cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2517
Views
0
Helpful
12
Replies

URGENT HELP-Connecting 2 Switches

omer.babiker
Level 1
Level 1

Hi All,

I need to connect 2 switches (2960 & 2960S) with only one single link in our LAN network. This is to get extra number of ports.

Requesting your help with the followings:

  • Please confirm if straight throug cable will work to connect between the above two switches
  • What will be the best configuration on each port (in sw1 & 2) to avoid any kind of loop? For example: spanning tree command

Please advise


Thanks in advance

1 Accepted Solution

Accepted Solutions

On your new switch before connecting do this -

VTP config

=========

switch(config)# vtp mode transparent

switch(config)# vtp mode client

this will set the VTP revision number to 0 so there is no chance it can overwrite the VTP database on the existing server.

The switch should then get all the vlans from your existing switch.

STP config

=========

switch(config)# spanning-tree mode rapid-pvst

then you need the list of all vlans on your existing switch so do a "sh vlan brief" on your existing switches and get list of all the vlans (don't worry about the 100x vlan numbers). So lets say you have vlans 100 -> 120. Take the highest vlan number and do a "sh spanning-tree vlan 120" for it on your existing switch.  So using one of your outputs as an example -

sw2#show spanning-tree vlan 100

VLAN0100
  Spanning tree enabled protocol rstp
  Root ID    Priority    32868    <-- this is the line you are interested in
             Address     9caf.ca74.8400
             Cost        2
             Port        96 (Port-channel6)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

then set the priority for all your vlans on your new switch using the following link and choose a number from the list that is higher than the prioriry number in the above line - 

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_55_se/configuration/guide/swstp.html#wp1298788

the above sets you STP mode (because you are running rapid PVST) and set the STP priority for the vlans to a high number so the new switch will not become root for any vlan.

Trunk config

==========

int gi0/1 <-- this connects to the existing switch

switchport mode trunk

switchport trunk allowed vlan

you then need to configure the port on the existing switch connecting to the new switch. Use the same config as the trunk port config above.

You should then connect up the two switches and the trunk link should come up, the vlans should be populated to the new switch (do a "sh vlan brief") to verify, and you can then configure the ports into the vlans you want.

Apologies for the detailed instructions but i thought it might be useful to show you how to work these things out so you can do this sort of thing again if needed.

Any doubts please ask further.

Jon

View solution in original post

12 Replies 12

Jon Marshall
Hall of Fame
Hall of Fame

As long as you leave both ports set to auto/auto for speed and duplex you should be able to use either.

In terms of an STP loop, if this is the only connection the new switch has to the existing network then there is no loop. However two things you need to look out for when adding a switch -

1) the switch becomes STP root for the vlan(s)

2) the switch overwrites the vlan database if you are using VTP server/client

So before you connect it up can you answer the following -

1) how many switches are there in your network (not including the new one). If there are multiple switches have you manually set up STP root or not ?

2) how many vlans do you have and if you have more than one do you want to have all vlans available on the new switch ?  This affects how you configure the link between the new and existing switch

3) what is the VTP setup (if any) on the existing switch(es). If it is just one existing switch then please post the output of -

sh vtp status

Jon

Yes take heed to jons words they will save you much trouble.

deebeeishere
Level 1
Level 1

Yes a straight through will work because they both have auto sensing MDIX eventhough I suggest the suggested cables for good practice. I would also issue the "spanning-tree bpdufilter" command to turn spanning tree off on your existing switches interface and issue the "spanning-tree portfast default" command on the new switch. This is assuming that there is no vlan information required or trunking going on.

Derek

I would have to disagree with the advice about spanning-tree.

You really do not want to filter or stop sending BPDU between switches. If a second connection was then run from the new switch there would be a dangerous STP loop.

So it's best to run STP properly between the switches even if there is no loop introduced.

Jon

Thanks Jon and Derek

Please note the following:

- This is the only connection that the new switch has to the network.

- The total number of the existing is 2 switches which already connected together with etherchannel that I'm not aware of well.

- The new SW wil only be connected to one of the existing SWs

- Atleast 2 vlans will be needed to be available in the new SW

Okay, so the link will need to be a trunk.

That's fine but you still need to be aware of the issues i outlined.

