Yes.

Hall of Fame Super Blue

Re: Minimum Switch Multiple VLANs

Okay, so how are you verifying that inter-vlan routing isn't working ?

Jon

Purple

Re: Minimum Switch Multiple VLANs

Check the far end to see how they have trunking setup , it has to match on each end . Make sure the native vlan matches on each end if something or than vlan 1 is the native , should look something like this

int f1/1

switchport mode trunk (or dynamic desirable if dtp) is used)

switchport trunk allowed vlan 1-10

switchport trunk native vlan X (must match on each end)

Also when you have a smaller swith like a 2950 that supports 64 vlans , it is really telling you the switch supports 64 vlans with 64 individual spanning tree instances (PVST) , if you try to add more than that then switch will automatically change to transparent mode . Restricting vlans across the trunk will fix this if less than 64 vlans are allowed across the trunk . Each end should be configured the same on the trunk . If its not routing now then the trunk itself is broken .

New Member

Re: Minimum Switch Multiple VLANs

Before I applied the command, inter-vlan routing was working - was able to get to Pcs on other VLANs.

After I applied the command, I cound not get onto any PCs on other VLANs - only to those PCs on the same VLANs connected to the switch.

Thanks for your help so far :-)

Purple

Re: Minimum Switch Multiple VLANs

You would probably have to post the interface configs on both ends of the trunk to get any farther.

Hall of Fame Super Blue

Re: Minimum Switch Multiple VLANs

Apologies for delay in getting back.

Are there any other switches between the switch you are on and the 6500 that routes the vlans.

Can you post "sh int trunk" from all switches along the path.

Also from the vlan the pc is in can you ping it's default-gateway on the 6500.

Jon

New Member

Re: Minimum Switch Multiple VLANs

Yes. There is a switch between the 6500 and the switch I am on.

sh int trunk does not work on the switch I am on and the intermediary switch since both are 2924

Yes PCs on all vlans can ping its default-gateways.

Hall of Fame Super Blue

Re: Minimum Switch Multiple VLANs

Can you provide the list of commands you did on each switch +

"sh int trunk" from 6500 that connects to intermediary switch.

Also try "sh trunk" on 2924 - not sure it will work but worth a try.

Jon

229
Views
0
Helpful
17
Replies