Re: Replication VLAN trunking issues

cratejockey · ‎10-26-2006

We are working to create a replication VLAN between our primary server room and our DR site in another building.

Our basic config is this:

CORE Switch 6509 (CatOS)This is the primary router and interconnect point for the rest of our facility.

DR Building 4507R (IOS) This switch acts as the uplink for this building and its staff to the Core as well as the switch in our DR DataCenter. HSRP is also configured for 2 edge locations that have dual links to both the 6509 and 4507 for seemless failover to the DR resources.

We have ran 2 pairs of fiber from the 6509 to the 4507. One pair acts as a trunk for normal uplink to the 6509. However the other pair is to act as a replication link only for VLAN 172. Currently we have configured both sides as follows:

6509:

clear trunk 4/5 1-171,173-199,201-1005,1025-4094

set trunk 4/5 auto dot1q 172,200

4507R:

interface GigabitEthernet3/5

description ***Replication***

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 172,200

switchport mode trunk

The 6509 is showing that the link is live and that it is in trunk mode. However the 4507 is showing down and down with no indicator light and no CDP info from that link to 6509.

If I change configuration on the 4507 I actually see the trunk go down on the 6509 so there is some sort of communication happening there. I'm just not sure where to go from here.

Thanks for any input you may have.

Edison Ortiz · ‎10-26-2006

Josh,

The 4507R is using Native VLAN1 for the trunk information between links and you are blocking it from the 6509.

You need to configure the 4507R to use 172 as the native VLAN for the trunk by using this command.

switchport trunk native vlan 172

______

Please rate helpful posts.

cratejockey · ‎10-26-2006

Thanks for your reply. I had tried that a few times and I went back to try it again but no dice. I'm really stumped. Everything is just as is should be. I even mirrored a few of our other trunks that are ISL and when I did that the whole link just died. So I put my original dot1q configs back and the 6509 side came back up and went into trunking. However as stated before the 4507 never comes up just shows down and down. I'm just confused why when I shut the interface on the 4507 the 6500 sees the trunk drop even though its never been established a link.

Any other ideas?

Edison Ortiz · ‎10-26-2006

Josh,

I also noticed the trunk mode selected on the 6509 is not compatible with the default 4507R mode, which is mode on.

Can you change the trunk mode to 'on' in the 6509 and try again ?

___

Please rate helpful posts.

Thanks

jlkeys · ‎10-26-2006

You have two different trunk negotations in place, which could cause problems.

Whenver I setup trunks, I usually set both ends static and define the trunk type rather than using any type of trunk negotation.

glen.grant · ‎10-26-2006

Make sure the native vlans match on each and for trunking on the side that is set as on make it "switchport mode dynamic desirable" and it will bring up the side that is set as auto .

cratejockey · ‎10-26-2006

Again thanks for the iput. I have been playing around alot with this and my original post was a bit sloppy. Here is what I currently have configured.

As you can see encapsulation is set for dot1q

Native VLAN is set for 172

Allowed VLANS match

Port Channels are not configured

Mode is locked at trunk

And Negotiation is off

With all of this I have the exact same issue. 6509 is up and up in trunking mode. 4507 is down and down. Shutting down the 4507 interface drops the 6509 interface and produces a console message. Spanning tree is not blocking anything that pertains to this config. HSRP is ACTIVE on the 6509 for all VLANS with the 4507 Listening for those with redundant links.

4507 Config

!

interface GigabitEthernet3/5

description ***Replication***

switchport trunk encapsulation dot1q

switchport trunk native vlan 172

switchport trunk allowed vlan 172,200

switchport mode trunk

switchport nonegotiate

!

6509 Config

!

set vlan 172 4/5

set vlan 190 4/1

set port negotiation 4/1-12,4/15-16 disable

clear trunk 4/5 1-171,173-199,201-1005,1025-4094

set trunk 4/5 on dot1q 172,200

set port channel 4/4-6,4/8 mode off

Any Othere ideas?

glen.grant · ‎10-26-2006

Can you verify you have the layer 2 vlans created on the 4500 with the "show vlan" command and that they show active? Vlan 172 and 190 should show active in the list . Can you post the show vlan for the 4500 and maybe show int trunk .

cratejockey · ‎10-26-2006

I'm not sure what vlan 190 has to do with anything. As for vlan 172 it is showing up in my show vlan. It is active and has two switchports assigned to it.

This is the output form sho int trunk:

Port Mode Encapsulation Status Native vlan

Gi3/5 on 802.1q other 172

Port Vlans allowed on trunk

Gi3/5 none

Port Vlans allowed and active in management domain

Gi3/5 none

Port Vlans in spanning tree forwarding state and not pruned

Gi3/5 none

I have verified that I am allowing VLAN 172 through the trunk.

Josh

Edison Ortiz · ‎10-26-2006

Josh,

How is your VTP configuration ?

Let's see the output from 'show vtp status' from both switches.

cratejockey · ‎10-26-2006

VTP appears to be fine.

6509 = Server

4507 = Trans

VTP Domain = Same on both sides

6509 config rev: 54

4507 config rev: 0

VTP V2 on both sides.

glen.grant · ‎10-26-2006

Instead of forcing it on try setting both sides to desirable and let it negotiate the trunk. Make sure vtp domain names match exactly.

pciaccio · ‎10-26-2006

I know that I am joining this discussion late however from reading all this, I have one question.. What port types are you using on both ends. I see a Gig E port on one side but what is the other side. In order for the trunk to work you must have identical setups for both sides. You may have a difference in one of the sides that is stopping the trunk crom coming up.....

cratejockey · ‎10-26-2006

Welcome aboard. I am using GigE Fiber links on both sides. On the 4507 side I am using a WSG5486 and I'm pretty sure the other side is the same. I'm heading out to check on that right now.

Keep the ideas comming. If nothing else you guys are making me feel a little less stupid about not having this up yet.

glen.grant · ‎10-26-2006

If you have all the layer 2 vlans already created then try this . if you have good layer 1 connectivity this has to work we use it all the time. Vtp domain name must match exactly .

6509:

set vlan 172 state active

set trunk 4/5 desirable dot1q

clear trunk 4/5 1-171,173-199,201-1005,1025-4094

4507R:

conf t

vlan 172

vlan 200

interface GigabitEthernet3/5

description ***Replication***

switchport trunk native vlan 172

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 172,200

switchport mode dynamic desirable