Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Replication VLAN trunking issues

We are working to create a replication VLAN between our primary server room and our DR site in another building.

Our basic config is this:

CORE Switch 6509 (CatOS)This is the primary router and interconnect point for the rest of our facility.

DR Building 4507R (IOS) This switch acts as the uplink for this building and its staff to the Core as well as the switch in our DR DataCenter. HSRP is also configured for 2 edge locations that have dual links to both the 6509 and 4507 for seemless failover to the DR resources.

We have ran 2 pairs of fiber from the 6509 to the 4507. One pair acts as a trunk for normal uplink to the 6509. However the other pair is to act as a replication link only for VLAN 172. Currently we have configured both sides as follows:

6509:

clear trunk 4/5 1-171,173-199,201-1005,1025-4094

set trunk 4/5 auto dot1q 172,200

4507R:

interface GigabitEthernet3/5

description ***Replication***

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 172,200

switchport mode trunk

The 6509 is showing that the link is live and that it is in trunk mode. However the 4507 is showing down and down with no indicator light and no CDP info from that link to 6509.

If I change configuration on the 4507 I actually see the trunk go down on the 6509 so there is some sort of communication happening there. I'm just not sure where to go from here.

Thanks for any input you may have.

16 REPLIES
Hall of Fame Super Bronze

Re: Replication VLAN trunking issues

Josh,

The 4507R is using Native VLAN1 for the trunk information between links and you are blocking it from the 6509.

You need to configure the 4507R to use 172 as the native VLAN for the trunk by using this command.

switchport trunk native vlan 172

______

Please rate helpful posts.

New Member

Re: Replication VLAN trunking issues

Thanks for your reply. I had tried that a few times and I went back to try it again but no dice. I'm really stumped. Everything is just as is should be. I even mirrored a few of our other trunks that are ISL and when I did that the whole link just died. So I put my original dot1q configs back and the 6509 side came back up and went into trunking. However as stated before the 4507 never comes up just shows down and down. I'm just confused why when I shut the interface on the 4507 the 6500 sees the trunk drop even though its never been established a link.

Any other ideas?

Hall of Fame Super Bronze

Re: Replication VLAN trunking issues

Josh,

I also noticed the trunk mode selected on the 6509 is not compatible with the default 4507R mode, which is mode on.

Can you change the trunk mode to 'on' in the 6509 and try again ?

___

Please rate helpful posts.

Thanks

New Member

Re: Replication VLAN trunking issues

You have two different trunk negotations in place, which could cause problems.

Whenver I setup trunks, I usually set both ends static and define the trunk type rather than using any type of trunk negotation.

Purple

Re: Replication VLAN trunking issues

Make sure the native vlans match on each and for trunking on the side that is set as on make it "switchport mode dynamic desirable" and it will bring up the side that is set as auto .

New Member

Re: Replication VLAN trunking issues

Again thanks for the iput. I have been playing around alot with this and my original post was a bit sloppy. Here is what I currently have configured.

As you can see encapsulation is set for dot1q

Native VLAN is set for 172

Allowed VLANS match

Port Channels are not configured

Mode is locked at trunk

And Negotiation is off

With all of this I have the exact same issue. 6509 is up and up in trunking mode. 4507 is down and down. Shutting down the 4507 interface drops the 6509 interface and produces a console message. Spanning tree is not blocking anything that pertains to this config. HSRP is ACTIVE on the 6509 for all VLANS with the 4507 Listening for those with redundant links.

4507 Config

!

interface GigabitEthernet3/5

description ***Replication***

switchport trunk encapsulation dot1q

switchport trunk native vlan 172

switchport trunk allowed vlan 172,200

switchport mode trunk

switchport nonegotiate

!

6509 Config

!

set vlan 172 4/5

set vlan 190 4/1

set port negotiation 4/1-12,4/15-16 disable

clear trunk 4/5 1-171,173-199,201-1005,1025-4094

set trunk 4/5 on dot1q 172,200

set port channel 4/4-6,4/8 mode off

Any Othere ideas?

Purple

Re: Replication VLAN trunking issues

Can you verify you have the layer 2 vlans created on the 4500 with the "show vlan" command and that they show active? Vlan 172 and 190 should show active in the list . Can you post the show vlan for the 4500 and maybe show int trunk .

New Member

Re: Replication VLAN trunking issues

I'm not sure what vlan 190 has to do with anything. As for vlan 172 it is showing up in my show vlan. It is active and has two switchports assigned to it.

