Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Tag native VLAN globally

I am trying to uplink 3com switches to Cisco 4503 switches.

When I try to tag the native VLAN in the interface configuration (of the port I want to trunk), it tells me the native vlan tagging is not enabled globally.

The configuration of the 4503's right now has all subnets as secondary interfaces, with the exception of VLAN 2.

I want to gradually implement the VLANS, if I enable tagging of the native VLAN (VLAN 1), is there any problem in doing this?

Is there any potential loss of connectivity to anything?

The new config is on g2/40.

Since almost everytthing is in VLAN 1, the only potential problem would be VLAN 2, the uplink to the PIX which is the Internet connectivity.

Is this correct?

Also, there are two 4503 switches linked together for redundancy. Uplinking the 3coms to both 4503 switches would require one trunk port on each 4503 to two ports on the 3com.

My only concern is to make sure STP is enabled on the 3com, it is already configured on the 4503's.

Is this correct?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Tag native VLAN globally

As long as STP is enabled on those trunks you don't have to worry about any loops or problems. STP would put one of the trunks in forwarding state and the other one in blocking state based on the port cost or MAC address.

HTH

Sundar

22 REPLIES
Community Member

Re: Tag native VLAN globally

you may have to enable native vlan tagging globally using the command "vlan dot1q tag native", check out the following link for the command reference, hope this helps :

http://www.cisco.com/en/US/products/hw/switches/ps4324/products_command_reference_chapter09186a00802c31d0.html#wp1166127

Gold

Re: Tag native VLAN globally

As the above post indicates you can tag the native vlan.

Not real sure why you would do this. Every other vendor except cisco uses the term untagged for what cisco calles native vlan. All you need to do is add the vlan to port untagged on 3com switch and set it as the native vlan (or do nothing if you leave it vlan 1) on the cisco.

You can then add more vlans to the port tagged on the 3com and add them to the allow list on the cisco.

Depends on how new the 3com is some of them now enable spanning tree by default. The only issue you may see is if they do not supprt different spanning tree instances per vlan. This will not cause a issue as long as you use the same root bridge for all the vlans. You more than likely will want to force your cisco's to be the primary and secondary root bridge.

Community Member

Re: Tag native VLAN globally

Thanks for the reply,

If the users on the 3coms are in differnet subnets:

10.10.150.0/24

10.250.250.0/24

and the Vlan Interface on the Cisco 4503 is

10.250.250.250

How do the users in the 10.10.150.0 subnet get routed even if I do get the trunking to work?

wouldn't the default gateway be 10.250.250.250?

Gold

Re: Tag native VLAN globally

For users in the 10.250.250.0 net they would use 10.250.250.250 as their default gateway.

you need to define a second vlan interface on the 4503 with a ip of 10.10.150.250 and all the users in that vlan would use it as their default gateway.

The 4503 would then move data between the 2 vlan interfaces as needed. Depends on your sup but you may have to issue IP ROUTING to get it to do that.

Hall of Fame Super Gold

Re: Tag native VLAN globally

When Richard says:

If the users on the 3coms are in differnet subnets:

10.10.150.0/24

10.250.250.0/24

I am not clear whether he means that there are two VLANs or just one VLAN. If there are two VLANs then Tim's suggestion is good. If the two subnets are in a single VLAN then configuring a secondary address on the switch VLAN interface would be the solution. Perhaps Richard can clarify what the environment is?

HTH

Rick

Community Member

Re: Tag native VLAN globally

Yes Rick, thanks for the reply.

The situation is:

All subnets right at the moment are in Vlan1, with the exception of the link to the PIX, which is in Vlan2.

So, at the main site there are these subnets in Vlan1:

10.10.150.0

10.10.151.0

10.10.152.0

There are more but these are example.

Users are in one subnet, servers are in another subnet and printers in another.

Some of the servers and workstations connect directly to the 4503 switches. Some connect via 3Com switches uplinked to the Cisco (all vlan1)

Some of the 3Coms have servers and workstations connected which means I will have to trunk the vlans (beacause of the location of the access switch, not practical to seperate)

The goal is to Vlan per subnet.

The 10.250.250.0 subnet was what I was trying to get to work, but I think I was not understanding what was needed.

If I use say the 10.250.250.0 subnet for the trunk connections only and configure both ends as that being the native vlan, then as long as the other vlans are created on both ends and the SVI interfaces on the Cisco, I should be able to trunk all vlans.

If I can sperate any of the subnets per switch, all I need is an access port to link up the subnet to the Cisco.

Is that all correct?

There is also a 3com NBX phone system that needs to be isolated that is in vlan1, but I don't know how it works or how I should isolate it, I will have to contact 3com on that.

Hall of Fame Super Gold

Re: Tag native VLAN globally

Richard

I am not entirely clear about this statement:

"if I use say the 10.250.250.0 subnet for the trunk connections only and configure both ends as that being the native vlan"

A trunk carries multiple VLANs (and multiple subnets) and is not associated with any specific subnet. If you get trunking configured correctly and working then all VLANs should be carried over the trunk. If you get the SVIs configured correctly then you should be able to route between subnets/VLANs.