We can check the VTP issue if you post "sh vtp status" from both switches

Can you also pick a couple of vlans (probably the ones you want to allow on the new switch) and post the output of -

"sh spanning-tree vlan "  <--- where x is the vlan number.

I apologise for asking for all of this but if you are not careful you could get unexpected consequences which could take a while to fix.

Jon

Appreciate your prompt response, and I do agree with you

I'll post the outputs. When I goi to the office

Meanwhile, I would request you to please provide some hints about outputs of those commands

Jon Marshall
Hall of Fame
Hall of Fame

The "sh vtp status" command will show us whether switches are running VTP server/client or VTP transparent. If it is server/client then there is a very small possibility that the new switch could overwrite the vlan database on the existing switches which would not be good because then all ports on your existing switches would go back into vlan 1.

Like i say, it is not very likely but it is something to be aware of.

The "sh spanning-tree vlan " command should show the STP priorities for the "x" vlans. This will give us an idea as to whether you have manually set any priorities or not. It should also tell us which version of STP you are running.

I suspect you haven't set the priorities which means they will be the default. If this is the case then before connecting the new switch we can manually set a higher priority on the new switch so it does not become the new STP root (the lower the priority the more favourable to be elected as STP root).

One other output would be useful and that is -

"sh vlan brief" which will show us all the vlans so we can set the STP priority for all vlans. If you only need two of the vlans on the new switch then we could just explicitly set the priority for these and only allow those vlans on the trunk but just in case you later need to allow more vlans across the link it would be better to do it all at once.

Finally, as i say if you only need two vlans on the new switch you can tell the trunk port to only allow those vlans across the link. This may or may not be useful for you. It depends on whether you think there will need to be more vlans in the near future on the new switch. You could always add them to the list of allowed vlans on the trunk but you may want to simply have all the vlans available on the new switch.

Depends really on how many vlans there are in total and whether you want to keep reconfiguring the trunk link every time you want another vlan on the new switch but it is generally considered a good idea to only allow those vlans you need across the link.

Jon

Ok. Here are the outputs:

For SW1:

sw1#show vtp status
VTP Version capable             : 1 to 3
VTP version running             : 2
VTP Domain Name                 : dr
VTP Pruning Mode                : Disabled
VTP Traps Generation            : Disabled
Device ID                       : 9caf.ca74.8400
Configuration last modified by 10.212.100.11 at 9-2-13 12:20:53
Local updater ID is 10.212.100.11 on interface Vl100 (lowest numbered VLAN interface found)

Feature VLAN:
--------------
VTP Operating Mode                : Server
Maximum VLANs supported locally   : 255
Number of existing VLANs          : 15
Configuration Revision            : 17
MD5 digest                        : 0xDE 0xA3 0x3E 0x80 0x2A 0x70 0x29 0xEC
                                    0xBB 0x30 0x88 0x32 0x6D 0x17 0x22 0x9A

sw1#show spanning-tree vlan 100

VLAN0100
  Spanning tree enabled protocol rstp
  Root ID    Priority    32868
             Address     9caf.ca74.8400
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32868  (priority 32768 sys-id-ext 100)
             Address     9caf.ca74.8400
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/1               Desg FWD 4         128.1    P2p Edge
Gi0/6               Desg FWD 19        128.6    P2p Edge
Gi0/7               Desg FWD 4         128.7    P2p
Gi0/8               Desg FWD 4         128.8    P2p
Gi0/9               Desg FWD 19        128.9    P2p Edge
Gi0/10              Desg FWD 19        128.10   P2p
Gi0/15              Desg FWD 19        128.15   P2p Edge
Gi0/16              Desg FWD 19        128.16   P2p Edge

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------

Gi0/21              Desg FWD 4         128.21   P2p
Gi0/22              Desg FWD 4         128.22   P2p Edge
Po6                 Desg FWD 2         128.96   P2p

sw1#show spanning-tree vlan 103

VLAN0103
  Spanning tree enabled protocol rstp
  Root ID    Priority    32871
             Address     9caf.ca74.8400
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32871  (priority 32768 sys-id-ext 103)
             Address     9caf.ca74.8400
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/7               Desg FWD 4         128.7    P2p
Gi0/8               Desg FWD 4         128.8    P2p
Gi0/21              Desg FWD 4         128.21   P2p
Po6                 Desg FWD 2         128.96   P2p