This is the output form sho int trunk:

Port Mode Encapsulation Status Native vlan

Gi3/5 on 802.1q other 172

Port Vlans allowed on trunk

Gi3/5 none

Port Vlans allowed and active in management domain

Gi3/5 none

Port Vlans in spanning tree forwarding state and not pruned

Gi3/5 none

I have verified that I am allowing VLAN 172 through the trunk.

Josh

Hall of Fame Super Bronze

Re: Replication VLAN trunking issues

Josh,

How is your VTP configuration ?

Let's see the output from 'show vtp status' from both switches.

New Member

Re: Replication VLAN trunking issues

VTP appears to be fine.

6509 = Server

4507 = Trans

VTP Domain = Same on both sides

6509 config rev: 54

4507 config rev: 0

VTP V2 on both sides.

Purple

Re: Replication VLAN trunking issues

Instead of forcing it on try setting both sides to desirable and let it negotiate the trunk. Make sure vtp domain names match exactly.

Silver

Re: Replication VLAN trunking issues

I know that I am joining this discussion late however from reading all this, I have one question.. What port types are you using on both ends. I see a Gig E port on one side but what is the other side. In order for the trunk to work you must have identical setups for both sides. You may have a difference in one of the sides that is stopping the trunk crom coming up.....

New Member

Re: Replication VLAN trunking issues

Welcome aboard. I am using GigE Fiber links on both sides. On the 4507 side I am using a WSG5486 and I'm pretty sure the other side is the same. I'm heading out to check on that right now.

Keep the ideas comming. If nothing else you guys are making me feel a little less stupid about not having this up yet.

Purple

Re: Replication VLAN trunking issues

If you have all the layer 2 vlans already created then try this . if you have good layer 1 connectivity this has to work we use it all the time. Vtp domain name must match exactly .

6509:

set vlan 172 state active

set trunk 4/5 desirable dot1q

clear trunk 4/5 1-171,173-199,201-1005,1025-4094

4507R:

conf t

vlan 172

vlan 200

interface GigabitEthernet3/5

description ***Replication***

switchport trunk native vlan 172

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 172,200

switchport mode dynamic desirable

New Member

Re: Replication VLAN trunking issues

Glen,

Thanks for your post. I want to try it right now but I ended up opening a TAC case. Last I knew the Engineer was cool with the config that we had tried to implement. He was reviewing the show Tech for both units and trying to re-create the problem in the lab.

If I am unable to get a resolution from TAC by noon I'm going to try your recommendation. Etiher way I will post the resolution or lack of one later today.

Thanks for everyones help so far.

New Member

Re: Replication VLAN trunking issues

Well I'm all fixed. Big thanks to everyone who jumped in on this. And a bigger thanks to Louis at TAC.

I'm going to add more detail to this so others who might run accross this can identify this issue.

The overall solution was using the:

speed nonegotiate

command. With this in place the 4507 immediately established link in both access mode (which we had fallen back to as a test mechanism) then as a trunk when we applied the interface trunking commands. Below are the configs as the were in the end for this trunk.

6509:

clear trunk 4/5 1-171,173-199,201-1005,1025-4094

set trunk 4/5 nonegotiate dot1q 172,200

4507R:

!

interface GigabitEthernet3/5

description ***Replication***

switchport trunk encapsulation dot1q

switchport trunk native vlan 172

switchport trunk allowed vlan 172

switchport mode trunk

switchport nonegotiate

speed nonegotiate

Here is the interesting thing about all of this. None of my other trunk or access ports require this command. Throughout this process I have replicated cofigs from exiting WORKING trunks and they do not work. In my troubleshooting with TAC we tried 3 ports on 2 differnt line cards in both the 6509 and the 4507. Each time with identical results. I was beggining to think it was a fiber issue until we used the fiber path (includeing patch cables) that was working as the path for this trunk. Again no joy.

In the end the solution above reguarding speed non-negotiation worked. Whats odd is that 1000 Base GBICS are not supposed to have speed settings. I tried the normal ones like speed 1000 and duplex full only to be told that my GBICs do not support those commands. TAC was even confused as to why speed commands would come into play with this solution.

With that said it works. TAC is keeping my case open to come to a reason as to why this happened. I'm hoping it will unlock the key to some random trunk and port-channel issues we are also having here.

Again thanks.

1846
Views
0
Helpful
16
Replies
CreatePlease to create content