If you get a switch so that it has only a single VLAN (and therefore only a single subnet) then the port that connects that switch to the next switch can be configured as an access port and you do not require trunking between those two switches. Assuming that it will carry more than one VLAN the connection to the Cisco needs to be a trunk port not an access port.

HTH

Rick

Community Member

Re: Tag native VLAN globally

The vlan for the trunk came from a conversation with Cisco TAC.

Suppose I have the above scenario with no workstations or servers connected directly to the Cisco 4503. The only connection to the 4503 is uplinks from the 3Com switches.

When I create the SVI interfaces for the Vlans, what will cause these interfaces to come up?

Is it when I create the trunk port and have all of the vlans allowed on that port, each SVI interface sees the trunk and as active port in the vlan?

Re: Tag native VLAN globally

Hi,

SVI will come up if there's an active switchport assigned to that VLAN or if there's an active trunk port that carries traffic for that VLAN. Ofcourse, the VLAN has to exist in it's VLAN database as well.

HTH

Sundar

Community Member

Re: Tag native VLAN globally

I have tried every scenario possible with different 3com switches and there is still something missing in getting this to work.

The vlan does not come up if there is only a trunk port configured that carries traffic for that vlan.

I can see the trunk as active on both ends,(3com and Cisco).

If VTP mode is configured as transparent globally, will that affect what I am trying to do here?

Re: Tag native VLAN globally

Hi,

Can you check the following things?

1. Issue the command 'show vlan' in your Cisco switch and make sure the VLAN shows up as active for the VLAN (SVI) interface you created.

2. Your trunk port isn't configured to disallow the VLAN from traversing that trunk.

VTP transparent mode shouldn't prevent the VLAN interface from coming up. If the VTP mode is set to transparent then you need to manually create the VLAN for the SVI you are trying to configure.

HTH

Sundar

Community Member

Re: Tag native VLAN globally

The trunk port is configured correctly.

The vlan does not show up in active vlans.

The only port that would be a member of that vlan is the trunk port, and it does not come up.

According to everything I have checked, this is all that is needed, but I don think so.

Re: Tag native VLAN globally

Trunk would carry traffic for a VLAN only if the VLAN existed in it's VLAN database. Hence, you need to create one for it to become active. Try creating the VLAN in one of two ways noted below.

config t

vlan 50

(or)

vlan database

vlan 50

exit

You need one of the above configuration when you create a 'int vlan 50' for it to come up. You need to create the vlan on your 3com switch as well.

If you are still having problems it would be much easier to help resolve the problem if you provide details of the SVI you are trying to create and the 'show vlan' etc.

HTH

Sundar

Community Member

Re: Tag native VLAN globally

I am trying to uplink a 3Com switch, vlan 1 and vlan 5.

3com is configured per the forums and 3Com website to trunk all ports.

I have tried several differnet scenarios with the native vlan on the cisco (vlan1), and tagging and untagging the trunk port on the 3com.

The only active port on the Cisco for vlan 5 is the trunk port needed for the subnet that is uplinking to the Cisco.

If the cisco has to have and active port for the vlan interface to come up, then the trunk port is not trunking the subnet I am trying to vlan to vlan 5 on Cisco

The only way I could make a connection to the 3Com was to create vlan 1 and vlan 5, untag vlan1 and tag vlan 5 on the trunk port.

Vlan 1 was already up on the Cisco due to everything else (in vlan1)plugged into it, so I could connect to the management ip I had set up on vlan 1 subnet but vlan 5 would not come up.

Community Member

Re: Tag native VLAN globally

I changed the config earlier to port g2/40 to be access, so the uploaded config is not showing what I tried to get to work.

It was a trunk port and was showing active and was configured to allow all vlans

Re: Tag native VLAN globally

Configure g2/40 to be a trunk.

Then configure vlan 5 as follows.

config t

vlan 5

Check the status of int vlan 5 now.

Community Member

Re: Tag native VLAN globally

ok, I see I forgot that piece of it.

Rats, let me try that and see if it works.

Thanks duder

Community Member

Re: Tag native VLAN globally

That was it.

The response time pinging the native vlan is 78ms on the same switch.

Is this common?

Is the tagginging causing the slow response?

And is thee anything I can do about it.

Thanks again for the help

Re: Tag native VLAN globally

Glad to hear that :-)

Try to ping the IP from a device on the LAN instead of the originating the ping from the switch itself and check the RTT.

Community Member

Re: Tag native VLAN globally

Again, I really appreciate the help.

I was on a configured switchport of the new vlan from the 3com switch.

I was using a laptop configured with an ip address in the new vlan subnet.

78ms pinging the default vlan on the Cisco.

I will look into that later, but while you are listening:

I have two 4503 switches ehterchanneled together with HSRP, switch 1 priority for STP.

If I configure another trunk port for redundancy to the second 4503, is there anything I need to beware of before doing that othere than making sure STP is enabled?

Re: Tag native VLAN globally

As long as STP is enabled on those trunks you don't have to worry about any loops or problems. STP would put one of the trunks in forwarding state and the other one in blocking state based on the port cost or MAC address.

HTH

Sundar

Community Member

Re: Tag native VLAN globally

Thanks Sundar

1175
Views
25
Helpful
22
Replies
CreatePlease to create content