cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1300
Views
0
Helpful
26
Replies

Redundant Trunks

bryanrobh
Level 1
Level 1

On a network that I work on (very new at) I am having trouble getting access to a switch over a new fiber trunk.  I have a 3560 with 2 trunks.  trunk 1 is connected directly to a 4500.  Trunk 2 (fiber) is connected to a 3750 and in turn that 3750 is trunked to a 4500.  Now both trunks on the 3560 are the exact same config.  Both trunks are up and neither of them are being blocked by stp.  I saw data going over both trunks under the show int command.  When I shut trunk 1 down I am no longer able to get to the 3560.  I can no longer ping or do anything else with the 3560.  I am trying to figure out why I cannot reach the 3560 through trunk 2.                      

26 Replies 26

John Blakley
VIP Alumni
VIP Alumni

It would be helpful if you could draw out a topology of the way these switches are laid out. Which switch is the root bridge?

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

So in the attached (very basic) diagram you will see a visual of what I explained in the first post.  The root bridge for the vlan I am routing is the 4500 A.  I have it labeled in the diagram.  I hope I am making sense here.

Hi Bryan,

From which device are you trying to access/ping 3560 ? Is it from 3750 or 4500a ?

And in which subnets are each of these devices? Are their routes fine ?

Regards,

Chandu

Regards, Chandu

Hi Chandra

Yes I am trying to ping from the 3750 or the 4500a. The subnets are different but the routes should be fine. I say should because I didn't set any of this up.

Bryan

So you shut down the trunk link to 4500b and then you cannot ping the 3560 from either the 3750 or 4500a - is that correct ?

If so what is the IP address you are trying to ping and what is the source IP address ? Are they in the same subnet ?

Which switch(es) are actually acting as L3 switches doign inter vlan routing and which are acting as L2 ?

If the 3560 is only acting as L2 what is the defaut gateway set to ie which device has the default gateway IP address ?

Jon

So you shut down the trunk link to 4500b and then you cannot ping the 3560 from either the 3750 or 4500a - is that correct ?

Yes this is correct

If so what is the IP address you are trying to ping and what is the source IP address ? Are they in the same subnet ?

The two IP's are in different subnets

Which switch(es) are actually acting as L3 switches doign inter vlan routing and which are acting as L2 ?

The 4500's are the only ones with L3 routing going on.

If the 3560 is only acting as L2 what is the defaut gateway set to ie which device has the default gateway IP address ?

I see on the 3560 there is no default gw.

Bryan

My initial thought was the the 3560 was acting as L2 and it's default gateway was on 4500b. When you pinged from a different subnet the 3560 would send the response to 4500b because that is it's default gateway and because you have shut the trunk down it stopped working.

But now you say there is no default gateway configured on the 3560 so i cant see how you would be able to ping it from a different IP subnet whether or not the trunk to 4500b was up or not.

Perhaps you can post config of the 3560 ?

Jon

Here it is

PTCC-3560-001#sh run
Building configuration...