For SW2:

sw2#show vtp s
qadr-sw2#show vtp status
VTP Version capable             : 1 to 3
VTP version running             : 2
VTP Domain Name                 : dr
VTP Pruning Mode                : Disabled
VTP Traps Generation            : Disabled
Device ID                       : 9caf.ca7b.3800
Configuration last modified by 10.212.100.11 at 9-2-13 12:20:53
Local updater ID is 10.212.100.12 on interface Vl100 (lowest numbered VLAN interface found)

Feature VLAN:
--------------
VTP Operating Mode                : Server
Maximum VLANs supported locally   : 255
Number of existing VLANs          : 15
Configuration Revision            : 17
MD5 digest                        : 0xDE 0xA3 0x3E 0x80 0x2A 0x70 0x29 0xEC
                                    0xBB 0x30 0x88 0x32 0x6D 0x17 0x22 0x9A


sw2#show spanning-tree vlan 100

VLAN0100
  Spanning tree enabled protocol rstp
  Root ID    Priority    32868
             Address     9caf.ca74.8400
             Cost        2
             Port        96 (Port-channel6)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32868  (priority 32768 sys-id-ext 100)
             Address     9caf.ca7b.3800
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/1               Desg FWD 4         128.1    P2p Edge
Gi0/6               Desg FWD 19        128.6    P2p Edge
Gi0/7               Desg FWD 4         128.7    P2p
Gi0/8               Desg FWD 4         128.8    P2p
Gi0/9               Desg FWD 19        128.9    P2p Edge
Gi0/14              Desg FWD 4         128.14   P2p Edge
Gi0/15              Desg FWD 19        128.15   P2p Edge
Gi0/21              Desg FWD 4         128.21   P2p Edge
Gi0/22              Desg FWD 4         128.22   P2p
Po6                 Root FWD 2         128.96   P2p


sw2#show spanning-tree vlan 103

VLAN0103
  Spanning tree enabled protocol rstp
  Root ID    Priority    32871
             Address     9caf.ca74.8400
             Cost        2
             Port        96 (Port-channel6)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32871  (priority 32768 sys-id-ext 103)
             Address     9caf.ca7b.3800
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/7               Desg FWD 4         128.7    P2p
Gi0/8               Desg FWD 4         128.8    P2p
Gi0/22              Desg FWD 4         128.22   P2p
Po6                 Root FWD 2         128.96   P2p

On your new switch before connecting do this -

VTP config

=========

switch(config)# vtp mode transparent

switch(config)# vtp mode client

this will set the VTP revision number to 0 so there is no chance it can overwrite the VTP database on the existing server.

The switch should then get all the vlans from your existing switch.

STP config

=========

switch(config)# spanning-tree mode rapid-pvst

then you need the list of all vlans on your existing switch so do a "sh vlan brief" on your existing switches and get list of all the vlans (don't worry about the 100x vlan numbers). So lets say you have vlans 100 -> 120. Take the highest vlan number and do a "sh spanning-tree vlan 120" for it on your existing switch.  So using one of your outputs as an example -

sw2#show spanning-tree vlan 100

VLAN0100
  Spanning tree enabled protocol rstp
  Root ID    Priority    32868    <-- this is the line you are interested in
             Address     9caf.ca74.8400
             Cost        2
             Port        96 (Port-channel6)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

then set the priority for all your vlans on your new switch using the following link and choose a number from the list that is higher than the prioriry number in the above line - 

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_55_se/configuration/guide/swstp.html#wp1298788

the above sets you STP mode (because you are running rapid PVST) and set the STP priority for the vlans to a high number so the new switch will not become root for any vlan.

Trunk config

==========

int gi0/1 <-- this connects to the existing switch

switchport mode trunk

switchport trunk allowed vlan

you then need to configure the port on the existing switch connecting to the new switch. Use the same config as the trunk port config above.

You should then connect up the two switches and the trunk link should come up, the vlans should be populated to the new switch (do a "sh vlan brief") to verify, and you can then configure the ports into the vlans you want.

Apologies for the detailed instructions but i thought it might be useful to show you how to work these things out so you can do this sort of thing again if needed.

Any doubts please ask further.

Jon

Jerald Simon M.
Level 1
Level 1

Pls dont try bpdu filter..if you realy want to avoid to become root bridge use root guard..

Thank you all for the informative discussion.

I've installed the switch and it was smooth!! No issues

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: