Re: Simple Vlan config

james.young · ‎12-05-2007

I'm trying to set up a vlan that will allow me to connect a device in one part of the building to a router in another. The switch at the far end is a 3550 and I think I have set vlan ok on that one. However I'm having trouble setting up the vlan on the 3500 - I've managed to work out that the command structure is different and have created a vlan but when I try to add ports it accepts the command but sh vlan doesn't show them as added. The vlan mustn't be able to communicate with the rest of the network which apart from this is completely flat.

bvsnarayana03 · ‎12-05-2007

Have you added the interface to the VLAN with following commands:

switchport mode access

switchport access vlan x

where x is your vlan spanning the 2 switches.

Does "sh run int xx" shows the access vlan lines??

james.young · ‎12-05-2007

Thanks for the fast response!

Yes to the first 2 commnds

sh run int xx generates this:

interface FastEthernetxx

description vlan 2

shutdown

switchport access vlan 2

switchport trunk encapsulation dot1q

spanning-tree portfast

end

Vlan 2 is the one I'm setting up so this looks good. I think my problem, being a newbie to this, is that setting up the 3550 seemed straight forward and was expecting similar responses to commands I entered on the 3500. This does show the interface as shutdown, do I need to enable it somehow and do I need to do anything else to get the vlan to communicate between the switches or is this all taken care of?

Jon Marshall · ‎12-05-2007

James

Firstly do you want this port to be in vlan 2 or a trunk link. If in vlan 2 only can you remove the following from the config

int faxx

no switchport trunk encapsulation dot1q

then do a no shutdown

int faxx

no shutdown

Then do a "sh ip int br" to check faxx is up/up.

Then do a "sh vlan" to make sure that faxx has been allocated to vlan 2

Jon

james.young · ‎12-05-2007

Jon,

Perhaps you could advise me whether I should be using a trunk link in this instance?

If I apply the above commands I can then see that faxx is down down but it is showing up in vlan 2 - vlan 2 is administrativley down?

Jon Marshall · ‎12-05-2007

James

If you need more than one vlan's traffic to go between the 3500 and the 3550 then you need to make the link a trunk. If you only want vlan 2 traffic to go across the link then leave it as an access port.

What cable have you used to connect the 2 switches together. If you are using an RJ45 it should be a crossover cable and not a straight thru cable.

You should bring up vlan 2 interface but until you get faxx up and running it will still show as down.

Also hardcode the speed and duplex of both ends of the connection between the 3500 and the 3550 ie.

int faxx

speed 100

duplex full

Jon

james.young · ‎12-05-2007

Thanks Jon,

Hmmm, this is turning out to be more complicated than I first thought. The switches are connected via a fibre backbone, if I could get copper to work reliably over the distance I wouldn't even be looking at vlans and would be able to plug the device straight into the router (I've already tried but it didn't work) It's not the end of the world if I don't get this to work but it would be nice. The router will provide insecure access to the internet so I don't want to share it with the rest of the network and setting up a vlan seemed like a good idea.

Jon Marshall · ‎12-05-2007

James

No problem with connecting with fibre, should work fine. If the interface is showing as down/down then it sounds like you have a cabling or GBIC issue.

If you can get that interface up then it should work as you want. Try switching the fibre connectors around at one end.

Jon

james.young · ‎12-05-2007

Jon,

The switches are communicating fine on the default vlan which up til now is the only one we have used so there can't be a problem with the gbic/cable etc. I want to set up this second vlan to seperate out the router and the device that I want to attach to it - is this possible using vlans or have I mis-understood the purpose of using them?

Jon Marshall · ‎12-05-2007

James

Okay, i think i'm beginning to see the light - hope so anyway.

You have a 3500 and a 3550 connected together via fibre and this is all working. You have one vlan on both switches.

You now want to add a second vlan on the 3500 and 3550 switch - is that it ?

In which case you need to make the existing connection between the switches a trunk port if it isn't already because the only way you can pass more than one vlan down the link is configure it as a trunk.

Do you want to have a L3 vlan interface for vlan 2 on the 3550.

If you need to make the existing link between the 2 switches a trunk link there will be a short downtime while you convert it. So

1) Can you confirm i have understood correctly

2) Can you show the config of the ports on both 3500 and 3550 that are used for the existing fibre connection.

Jon

james.young · ‎12-06-2007

Jon,

Yes your assumptions are correct, sorry I took you the long way round to get there.

Both switches have the same config for the backbone:

interface GigabitEthernetx/x

switchport trunk encapsulation dot1q

switchport mode trunk

Will that work without too much disruption?

Jon Marshall · ‎12-06-2007

James

No need to apologize.

So your 3500 and 3550 are connected via a trunk link already.

Then it's fairly straightforward. You can add vlan 2 to both switches or if your are running VTP just to the VTP server.

Add a layer 3 SVI for vlan 2 on the 3550 if you want to do inter-vlan routing for that vlan.

You can do all of this with no downtime.

Jon

nordick26 · ‎12-05-2007

In all interfaces, you want to use, do "no shutdown".

According to your config => remove:

switchport trunk encapsulation dot1q

and add:

switchport mode access

For two switches connected together, add on related interfaces this:

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk all vlan add 2

no shutdown

It should be working now.

Regards

[Rate any helpful post]