cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6589
Views
0
Helpful
11
Replies

Vlan trunk problem

mstraetemans
Level 1
Level 1

Hi,

 

Im configuring a vlan trunk between 2 switches but I'm having a problem somehow.

Switch 1 a Cisco 3750G n
name: alrswcc00

interface GigabitEthernet1/0/28
 description Uplink Alrswcc20
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1-30
 switchport mode trunk
end

 

Name: Gi1/0/28
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: 1-30
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

 

Switch 2 a Cisco 2960S
name: alrswcc20

interface GigabitEthernet1/0/25
 description Uplink Alrswcc00
 switchport trunk allowed vlan 1-30
 switchport mode trunk
end

Name: Gi1/0/24
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 10 (Inactive)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: 10,20,30,40
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled

 

Then lastly on switch 2 I created a port for an Ubiquiti access point with following settings.

interface GigabitEthernet1/0/24
 switchport trunk native vlan 10
 switchport trunk allowed vlan 10,20,30,40
 switchport mode trunk
end

But my AP doesn't seem the get an IP. Where as if I plug it in on Switch 1 it does with the same settings.
So I am assuming there is something wrong with my trunk. What am I doing wrong?

Thank you,

 

Michael

 

 

1 Accepted Solution

Accepted Solutions

Here are a couple of observations:

 

1.  The switchport trunk encap dot1q command was not applied on the 2960 because 802.1q trunking is the default.  The 2960 series switches do not support ISL encapsulation, as the OP observed.  There is, therefore, no need to manually specify the trunking protocol.  The show int g1/0/24 switchport command confirmed that trunking is working.  I find the show int g1/0/24 trunk command to be more informative in this context.  It tells you what VLANs are active and trunking between the connection.

2.  You do need to define VLANS 2-30 on your second switch. You can do so manually or you can configure VLAN Trunking Protocol (VTP).  VTP is your easiest bet.  Example config:

 

Switch 1
sw1(config)# vtp mode server
sw1(config)# vtp version 2
sw1(config)# vtp domain MY_DOMAIN
sw1(config)# vtp password MySecret
 

Issue a show vtp status  in priv exce mode to very your settings.

 

Switch 2

sw2# show vtp status

 

Do this command FIRST and make sure that the configuration revision number is smaller than the revision number of SW1.

 

VTP Operating Mode                : Client
Maximum VLANs supported locally   : 255
Number of existing VLANs          : 25
Configuration Revision            : 174

If config revision on SW2 is greater than config revision of SW1, then issue following command:

SW2(config)# vtp domain bogus
SW2(config)# vtp domain MY_Domain
SW2(config)# do show vtp status

Your config revision should go back to zero.

Now issue the same commands on SW2. 
SW2(config)# vtp version 2  (pretty sure that is default, but I issue it anyway)
SW2(config)# vtp mode client (means you cannot define VLANs on this switch.  Most admins prefer that only one switch be capable of creating VLANs).

 

SW2(config)# do sh vtp status

 

The config revision was important because injecting a switch into your network that has a higher VTP revision can overwrite your existing VLAN database.  If that happens, chances are that most of your network traffic will cease to function as all of your access ports will be in a VLAN mismatch mode.
 

 

View solution in original post

11 Replies 11

Reza Sharifi
Hall of Fame
Hall of Fame

Can you make Native vlan the same on all switches?

for test remove vlan 10 for now and leave 1 as default

no switchport trunk native vlan 10

HTH

I removed the native vlan 10 normally it should get an IP from my DHCP but this also doesn't work. Also maybe a stupid question but the vlans I defined on switch 1 do I also have to define them on switch 2? Because I havent defined all the vlans on switch 2 but the default vlan 1 should work normally.
 

Yes, try and configure the same exact vlans on both switches and test again.

BTW, for newer switches like 2960s, you don't need to specify encapsulation as dot1q, as that is already default.

HTH

Here are a couple of observations:

 

1.  The switchport trunk encap dot1q command was not applied on the 2960 because 802.1q trunking is the default.  The 2960 series switches do not support ISL encapsulation, as the OP observed.  There is, therefore, no need to manually specify the trunking protocol.  The show int g1/0/24 switchport command confirmed that trunking is working.  I find the show int g1/0/24 trunk command to be more informative in this context.  It tells you what VLANs are active and trunking between the connection.

2.  You do need to define VLANS 2-30 on your second switch. You can do so manually or you can configure VLAN Trunking Protocol (VTP).  VTP is your easiest bet.  Example config:

 

Switch 1
sw1(config)# vtp mode server
sw1(config)# vtp version 2
sw1(config)# vtp domain MY_DOMAIN
sw1(config)# vtp password MySecret
 

Issue a show vtp status  in priv exce mode to very your settings.

 

Switch 2

sw2# show vtp status

 

Do this command FIRST and make sure that the configuration revision number is smaller than the revision number of SW1.