Current configuration : 5034 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service unsupported-transceiver
!
hostname PTCC-3560-001
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$ZBlD$vvwPD6uBgu9Xzgjqw6dDR.
!
!
!
no aaa new-model
clock timezone Eastern -4 14
system mtu routing 1500
!
!        
!
!
crypto pki trustpoint TP-self-signed-326576768
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-326576768
revocation-check none
rsakeypair TP-self-signed-326576768
!
!
crypto pki certificate chain TP-self-signed-326576768
certificate self-signed 01
  30820244 308201AD A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33323635 37363736 38301E17 0D393330 33303130 30303131
  355A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3332 36353736
  37363830 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
  A735DCCD 1572FA88 1CE635DF EEB02A2C 393AC9FA 83DD04D0 90994AC9 9FA2304C
  614B139D BA366E54 E9D4258E B85A78DA F7BC7322 346B1A1C 9787F3BD 3FEFB985
  C81CECE2 97B33800 765D55A6 DC7E5165 6A3A50B8 7369C3C1 58000607 3FC9791F
  FC29C41D 666B4F97 375577C8 2FB2E642 6A5006F6 85513DB0 DB77E9E8 41DBAF39
  02030100 01A36E30 6C300F06 03551D13 0101FF04 05300301 01FF3019 0603551D
  11041230 10820E50 5443432D 33353630 2D303031 2E301F06 03551D23 04183016
  80149EB9 6586711D 579D7D4F 6A29F7B1 D0D21057 DA80301D 0603551D 0E041604
  149EB965 86711D57 9D7D4F6A 29F7B1D0 D21057DA 80300D06 092A8648 86F70D01
  01040500 03818100 57177E1F 6ED2E5D5 A1EF55C1 972AB02D 285DF383 8F75CA22
  EE4741A8 31ADD91A CAA3F6D2 F7479F49 26D4177F D182C794 D59BD1D4 6003C87A
  2D43A36D 2AA67B07 BAA4C25E 00C994B8 8714C6FF 70299E3A F974D98C A18F8121
  D049F7EF 70719C5A 4A12EF91 703CEF03 0814F95D 21100284 EC15A746 AA5177FC
  BF703A8B C4813161
  quit
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
no errdisable detect cause gbic-invalid
no errdisable detect cause sfp-config-mismatch
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0
no ip address
!        
interface GigabitEthernet0/1
description 10.4.8.94 PTCC-CRWKS-001                                      
switchport access vlan 208
no cdp enable
no cdp tlv server-location
no cdp tlv app
arp timeout 10
spanning-tree portfast
!
interface GigabitEthernet0/2
description 10.4.8.95 PTCC-CRWKS-002
switchport access vlan 208
no cdp enable
no cdp tlv server-location
no cdp tlv app
arp timeout 10
spanning-tree portfast
!
interface GigabitEthernet0/3
description 10.4.8.96 PTCC-CRWKS-003
switchport access vlan 208
no cdp enable
no cdp tlv server-location
no cdp tlv app
arp timeout 10
spanning-tree portfast
!
interface GigabitEthernet0/4
description 10.4.8.97 PTCC-CRWKS-004
switchport access vlan 208
no cdp enable
no cdp tlv server-location
no cdp tlv app
arp timeout 10
spanning-tree portfast
!
interface GigabitEthernet0/5
description 10.4.8.98 PTCC-CRWKS-005
switchport access vlan 208
no cdp enable
no cdp tlv server-location
no cdp tlv app
arp timeout 10
spanning-tree portfast
!
interface GigabitEthernet0/6
description 10.4.8.99 PTCC-CRWKS-006
switchport access vlan 208
no cdp enable
no cdp tlv server-location
no cdp tlv app
arp timeout 10
spanning-tree portfast
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
!
interface GigabitEthernet0/24
!
interface GigabitEthernet1/1
description Link to CMF-4507
switchport trunk encapsulation dot1q
switchport trunk native vlan 208
switchport trunk allowed vlan 202,208
switchport mode trunk
!
interface GigabitEthernet1/2
description Link to HBN-4507
switchport trunk encapsulation dot1q
switchport trunk native vlan 208
switchport trunk allowed vlan 202,208
switchport mode trunk
!
interface GigabitEthernet1/3
!
interface GigabitEthernet1/4
description uplink to CMF 4507
switchport trunk encapsulation dot1q
switchport trunk native vlan 208
switchport trunk allowed vlan 202,208
switchport mode trunk
!
interface TenGigabitEthernet1/1
!        
interface TenGigabitEthernet1/2
!
interface Vlan1
no ip address
!
interface Vlan208
ip address 10.4.8.14 255.255.255.0
!
ip classless
ip http server
ip http secure-server
!
ip sla enable reaction-alerts
!
!
line con 0
line vty 0 4
password 7 111A18011A1B055C52
login
transport input telnet
line vty 5 15
login
!        
ntp peer 10.4.2.3
end

Bryan

There is definitely no default gateway so i am not sure how you would ever be able to ping the vlan 208 IP address on the switch from any other subnet regardless of whether the trunk to the 4500b was up or not.

But you are saying you can ?

Jon

Yes I can ping from 4500B no problem. 

Bryan

Sorry, what do you mean you can ping from the 4500b no problem. Do you mean using a different source IP ie. not in vlan 208 ?

And i thought the trunk to 4500b was the one you were shutting down ?

I was thinking it may be something to do with proxy arp but before that can you describe in detail the sequence of events ie.

1) before you shut the trunk down where are you pinging from. What is the src IP.

2) after you shut the trunk down (trunk link to 4500b) where are you pinging from. Again src IP.

Do both 4500s have a vlan 208 L3 interface ?

Jon

Do you mean using a different source IP ie. not in vlan 208 ?

scratch that I cannot ping from an IP that is not in VLAN 208.  I wasnt adding a source IP to my ping previously.

And i thought the trunk to 4500b was the one you were shutting down ?

I am not going to shut it down permenantly I wanted to test connectivity incase that trunk went down. 

I was thinking it may be something to do with proxy arp but before that can you describe in detail the sequence of events ie.

1) before you shut the trunk down where are you pinging from. What is the src IP.

I realize I was pinging from an IP in the same VLAN.

2) after you shut the trunk down (trunk link to 4500b) where are you pinging from. Again src IP.

Any other subnet I tried.

Do both 4500s have a vlan 208 L3 interface ?

Both 4500's have this in the sh ip route output

C       10.4.8.0/24 is directly connected, Vlan208

chandra_rc16
Level 4
Level 4

Is IP routing enabled on the devices ? Can you please paste the output of "show ip route" from 3 of those devices?

Regards,

Chandu

Regards, Chandu

On both the 4500's there is the subnet of the 3560 when I do a " sh ip route "

C       10.4.8.0/24 is directly connected, Vlan208

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco