Re: Vlans and trunking problem (newbie).

piero.giobbi · ‎09-22-2007

Hi all.

Im trying to learn the basics of vlans and trunking. Im trying to do it by-the-book, just to get a grip on how it all works but i keep failing on this simple task : (. I have a Cisco freshly resetted 2940 with 3 VLANs:

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5

Fa0/6, Fa0/9, Gi0/1

10 external active

20 internal active Fa0/7

30 guests active Fa0/8

1002 fddi-default act/unsup

1003 token-ring-default act/unsup

1004 fddinet-default act/unsup

1005 trnet-default act/unsup

So, for example i want vlan 30 (port 8) to be able to surf thru the gateway (port 1, vlan 10). That would mean that port 1 has to be a trunk port (?). I set it up:

(conf t - int fast 0/1)

switchport access

switchport mode trunk

switchport mode trunk allowed vlans 10,20,30

Here i allow all vlans just to make sure i don't do any easy misstakes. But when i ping from port 8 i can't get out thru the gateway, somethings is wrong or missing.

When i take a look at the vlans i see that one is shutdown, when i try to make it no shutdown the other goes down, like this:

00:35:42: %LINK-3-UPDOWN: Interface Vlan10, changed state to up

00:35:43: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up

Switch(config-if)#interface vlan 30

Switch(config-if)#no shu

Switch(config-if)#

00:35:53: %LINK-3-UPDOWN: Interface Vlan30, changed state to up

00:35:53: %LINK-5-CHANGED: Interface Vlan10, changed state to administratively down

00:35:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan30, changed state to down

00:35:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to down

What am i doing wrong? I have active links on VLAN 10 and VLAN 30, they should both be able to stay active?

All help are greatly apreciated!

thx.

Oh, my conf:

Switch#sh run

Building configuration...

Current configuration : 1165 bytes

!

version 12.1

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Switch

!

ip subnet-zero

!

vtp mode transparent

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

vlan 10

name external

!

vlan 20

name internal

!

vlan 30

name guests

!

interface FastEthernet0/1

switchport access vlan 10

switchport mode access

!

interface FastEthernet0/2

switchport access vlan 10

!

interface FastEthernet0/3

switchport access vlan 10

!

interface FastEthernet0/4

switchport access vlan 10

!

interface FastEthernet0/5

switchport access vlan 10

!

interface FastEthernet0/6

switchport access vlan 10

!

interface FastEthernet0/7

switchport access vlan 10

switchport mode access

!

interface FastEthernet0/8

switchport access vlan 10

switchport mode access

!

interface FastEthernet0/9

!

interface GigabitEthernet0/1

!

interface Vlan1

no ip address

no ip route-cache

shutdown

!

interface Vlan10

no ip address

no ip route-cache

shutdown

!

interface Vlan30

no ip address

no ip route-cache

!

ip http server

!

line con 0

line vty 5 15

!

end

Switch>sh inventory

NAME: "Switch", DESCR: "Cisco Catalyst c2940 switch with 8 10/100 BaseTX ports, 1 100BASE-FX SM uplink po

rts and 1 SFP (Small Form Factor Plugable) Module slot"

Richard Burts · ‎09-23-2007

Piero

The first and most important thing to understand here is that your switch is a layer 2 switch. Several of your issues are directly related to this fact.

- a layer 2 switch can have only a single active VLAN interface. This is sometimes confusing because the switch can have several active VLANs but a VLAN interface is a layer 3 interface and a layer 2 switch can have only a single layer 3 interface (which is only for management purposes). This explains why when you no shut one VLAN interface the other VLAN interface goes shutdown.

- a layer 2 switch can forward multiple VLANs (and does not need any interface vlan x to do this) but a layer 2 switch can not forward between VLANs and you need a layer 3 device to do intervlan routing. This explains why you ping from porrt 8 but do not get anywhere. There is no layer 3 intervlan routing in what you have told us.

- a layer 2 switch with multiple VLANs will connect to the layer 3 device (could be a router or could be a layer 3 switch) via a trunk port. So your trunk port on your layer 2 switch needs to be the port that connects to the layer 3 device.

HTH

Rick

HTH

Rick

piero.giobbi · ‎09-24-2007

many thx for the excellent answer! I will go on with layer 3 device on the trunk port.