 

VTP Operating Mode                : Client
Maximum VLANs supported locally   : 255
Number of existing VLANs          : 25
Configuration Revision            : 174

If config revision on SW2 is greater than config revision of SW1, then issue following command:

SW2(config)# vtp domain bogus
SW2(config)# vtp domain MY_Domain
SW2(config)# do show vtp status

Your config revision should go back to zero.

Now issue the same commands on SW2. 
SW2(config)# vtp version 2  (pretty sure that is default, but I issue it anyway)
SW2(config)# vtp mode client (means you cannot define VLANs on this switch.  Most admins prefer that only one switch be capable of creating VLANs).

 

SW2(config)# do sh vtp status

 

The config revision was important because injecting a switch into your network that has a higher VTP revision can overwrite your existing VLAN database.  If that happens, chances are that most of your network traffic will cease to function as all of your access ports will be in a VLAN mismatch mode.
 

 

Thank you very much I didn't know about this so I learned something now today! Very glad :)

Anyways here is a show int trunk for both switches.

alrswcc00#show int gi1/0/28 trunk

Port        Mode         Encapsulation  Status        Native vlan
Gi1/0/28    on           802.1q         trunking      1

Port        Vlans allowed on trunk
Gi1/0/28    1-30

Port        Vlans allowed and active in management domain
Gi1/0/28    1-4,6,10,20,30

Port        Vlans in spanning tree forwarding state and not pruned
Gi1/0/28    1-4,6,10,20,30

--

alrswcc20#show int gi1/0/25 trunk

Port        Mode             Encapsulation  Status        Native vlan
Gi1/0/25    on               802.1q         trunking      1

Port        Vlans allowed on trunk
Gi1/0/25    1-30

Port        Vlans allowed and active in management domain
Gi1/0/25    1-4,6,10,20,30

Port        Vlans in spanning tree forwarding state and not pruned
Gi1/0/25    1-4,6,10,20,30


And there is the actual port where the Unifi AP is connected to.

alrswcc20#show int gi1/0/24 trunk

Port        Mode             Encapsulation  Status        Native vlan
Gi1/0/24    on               802.1q         trunking      1

Port        Vlans allowed on trunk
Gi1/0/24    10,20,30,40

Port        Vlans allowed and active in management domain
Gi1/0/24    10,20,30

Port        Vlans in spanning tree forwarding state and not pruned
Gi1/0/24    10,20,30


Native VLAN normally should be 10 but for testing purposes I changed it to the default.

 

Great info!  Ok, so you aren't restricting any VLANs from passing on the trunk, but only VLANs 1-4,6,10,20, and 30 are active and forwarding on the trunk.  That means 5,7-10,11-19, and 21-29 are not forwarding.  If you have VLAN pruning enabled, then your switches will intelligently determine what VLANs do not need to pass on this trunk.  It may be that you simply do not have the latter VLANs defined on any of your access ports.  That is normal behavior when you have VLAN pruning enabled.

 

Now on to your AP:  I'm assuming that VLAN 10 is used for the management IP address?  I have no experience with non-Cisco APs, but I'm reasonably certain that is an ok config for autonomous APs in general.  Is it possible to take a known-working AP and plug it into that port?  Do you have other APs working in your network?

That's good indeed! VLAN 5,7-10,11-19, and 21-29 are not defined yet so that's why they are not forwarded. I didn't know the switches could determine this so VLAN pruning is something wonderful! :-)

Yes VLAN 10 is for the management IP address and VLAN 20 for an private WIFI and VLAN 30 for a guest WIFI. I send VLAN 10 as untagged and VLAN 20, 30 tagged on the AP.

But anyways I changed the native vlan back to 10 and just tested another AP and it's working like it should! Thank you procopius and the others for helping me. Much appreciated!

Kind regards,

Michael

martino-cisco
Level 1
Level 1

Hi,

From your configuration on Switch 2 you have this:

interface GigabitEthernet1/0/25
 description Uplink Alrswcc00
 switchport trunk allowed vlan 1-30
 switchport mode trunk
end

You did not specify the encapsulation type on that interface with the command 'switchport trunk encapsulation dot1q' but you have specified it correctly in Switch1.

Could this be your problem?

Yes I thought that too but when I try to do switchport trunk encapsulation dot1q it doesn't allow me. As if it doesn't recognize the command. I read about it that on some switches there is only 1 trunk option and that's dot1q.

That is true...Some switches have only one encapsulation type available. Can you show the running config on interface gi1/0/25 (that is the trunk port from Switch 2 connecting to switch 1). If i'm not mistaken you've only shown the config on interface gi1/0/24 where you connected the AP

I notice this on both switches

Pruning VLANs Enabled: 2-1001

and I wonder if this is part of the problem. Can you post the output of show vlan from both switches? Also the output of show interface trunk from both switches might be helpful.

 

HTH

 

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: