Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VLAN config issue

     I am configuring VLANS on 2960x switches by building.  We have about 15 buildings and would like to have each building be in its own VLAN.  This issue I am having is that we have some devices that are static IP's and when those devices are pluged in, they do not work.  Cannot ping them.  For example, our maintenance department has some energy management devices that are addressed 10.20.1.x and printers are address 10.10.101.x.  So when i configure vlan 55, ip address 10.55.1.2, set the switch ports to switchports access vlan 55 and plug any device with a static ip in to that switch, it doesnt work.  It is possible to have these devices on the same vlan as everthing else in thier building without changing their IP address? 

19 REPLIES
Silver

VLAN config issue

Where is the routing done for these VLANs? Have you setup a default gateway on your switches? Is the issue only with static clients? Do you have DHCP assigned clients? Any other features deployed like DHCP snooping?

Daniel Dib
CCIE #37149

Please rate helpful posts.

Daniel Dib CCIE #37149 Please rate helpful posts.
New Member

VLAN config issue

The 2960 connects to a 4506 with a sup7Le.  The issue is only with static clients.  For example, dhcp users receive a 10.55.1.x address.  Those are the only addresses that will work.  I have routing enabled on the 2960 with a ip route0.0.0.0 0.0.0.0 10.55.1.1

New Member

VLAN config issue

It seems like you are trying to put the nodes in same vlan with different subnets.

Try pinging the vlan interface ip address from the node in the same subnet i.e. if vlan 55 have an ip address

10.55.1.2, try to configure a host with the same subnet, not  10.10.101.x or 10.20.1.x. And if you really need to have these subnets, you need to have routing enabled with certain gateways active on the same vlan.

New Member

VLAN config issue

If the device is in the dhcp range everything works.  If its a statip ip it does not.  The 10.10.101.x address have a 10.10.1.1 gateway and the 10.20.1.x have a 10.20.1.1 gateway.

New Member

VLAN config issue

Firstly you need to understand what a VLAN is, i.e. a Virtual LAN, thus each should have it's own subnet!

Your problem is your DG is incorrect, i.e. in your example it should be 10.10.101.x (assuming thats not a typo)

The second subnet is correct.

Martin

New Member

VLAN config issue

Our network right now is flat.  No Vlans. PC's and almost all other DHCP devices are 10.10.4.x -8.x with a DG 10.10.1.1.

The maintenance devices have a IP 10.20.1.x SM 255.255.0.0, and DG 10.20.1.1.  Printers are 10.10.101.x, 255.255.0.0, 10.10.1.1.  When configuring the new 2960's i am changing all the buidings to be in their own vlan.  So in this example, I have will have 4 switches in VLAN 55.  The 4506 is configured as VLAN 55, 10.55.1.1, 255.255.255.0 and the switches are 10.55.1.2 and so on.  The DHCP scope is 10.55.1.10 -250 and the when you plug in a device they will receive an address in that range.  That all works fine.  When a device with a static IP is plugged in, it does not respond.  Cant ping anything.  I was wondering if their is a way to make this work so all devices in that building will be on VLAN 55.  I am prepared to change all the printer IP's if needed but cant change the 10.20 addresses.

New Member

Re: VLAN config issue

You really need to look address your addressing scheme (no pun intended), you have two subnets in use for starters!

I suspect there is a discrepency between the dynamic S/M and the static one...

For all nodes to be on the same VLAN you would have to change the printer addresses, then they would be on the same network.

But then you have DHCP handing another pool of addresses out?

Martin

New Member

Re: VLAN config issue

This is how it was set up when I started.  Its kind of crazy.  I am going to change the printers IP's.  Not sure on the maintenance devices yet.  If I make them trunk ports they work.  Not sure what you mean by another dhcp scope.   There will be a scope per building.

New Member

Re: VLAN config issue

Thats what I am saying, i.e. 55 for the building in questions but then you have two other ranges?

You need a trunk between the switches and your 4506, I assume that is what you mean you have configured?

Martin

New Member

Re: VLAN config issue

There will be a dhcp scope for every building.  Vlan 55 has one scope.  The printers and 10.20 addresses are static not dhcp.  The link between the 2960 and the 4506 is configured as a trunk.   If I configure the port that a 10.20 address is plugged into as a trunk port, it works.

Purple

Re: VLAN config issue

  First  question is when you try to ping these devices have you disable any windows FW's on the clients.  Verify the client has a valid address for vlan 55 , the valid subnet mask  and the valid default gateway which must be the vlan 55 SVI on the 4506 . If it is there is no logical reason why you shouldn't be able to ping those devices if the firewalls are disabled.   Also check over everything in your design as you adressing and mask indicate you have huge subnets using a /16 , very poor design .Understand that is not your design but just analyze what you have there.   How are the 2960's setup ?   I doubt they are doing the routing , the 4506 is .  Are they trunked back to the 4506's ?  Are all ports in the 2960 set in vlan 55 ?   If you have to have other vlans and ranges on the 2960's then you have to use trunked uplinks and then define the vlans on the 2960's unless your feeling adventurous and want to delve into the world of VTP . Yes most people will tell you not to do that unless you have a bigger network where you are always moving vlans around .

New Member

Re: VLAN config issue

The 2960  is set up with all ports in vlan 55 and the link back to the 4506 is a trunk port.  The 4506 port is set up the same.

4506

interface Vlan55

ip address 10.55.1.1 255.255.255.0

Port to 2960

interface GigabitEthernet2/10

switchport access vlan 55

switchport mode trunk

2960

interface Vlan55

ip address 10.55.1.3 255.255.255.0

ip helper-address 10.10.1.41  -- DHCP server

ip helper-address 10.10.11.2 -- wireless controller

port to 4506

interface GigabitEthernet1/0/52

switchport access vlan 55

switchport mode trunk

ip route 0.0.0.0 0.0.0.0 10.55.1.1

When i plug in a device with a static ip, for example, 10.20.1.250, SM 255.255.0.0, DG 10.20.1.1 it does not work.  These are not PC''s .  They are allen bradly controllers that are installed on equipment like air compressors and heaters so our maintenanse department can monitor everything.  Theses devices will not be in every switch and have been installed way before i started working here.  I set up a pc using a address in the 10.20 range and cant even ping the switch that is plugged into. 

New Member

Re: VLAN config issue

jack,

why do you have "switchport access vlan 55" in your trunk port?  maybe that's why.

switchport access vlan command should be in your access switches' ports like the 2960 where your access devices (workstations, servers, printers, etc) are plugged in.

4506

interface Vlan55

ip address 10.55.1.1 255.255.255.0

Port to 2960

interface GigabitEthernet2/10

switchport access vlan 55  (try to remove/replace this with, switchport trunk encapsulation dot1q)

switchport mode trunk

(and add switchport nonegotiate)

----------------------------------------------------------------------------------------------------

2960

interface Vlan55

ip address 10.55.1.3 255.255.255.0

ip helper-address 10.10.1.41  -- DHCP server

ip helper-address 10.10.11.2 -- wireless controller

port to 4506

interface GigabitEthernet1/0/52

switchport access vlan 55  (i think you should remove this)

switchport mode trunk

(add, switchport nonegotiate)

New Member

VLAN config issue

Dont i need the swichport access command?

I do not have the switch port encapsulation command

4506(config-if)#switchport trunk ?

  allowed  Set allowed VLAN characteristics when interface is in trunking mode

  native   Set trunking native characteristics when interface is in trunking

           mode

  pruning  Set pruning VLAN characteristics when interface is in trunking mode


                        



New Member

Re: VLAN config issue

No, you don't.

Also, I think routing should be on your 4506 and not on 2960.

2960's are definitely layer 2/access switches and not capable of routing.

Refer to this thread:

https://supportforums.cisco.com/thread/2061029

On your 4506, try this:

interface GigabitEthernet2/10

switchport

switchport trunk ?

it should have encapsulation command.

New Member

VLAN config issue

Routing is enabled on the 4506.  The above example was from the 4506: 

4506(config-if)#switchport trunk ?

  allowed  Set allowed VLAN characteristics when interface is in trunking mode

  native   Set trunking native characteristics when interface is in trunking

           mode

  pruning  Set pruning VLAN characteristics when interface is in trunking mode

The 2960x does have limited layer 3 features after IOS 12.2(55)SE.  You can set static routes but no routing protocols.

New Member

VLAN config issue

That is incorrect, it is true the 2960 is a L2 switch, the 'X', however, is L3 capable.

But as said, you should not be configuring your trunk ports as access ports, by default all VLANS are a member of the trunk group, without a trunk configured the traffic will never be able to leave the switch (Unless it's sourced from the native VLAN), which yours isn't!

You need to understand the basics as you have multiple problems, from your last comment the reason you can't ping the SVI (the switch) is because it and the node connected are on different networks, i.e. 10.20.x.x and 10.55.x.x.

Also check the SVI is not shutdown!

Sometimes you don't always have a choice of encapsulation, it is only the higher end switches that provide both dot1q and ISL, hence you have to specify which will be used, the latter is being deprecated anyway.

Martin

Purple

VLAN config issue

On your 2960 you need to define the vlans that Allen bradley controllers are currently  on  and set the ports they are attached to to those vlans and if the trunking is setup right it should work .  If for instance they are currently in say vlan 20 on the 2960  define this.  Adjust your vlan for whatever they are currently using.

conf t'

vlan 20

name AB-controller

interf g0/20

descr AB controller

switchport mode access

switchport access 20

switchport host

New Member

This is how it looks now:

This is how it looks now:  

2960

interface GigabitEthernet1/0/52   -- port to 4506
 switchport mode trunk

interface GigabitEthernet1/0/13 -- Port of the 10.20. device
 switchport access vlan 140
 switchport mode access
 spanning-tree portfast

 

4506:

interface GigabitEthernet4/48
 switchport mode trunk

 

Still can not talk to the 10.20. device.  

 

 

 

 

 

409
Views
0
Helpful
19
Replies
CreatePlease to create content